Paolo Santini,Alessandro Barenghi,Gerardo Pelosi,Marco Baldi,Franco Chiaraluce

DOI: https://doi.org/10.48550/arXiv.1912.05182

2019-12-11

Abstract:Characterizing the decoding failure rate of iteratively decoded Low- and Moderate-Density Parity Check (LDPC/MDPC) codes is paramount to build cryptosystems based on them, able to achieve indistinguishability under adaptive chosen ciphertext attacks. In this paper, we provide a statistical worst-case analysis of our proposed iterative decoder obtained through a simple modification of the classic in-place bit-flipping decoder. This worst case analysis allows both to derive the worst-case behaviour of an LDPC/MDPC code picked among the family with the same length, rate and number of parity checks, and a code-specific bound on the decoding failure rate. The former result allows us to build a code-based cryptosystem enjoying the $\delta$-correctness property required by IND-CCA2 constructions, while the latter result allows us to discard code instances which may have a decoding failure rate significantly different from the average one (i.e., representing weak keys), should they be picked during the key generation procedure.

Cryptography and Security,Information Theory

Alessandro Annechini,Alessandro Barenghi,Gerardo Pelosi

2024-02-08

Abstract:Providing closed form estimates of the decoding failure rate of iterative decoder for low- and moderate-density parity check codes has attracted significant interest in the research community over the years. This interest has raised recently due to the use of iterative decoders in post-quantum cryptosystems, where the desired decoding failure rates are impossible to estimate via Monte Carlo simulations. In this work, we propose a new technique to provide accurate estimates of the DFR of a two-iterations (parallel) bit flipping decoder, which is also employable for cryptographic purposes. In doing so, we successfully tackle the estimation of the bit flipping probabilities at the second decoder iteration, and provide a fitting estimate for the syndrome weight distribution at the first iteration. We numerically validate our results, providing comparisons of the modeled and simulated weight of the syndrome, incorrectly-guessed error bit distribution at the end of the first iteration, and two-iteration Decoding Failure Rates (DFR), both in the floor and waterfall regime for simulatable codes. Finally, we apply our method to estimate the DFR of LEDAcrypt parameters, showing improvements by factors larger than $2^{70}$ (for NIST category $1$) with respect to the previous estimation techniques. This allows for a $\approx 20$% shortening in public key and ciphertext sizes, at no security loss, making the smallest ciphertext for NIST category $1$ only $6$% larger than the one of BIKE. We note that the analyzed two-iterations decoder is applicable in BIKE, where swapping it with the current black-gray decoder (and adjusting the parameters) would provide strong IND-CCA$2$ guarantees.

Cryptography and Security,Information Theory

Dimitris Chytas,Nithin Raveendran,Bane Vasić

2024-06-25

Abstract:Quantum low-density parity-check (QLDPC) codes have been proven to achieve higher minimum distances at higher code rates than surface codes. However, this family of codes imposes stringent latency requirements and poor performance under iterative decoding, especially when the variable degree is low. In this work, we improve both the error correction performance and decoding latency of variable degree-3 (dv-3) QLDPC codes under iterative decoding. Firstly, we perform a detailed analysis of the structure of a well-known family of QLDPC codes, i.e., hypergraph product-based codes. Then, we propose a decoding approach that stems from the knowledge of harmful configurations apparent in these codes. Our decoding scheme is based on applying a modified version of bit flipping (BF) decoding, namely two-bit bit flipping (TBF) decoding, which adds more degrees of freedom to BF decoding. The granularity offered by TBF decoding helps us design sets of decoders that operate in parallel and can collectively decode error patterns appearing in harmful configurations of the code, thus addressing both the latency and performance requirements. Finally, simulation results demonstrate that the proposed decoding scheme surpasses other iterative decoding approaches for various dv-3 QLDPC codes.

