Designs, Codes and Cryptography

, Volume 86, Issue 2, pp 319–340 | Cite as

Extension of Overbeck’s attack for Gabidulin-based cryptosystems

  • Anna-Lena Horlemann-Trautmann
  • Kyle Marshall
  • Joachim Rosenthal
Part of the following topical collections:
  1. Special Issue on Network Coding and Designs


Cryptosystems based on codes in the rank metric were introduced in 1991 by Gabidulin, Paramanov, and Tretjakov (GPT) and have been studied as a promising alternative to cryptosystems based on codes in the Hamming metric. In particular, it was observed that the combinatorial solution for solving the rank analogy of the syndrome decoding problem appears significantly harder. Early proposals were often made with an underlying Gabidulin code structure. Gibson, in 1995, made a promising attack which was later extended by Overbeck in 2008 to cryptanalyze many of the systems in the literature. Improved systems were then designed to resist the attack of Overbeck and yet continue to use Gabidulin codes. In this paper, we generalize Overbeck’s attack to break the GPT cryptosystem for all possible parameter sets, and then extend the attack to cryptanalyze particular variants which explicitly resist the attack of Overbeck.


Cryptography Public key cryptography Rank metric Gabidulin codes Coding theory 

Mathematics Subject Classification

94B05 11T71 14G50 81P94 



This work was supported by SNF Grant No. 149716.


  1. 1.
    Berger T.P.: Isometries for rank distance and permutation group of Gabidulin codes. IEEE Trans. Inf. Theory 49(11), 3016–3019 (2003).MathSciNetCrossRefMATHGoogle Scholar
  2. 2.
    Chabaud F., Stern J.: The cryptographic security of the syndrome decoding problem for rank distance codes. In: Advances in Cryptology—ASIACRYPT ’96, International Conference on the Theory and Applications of Cryptology and Information Security, Kyongju, Korea, November 3–7, 1996, Proceedings, pp. 368–381 (1996).Google Scholar
  3. 3.
    Gabidulin E.M.: Theory of codes with maximum rank distance. Probl. Pereda. Inform. 21(1), 3–16 (1985).MathSciNetMATHGoogle Scholar
  4. 4.
    Gabidulin E.M.: Attacks and counter-attacks on the GPT public key cryptosystem. Des. Codes Cryptogr. 48(2), 171–177 (2008).MathSciNetCrossRefMATHGoogle Scholar
  5. 5.
    Gabidulin E.M., Paramonov A.V., Tretjakov O.V.: Ideals over a non-commutative ring and their application in cryptology. In: Proceedings of the 10th Annual International Conference on Theory and Application of Cryptographic Techniques, EUROCRYPT’91, pp. 482–489. Springer, Berlin (1991).Google Scholar
  6. 6.
    Gabidulin E.M., Rashwan H., Honary B.: On improving security of GPT cryptosystems. In: IEEE International Symposium on Information Theory, 2009 (ISIT 2009), pp. 1110–1114 (2009).Google Scholar
  7. 7.
    Gaborit P., Ruatta O., Schrek J., Zémor G.: New results for rank-based cryptography. In: Progress in Cryptology—AFRICACRYPT 2014—7th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 28–30, 2014, Proceedings, pp. 1–12 (2014).Google Scholar
  8. 8.
    Gaborit P., Ruatta O., Schrek J.: On the complexity of the rank syndrome decoding problem. IEEE Trans. Inf. Theory 62(2), 1006–1019 (2016).MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Gibson J.K.: Severely denting the Gabidulin version of the McEliece public key cryptosystem. Des. Codes Cryptogr. 6(1), 37–45 (1995).MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Giorgetti M., Previtali A.: Galois invariance, trace codes and subfield subcodes. Finite Fields Their Appl. 16(2), 96–99 (2010).MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Horlemann-Trautmann A.-L., Marshall K.: New criteria for MRD and Gabidulin codes and some rank-metric code constructions. arXiv:1507.08641 (2015).
  12. 12.
    Horlemann-Trautmann A.-L., Marshall K., Rosenthal J.: Considerations for rank-based cryptosystems. In: Proceedings of the IEEE International Symposium on Information Theory (ISIT 2016), Barcelona, pp. 2544–2548 (2016).Google Scholar
  13. 13.
    Kshevetskiy A.: Security of GPT-like public-key cryptosystems based on linear rank codes. In: 3rd International Workshop on Signal Design and Its Applications in Communications, 2007 (IWSDA 2007), pp. 143–147 (2007).Google Scholar
  14. 14.
    Loidreau P.: Designing a rank metric based McEliece cryptosystem. In: Proceedings of the Third International Conference on Post-Quantum Cryptography (PQCrypto’10), pp. 142–152. Springer, Berlin (2010).Google Scholar
  15. 15.
    McEliece R.J.: A public-key cryptosystem based on algebraic coding theory. Deep Space Netw. Progr. Rep. 44, 114–116 (1978).Google Scholar
  16. 16.
    Morrison K.: Equivalence for rank-metric and matrix codes and automorphism groups of Gabidulin codes. IEEE Trans. Inf. Theory 60(11), 1–12 (2014).MathSciNetCrossRefMATHGoogle Scholar
  17. 17.
    Ourivski A.V., Johansson T.: New technique for decoding codes in the rank metric and its cryptography applications. Probl. Inf. Transm. 38(3), 237–246 (2002).MathSciNetCrossRefMATHGoogle Scholar
  18. 18.
    Overbeck R.: Structural attacks for public key cryptosystems based on Gabidulin codes. J. Cryptol. 21(2), 280–301 (2008).MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Rashwan H., Gabidulin E.M., Honary B.: A smart approach for GPT cryptosystem based on rank codes. In: IEEE International Symposium on Information Theory, ISIT 2010, June 13–18, 2010, Austin, Texas, USA, Proceedings, pp. 2463–2467 (2010).Google Scholar
  20. 20.
    Sidelnikov V.M., Shestakov S.O.: On insecurity of cryptosystems based on generalized Reed-Solomon codes. Discrete Math. Appl. 2, 439–444 (1992).MathSciNetGoogle Scholar
  21. 21.
    Silva D., Kschischang F.R.: Fast encoding and decoding of Gabidulin codes. In: IEEE International Symposium on Information Theory, 2009 (ISIT 2009), pp. 2858–2862 (2009).Google Scholar
  22. 22.
    Wachter-Zeh A.: Bounds on list decoding of rank-metric codes. IEEE Trans. Inf. Theory 59(11), 7268–7277 (2013).MathSciNetCrossRefMATHGoogle Scholar
  23. 23.
    Wachter-Zeh A., Afanassiev V., Sidorenko V.: Fast decoding of Gabidulin codes. Des. Codes Cryptogr. 66(1), 57–73 (2013).MathSciNetCrossRefMATHGoogle Scholar
  24. 24.
    Wan Z.-X.: Geometry of matrices. World Scientific, Singapore (1996). In memory of Professor L.K. Hua (1910–1985).Google Scholar

Copyright information

© Springer Science+Business Media New York 2017

Authors and Affiliations

  • Anna-Lena Horlemann-Trautmann
    • 1
  • Kyle Marshall
    • 2
  • Joachim Rosenthal
    • 2
  1. 1.University of St. GallenSt. GallenSwitzerland
  2. 2.Universität ZürichZurichSwitzerland

Personalised recommendations