Syndrome decoding meets multiple instances

TL;DR

This paper explores syndrome decoding for multiple instances, proposing strategies involving precomputation and analyzing their impact on the security of post-quantum cryptographic schemes, with implications for algorithm efficiency.

Contribution

It introduces new strategies for syndrome decoding across multiple instances, including precomputation techniques and analysis of their security implications.

Findings

Precomputation reduces amortized complexity in decoding multiple instances.

The effectiveness of advanced variants is confirmed for one-out-of-many decoding.

Impact on concrete security of post-quantum schemes is discussed.

Abstract

The NP-hard problem of decoding random linear codes is crucial to both coding theory and cryptography. In particular, this problem underpins the security of many code based post-quantum cryptographic schemes. The state-of-art algorithms for solving this problem are the information syndrome decoding algorithm and its advanced variants. In this work, we consider syndrome decoding in the multiple instances setting. Two strategies are applied for different scenarios. The first strategy is to solve all instances with the aid of the precomputation technique. We adjust the current framework and distinguish the offline phase and online phase to reduce the amortized complexity. Further, we discuss the impact on the concrete security of some post-quantum schemes. The second strategy is to solve one out of many instances. Adapting the analysis for some earlier algorithm, we discuss the effectiveness of using advanced variants and confirm a related folklore conjecture.