Information Theory,Quantum Physics

Nicolas Sendrier,Valentin Vasseur

DOI: https://doi.org/10.1007/978-3-030-44223-1_2

2020-01-01

Abstract:AbstractMcEliece-like code-based key exchange mechanisms using QC-MDPC codes can reach IND-CPA security under hardness assumptions from coding theory, namely quasi-cyclic syndrome decoding and quasi-cyclic codeword finding. To reach higher security requirements, like IND-CCA security, it is necessary in addition to prove that the decoding failure rate (DFR) is negligible, for some decoding algorithm and a proper choice of parameters. Getting a formal proof of a low DFR is a difficult task. Instead, we propose to ensure this low DFR under some additional security assumption on the decoder. This assumption relates to the asymptotic behavior of the decoder and is supported by several other works. We define a new decoder, Backflip, which features a low DFR. We evaluate the Backflip decoder by simulation and extrapolate its DFR under the decoder security assumption. We also measure the accuracy of our simulation data, in the form of confidence intervals, using standard techniques from communication systems.

Tofar C.-Y. Chang,Yu T. Su

DOI: https://doi.org/10.1109/TCOMM.2015.2469780

2015-08-25

Abstract:Bit-flipping (BF) decoding of low-density parity-check codes is of low complexity but gives inferior performance in general. To improve performance and provide new BF decoder options for complexity-performance tradeoffs, we propose new designs for the flipping function (FF), the flipped bit selection (FBS) rule and the checksum weight updating schedule. The new FF adjusts the checksum weights in every iteration while our FBS rules take more information into account. These two modifications represent efforts to track more closely the evolutions of both check and variable nodes' reliabilities. Two selective update schedules are proposed to offer more performance and complexity tradeoffs. The combinations of the new FBS rule and known FFs result in new BF decoders with improved performance and a modest complexity increase. On the other hand, combining the new FF and FBS rule gives a new decoder with performance comparable to that of the normalized min-sum algorithm while if we use a much simpler FBS rule instead, the decoder suffers little performance loss with reduced complexity. We also present a simple decision-theoretical argument to justify the new checksum weight formula and a time-expanded factor graph model to explain the proposed selective weight-updating schedules.

Information Theory

张仲金,高明伦,沙金,李丽,董岚

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2008.07.025

2008-01-01

Abstract:A new low complexity and implement efficient bit-flipping decoding algorithm for Low-Density Parity-Check(LDPC) codes is presented in this paper.The proposed algorithm computes the flipping function by the intrinsic value of the message node,and it reduces the requirement of the information from other message nodes.So,it has a lower complexity and still guarantees the reliability of the flipping function.The simulation results for RS-based LDPC codes using the proposed algorithm show that it has the performance approaching the IMWBF algorithm or even better.

XIE Dong-jue,ZHANG Xing-gan,TANG Lan

DOI: https://doi.org/10.3969/j.issn.1004-373x.2011.03.004

2011-01-01

Abstract:The bit-flipping(BF) algorithm of low density parity check(LDPC) code has low computation complexity and great practicability.On the basis of studying simple BF,WBF and RRWBF,an improved BF algorithm is proposed on considering the reliability ratio and absolute value of symbol.The proposed algorithm flips more than one bit in each iteration.Simulation results indicate that compared with RRWBF,the error rate of the proposed algorithm with 5 dB is improved from 10-3 to 10-4.

Zhengya Zhang,L. Dolecek,B. Nikolic,V. Anantharam,M. Wainwright,Lara Dolecek,Borivoje Nikolic,Venkat Anantharam,Martin Wainwright

DOI: https://doi.org/10.1109/tcomm.2009.11.080105

IF: 6.166

2009-11-01

IEEE Transactions on Communications

Abstract:Many classes of high-performance low-density parity-check (LDPC) codes are based on parity check matrices composed of permutation submatrices. We describe the design of a parallel-serial decoder architecture that can be used to map any LDPC code with such a structure to a hardware emulation platform. High-throughput emulation allows for the exploration of the low bit-error rate (BER) region and provides statistics of the error traces, which illuminate the causes of the error floors of the (2048, 1723) Reed-Solomon based LDPC (RS-LDPC) code and the (2209, 1978) array-based LDPC code. Two classes of error events are observed: oscillatory behavior and convergence to a class of non-codewords, termed absorbing sets. The influence of absorbing sets can be exacerbated by message quantization and decoder implementation. In particular, quantization and the log-tanh function approximation in sum-product decoders strongly affect which absorbing sets dominate in the errorfloor region. We show that conventional sum-product decoder implementations of the (2209, 1978) array-based LDPC code allow low-weight absorbing sets to have a strong effect, and, as a result, elevate the error floor. Dually-quantized sum-product decoders and approximate sum-product decoders alleviate the effects of low-weight absorbing sets, thereby lowering the error floor.

