Although there are no practical quantum computers yet, many believe it is only a matter of decades before they become a reality. This threatens most public-key cryptosystems, especially the widely used RSA. There is a need to develop post-quantum cryptosystems, that is cryptosystems that remain secure against an adversary equiped with a quantum computer. The National Institute of Standards and Technology (NIST) announced in 2016 a call for standardization of post-quantum cryptosystems. The cryptosystems proposed in response for this call are available online and most of them are based on two families of problems: error-correcting codes and lattices. My work is dedicated to the design and analysis of the security of the cryptosystems based on error-correcting codes, especially in the context of the NIST standardization process.

  • Security analysis of code-based cryptosystems. Among the 69 proposals that the NIST juged "complete and proper", 23 rely on the hardness of problems from coding theory. These cryptosystems need to be thoroughly studied. We found attacks on two proposals (Edon-K and RLCE) and are still studying remaining proposals.

  • Syndrome Decoding in large weight. Most code-based cryptosystems rely on the Syndrome Decoding problem. It is therefore very important to understand the complexity of this problem. We studied this problem in the non-binary case, especially in a ternary field, and showed that finding large-weight codewords is an interestingly difficult problem. This problem is used in the new code-based signature, called Wave. We intend to study the complexity of the problem for larger fields.

  • Practical security of generic decoding. While there is a lot of litterature concerning the theoritical security of the syndrome decoding problem, it is sometimes difficult to relate this to the practical complexity of solving instances of the problem. Therefore we launched a website with code-based challenges to solve:

  • Decoding of QC-MDPC codes. The goal of this project is to study the decoding of the Quasi-cyclic Moderate Density Parity Check (QC-MDPC) codes. These codes are very promising for post-quantum cryptography and are used in the BIKE cryptosystem, submitted to the NIST standardization process. In order for these codes to be used for cryptography, one needs to have an efficient decoder with an extremely low decoding failure rate. Besides, recent attacks (following [GJS16]) show that the decoder must run in constant time. We are working on the developpement of state-of-the art decoders achieving both properties.

  • Papers in International Peer-Reviewed Conferences