Extended Gabidulin-Kronecker Product Codes and Their Application to Cryptosystems

Abstract

In this paper, we initiate the study of Extended Gabidulin codes with a Kronecker product structure and propose three enhanced variants of the Rank Quasi-Cyclic (RQC) (Melchor et.al., IEEE IT, 2018) cryptosystem. First, we establish precise bounds on the minimum rank distance of Gabidulin-Kronecker product codes under two distinct parameter regimes. Specifically, when n1=k1 and n2=m<n1n2, the minimum rank distance is exactly n2-k2+1. This yields a new family of Maximum Rank Distance (MRD) codes, which are distinct from classical Gabidulin codes. For the case of k1≤ n1,k2≤ n2,n1n2≤ m, the minimum rank distance d of Gabidulin-Kronecker product codes satisfies a tight upper and lower bound, i.e., n2-k2+1 ≤ d ≤ (n1-k1+1)(n2-k2+1). Second, we introduce a new class of decodable rank-metric codes, namely Extended Gabidulin-Kronecker product (EGK) codes, which generalize the structure of Gabidulin-Kronecker product (GK) codes. We also propose a decoding algorithm that directly retrieves the codeword without recovering the error vector, thus improving efficiency. This algorithm achieves zero decoding failure probability when the error weight is within its correction capability. Third, we propose three enhanced variants of the RQC cryptosystem based on EGK codes, each offering a distinct trade-off between security and efficiency. For 128-bit security, all variants achieve significant reductions in public key size compared to the Multi-UR-AG (Bidoux et.al., IEEE IT, 2024) while ensuring zero decryption failure probability--a key security advantage over many existing rank-based schemes.