telecommunications,engineering, electrical & electronic

Jin Sha,Minglun Gao,Zhongjin Zhang,Li,Zhongfeng Wang

2006-01-01

Abstract:Low Density Parity Check (LDPC) codes can be decoded in various ways, namely the Bit-Flipping (BF) algorithm, the Weighted BF algorithm (WBF), the Belief Propagation (BP) algorithm and so on. These algorithms provide a wide range of tradeoffs among decoding complexity, decoding speed, and error rate performance. In this paper, a novel self-reliability-based weighted bit-flipping decoding scheme for low-density parity-check codes is proposed. Improvement in performance is observed in comparison with the modified weighted bit-flipping decoding scheme, and the decoding complexity can be significantly reduced as well.

Qing Zhu,Lenan Wu

DOI: https://doi.org/10.1109/CECNet.2013.6703435

2013-01-01

Abstract:In order to improve the bit-flipping (BF) decoding algorithms, a weighted hard-decision based BF decoding algorithm for low-density parity-check (LDPC) codes is presented, in which the weights of variable-nodes are employed. A new metric is defined for the weight of candidate bits not only in unsatisfied parity check equations but also in satisfied ones. The connection between min-sum decoding algorithm and the proposed algorithm is presented. Simulation results show that the new decoding algorithm can provide better FER performance and faster convergence speed than the original candidate bit based bit-flipping (CBBF) algorithm.

Guangjun Ge,Liuguo Yin

DOI: https://doi.org/10.1155/2018/7658093

2018-01-01

Wireless Communications and Mobile Computing

Abstract:Unreliable message storage severely degrades the performance of LDPC decoders. This paper discusses the impacts of message errors on LDPC decoders and schemes improving the robustness. Firstly, we develop a discrete density evolution analysis for faulty LDPC decoders, which indicates that protecting the sign bits of messages is effective enough for finite-precision LDPC decoders. Secondly, we analyze the effects of quantization precision loss for static sign bit protection and propose an embedded dynamic coding scheme by adaptively employing the least significant bits (LSBs) to protect the sign bits. Thirdly, we give a construction of Hamming product code for the adaptive coding and present low complexity decoding algorithms. Theoretic analysis indicates that the proposed scheme outperforms traditional triple modular redundancy (TMR) scheme in decoding both threshold and residual errors, while Monte Carlo simulations show that the performance loss is less than 0.2 dB when the storage error probability varies from 10-3 to 10-4.

Jin Sha,MingLun Gao,Zhongjin Zhang,Lì Lì,Zhongfeng Wang

2006-01-01

WSEAS TRANSACTIONS ON COMMUNICATIONS

Abstract:Low Density Parity Check (LDPC) codes have received lot of attention for the excellent error correcting performance they can offer. This paper presents a low complexity Bit-Flipping based LDPC codes decoding algorithm, named Self Reliability Based Weighted Bit-Flipping decoding algorithm. Improvement in error correcting performance and converge speed is observed in comparison with the modified weighted bit-flipping decoding scheme, and the decoding complexity can be significantly reduced as well. The routing problem for implementing decoders with large codeword length can be totally eliminated.

Tadashi Wadayama,Keisuke Nakamura,Masayuki Yagita,Yuuki Funahashi,Shogo Usami,Ichi Takumi

DOI: https://doi.org/10.1109/tcomm.2010.06.090046

IF: 6.166

2010-06-01

IEEE Transactions on Communications

Abstract:A novel class of bit-flipping (BF) algorithm for decoding low-density parity-check (LDPC) codes is presented. The proposed algorithms, which are referred to as gradient descent bit flipping (GDBF) algorithms, can be regarded as simplified gradient descent algorithms. The proposed algorithms exhibit better decoding performance than known BF algorithms, such as the weighted BF algorithm or the modified weighted BF algorithm for several LDPC codes.

