A New Path to Code-based Signatures via Identification Schemes with Restricted Errors
In this paper we introduce a variant of the Syndrome Decoding Problem (SDP), that we call Restricted SDP (R-SDP), in which the entries of the searched vector are defined over a subset of the underlying finite field. We prove the NP-completeness of R-SDP, via a reduction from the canonical SDP, and describe how information set decoding algorithms can be adapted to solve this new problem. We study the properties of random codes under this new decoding perspective (in the fashion of traditional coding theory results), in order to derive the conditions upon which R-SDP has a unique solution with overwhelming probability. As a concrete application, we describe how Zero-Knowledge Identification (ZK-ID) schemes based on SDP can be tweaked to rely on R-SDP, and show that this leads to compact public keys as well as significantly reduced communication costs. Thus, these schemes offer an improved basis for the construction of code-based digital signature schemes derived from identification schemes through the well-know Fiat-Shamir transformation.
READ FULL TEXT