The HQC post-quantum cryptosystem enables two parties to share noisy versions of a common secret binary string, and an error-correcting code is required to deal with the mismatch between both versions. This code is required to deal with binary symmetric channels with as large a transition parameter as possible, while guaranteeing, for cryptographic reasons, a decoding error probability of provably not more than 2^-128. This requirement is non-standard for digital communications, and modern coding techniques are not amenable to this setting. This paper explains how this issue is addressed in the last version of HQC: precisely, we introduce a coding scheme that consists of concatenating a Reed–Solomon code with the tensor product of a Reed–Muller code and a repetition code. We analyze its behavior in detail and show that it significantly improves upon the previous proposition for HQC, which consisted of tensoring a BCH and a repetition code. As additional results, we also provide a better approximation of the weight distribution for HQC error vectors, and we remark that the size of the exchanged secret in HQC can be reduced to match the protocol security which also significantly improves performance.

HQC 后量子密码系统使双方能够共享公共秘密二进制字符串的噪声版本，并且需要一个纠错码来处理两个版本之间的不匹配。此代码需要处理具有尽可能大 transition 参数的二进制对称通道，同时出于加密原因保证解码错误概率可证明不超过 ^2-128。此要求对于数字通信来说是非标准的，并且现代编码技术不适合此设置。本文解释了在上一个版本的 HQC 中如何解决这个问题：准确地说，我们引入了一种编码方案，该方案包括将 Reed-Solomon 码与 Reed-Muller 码和重复码的张量积连接起来。我们详细分析了它的行为，并表明它显着改进了 HQC 的先前命题，该命题包括张量 BCH 和重复代码。作为额外的结果，我们还提供了 HQC 误差向量权重分布的更好近似值，并且我们注意到 HQC 中交换的密钥的大小可以减小以匹配协议安全性，这也显着提高了性能。