telecommunications,engineering, electrical & electronic

Gao-yuan Zhang,Liang Zhou,Wei-wei Su,Hong Wen

DOI: https://doi.org/10.3724/SP.J.1146.2012.01728

2013-01-01

Abstract:Considering the Weighted Bit Flipping (WBF) and Modified Weighted Bit Flipping (MWBF) decoding algorithms for Low Density Parity-Check (LDPC) codes, a modified algorithm is proposed in this paper. Based on Average Magnitude (AM), a more simple and efficient method for computing the reliability of the parity checks is introduced to improve the flipping criterion. Simulation results show that the performance of the improved scheme is better than that of WBF and MWBF algorithms about 1.65 dB and 1.36 dB at BER of 510- in the presence of AWGN, while the average number of decoding iterations is reduced by 18.2%~39.91% and 17.54%~34.78%, respectively.

Alla Tarighati,Hamed Farhadi,Farshad Lahouti

DOI: https://doi.org/10.48550/arXiv.1501.02483

2015-06-01

Abstract:We address noisy message-passing decoding of lowdensity parity-check (LDPC) codes over additive white Gaussian noise channels. Message-passing decoders in which certain processing units iteratively exchange messages are common for decoding LDPC codes. The exchanged messages are in general subject to internal noise in hardware implementation of these decoders. We model the internal decoder noise as additive white Gaussian noise (AWGN) degrading exchanged messages. Using Gaussian approximation of the exchanged messages, we perform a two-dimensional density evolution analysis for the noisy LDPC decoder. This makes it possible to track both the mean, and the variance of the exchanged message densities, and hence, to quantify the threshold of the LDPC code in the presence of internal decoder noise. The numerical and simulation results are presented that quantify the performance loss due to the internal decoder noise. To partially compensate this performance loss, we propose a simple method, based on EXIT chart analysis, to design robust irregular LDPC codes. The simulation results indicate that the designed codes can indeed compensate part of the performance loss due to the internal decoder noise.

Information Theory

Marco Baldi

DOI: https://doi.org/10.3233/978-1-60750-002-5-160

2009-01-11

Abstract:The McEliece cryptosystem is a public-key cryptosystem based on coding theory that has successfully resisted cryptanalysis for thirty years. The original version, based on Goppa codes, is able to guarantee a high level of security, and is faster than competing solutions, like RSA. Despite this, it has been rarely considered in practical applications, due to two major drawbacks: i) large size of the public key and ii) low transmission rate. Low-Density Parity-Check (LDPC) codes are state-of-art forward error correcting codes that permit to approach the Shannon limit while ensuring limited complexity. Quasi-Cyclic (QC) LDPC codes are a particular class of LDPC codes, able to join low complexity encoding of QC codes with high-performing and low-complexity decoding of LDPC codes. In a previous work it has been proposed to adopt a particular family of QC-LDPC codes in the McEliece cryptosystem to reduce the key size and increase the transmission rate. Recently, however, new attacks have been found that are able to exploit a flaw in the transformation from the private key to the public one. Such attacks can be effectively countered by changing the form of some constituent matrices, without altering the system parameters. This work gives an overview of the QC-LDPC codes-based McEliece cryptosystem and its cryptanalysis. Two recent versions are considered, and their ability to counter all the currently known attacks is discussed. A third version able to reach a higher security level is also proposed. Finally, it is shown that the new QC-LDPC codes-based cryptosystem scales favorably with the key length.

Information Theory

Antonio deMarti iOlius,Josu Etxezarreta Martinez

2024-02-14

Abstract:Quantum error correction is the building block for constructing fault-tolerant quantum processors that can operate reliably even if its constituting elements are corrupted by decoherence. In this context, real-time decoding is a necessity for implementing arbitrary quantum computations on the logical level. In this work, we present a new decoder for Quantum Low Density Parity Check (QLDPC) codes, named the closed-branch decoder, with a worst-case complexity loosely upper bounded by $\mathcal{O}(n\text{max}_{\text{gr}}\text{max}_{\text{br}})$, where $\text{max}_{\text{gr}}$ and $\text{max}_{\text{br}}$ are tunable parameters that pose the accuracy versus speed trade-off of decoding algorithms. For the best precision, the $\text{max}_{\text{gr}}\text{max}_{\text{br}}$ product increases exponentially as $\propto dj^d$, where $d$ indicates the distance of the code and $j$ indicates the average row weight of its parity check matrix. Nevertheless, we numerically show that considering small values that are polynomials of the code distance are enough for good error correction performance. The decoder is described to great extent and compared with the Belief Propagation Ordered Statistics Decoder (BPOSD) operating over data qubit, phenomenological and circuit-level noise models for the class of Bivariate Bicycle (BB) codes. The results showcase a promising performance of the decoder, obtaining similar results with much lower complexity than BPOSD when considering the smallest distance codes, but experiencing some logical error probability degradation for the larger ones. Ultimately, the performance and complexity of the decoder depends on the product $\text{max}_{\text{gr}}\text{max}_{\text{br}}$, which can be considered taking into account benefiting one of the two aspects at the expense of the other.

Quantum Physics

Louis Golowich,Venkatesan Guruswami

2024-11-07

Abstract:Quantum low-density parity-check (qLDPC) codes are an important component in the quest for quantum fault tolerance. Dramatic recent progress on qLDPC codes has led to constructions which are asymptotically good, and which admit linear-time decoders to correct errors affecting a constant fraction of codeword qubits. These constructions, while theoretically explicit, rely on inner codes with strong properties only shown to exist by probabilistic arguments, resulting in lengths that are too large to be practically relevant. In practice, the surface/toric codes, which are the product of two repetition codes, are still often the qLDPC codes of choice. A previous construction based on the lifted product of an expander-based classical LDPC code with a repetition code (Panteleev & Kalachev, 2020) achieved a near-linear distance (of $\Omega(N/\log N)$ where $N$ is the number of codeword qubits), and avoids the need for such intractable inner codes. Our main result is an efficient decoding algorithm for these codes that corrects $\Theta(N/\log N)$ adversarial errors. En route, we give such an algorithm for the hypergraph product version these codes, which have weaker $\Theta(\sqrt{N})$ distance (but are simpler). Our decoding algorithms leverage the fact that the codes we consider are quasi-cyclic, meaning that they respect a cyclic group symmetry. Since the repetition code is not based on expanders, previous approaches to decoding expander-based qLDPC codes, which typically worked by greedily flipping code bits to reduce some potential function, do not apply in our setting. Instead, we reduce our decoding problem (in a black-box manner) to that of decoding classical expander-based LDPC codes under noisy parity-check syndromes. For completeness, we also include a treatment of such classical noisy-syndrome decoding that is sufficient for our application to the quantum setting.

Quantum Physics,Information Theory

ZHANG Gao-yuan,ZHOU Liang,WEN Hong

DOI: https://doi.org/10.3969/j.issn.1001-0548.2015.04.008

2015-01-01

Abstract:An extrinsic reliability adjustment (ERA) scheme of low-density parity-check (LDPC) codes is proposed in this paper based on theoretical analysis of the physical significance for two previous weighted bit-flipping (WBF) algorithms, which have less complexity with poor error correcting performance. The novel scheme significantly improves the check-node realiability accuracy of the two previous WBF algorithms. Therefore, the flipping efficiency of the novel decoding algorithm is increased. The extensive simulations prove that the ERA scheme can obviously improves the performance of the two previous WBF algorithms and a great decoding gain is obtained over an AWGN channel, which achieves an appealing tradeoff between performance and complexity.

Y Cao,XM Shan,Y Ren

DOI: https://doi.org/10.1093/ietfec/e88-a.5.1384

2005-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:We present a simple decoding algorithm that modifies soft bit-flipping algorithm for decoding LDPC codes. In our method, a new parameter is explored to distinguish the variables (symbols) belonging to the same number of unsatisfied constraints. A token is also assigned in the method to avoid repeated flipping of the same variable, rather than using a constant taboo length. Our scheme shows a similar computational load as the taboo-based algorithm, while having a similar decoding performance as the belief propagation algorithm.