Both horizontal interleaving as well as the sum-rank metric are currently attractive topics in the field of code-based cryptography, as they could mitigate the problem of large key sizes. In contrast to vertical interleaving, where codewords are stacked vertically, each codeword of a horizontally $s$-interleaved code is the horizontal concatenation of $s$ codewords of $s$ component codes. In the case of horizontally interleaved linearized Reed-Solomon (HILRS) codes, these component codes are chosen to be linearized Reed-Solomon (LRS) codes. We provide a Gao-like decoder for HILRS codes that is inspired by the respective works for non-interleaved Reed-Solomon and Gabidulin codes. By applying techniques from the theory of minimal approximant bases, we achieve a complexity of $\tilde{\mathcal{O}}(s^{2.373} n^{1.635})$ operations in $\mathbb{F}_{q^m}$, where $\tilde{\mathcal{O}}(\cdot)$ neglects logarithmic factors, $s$ is the interleaving order and $n$ denotes the length of the component codes. For reasonably small interleaving order $s \ll n$, this is subquadratic in the component-code length $n$ and improves over the only known syndrome-based decoder for HILRS codes with quadratic complexity. Moreover, it closes the performance gap to vertically interleaved LRS codes for which a decoder of complexity $\tilde{\mathcal{O}}(s^{2.373} n^{1.635})$ is already known. We can decode beyond the unique-decoding radius and handle errors of sum-rank weight up to $\frac{s}{s + 1} (n - k)$ for component-code dimension $k$. We also give an upper bound on the failure probability in the zero-derivation setting and validate its tightness via Monte Carlo simulations.

翻译：水平交织以及和秩度量目前都是基于编码的密码学领域中备受关注的话题，因为它们能够缓解密钥尺寸过大的问题。与码字垂直堆叠的垂直交织不同，水平$s$交织码的每个码字是由$s$个分量码的$s$个码字水平拼接而成。对于水平交织线性化里德-所罗门（HILRS）码，这些分量码被选为线性化里德-所罗门（LRS）码。我们为HILRS码提供了一种类高氏译码器，其灵感来源于非交织里德-所罗门码和Gabidulin码的相关工作。通过应用最小逼近基理论中的技术，我们在$\mathbb{F}_{q^m}$上实现了$\tilde{\mathcal{O}}(s^{2.373} n^{1.635})$次运算的复杂度，其中$\tilde{\mathcal{O}}(\cdot)$忽略了对数因子，$s$是交织阶数，$n$表示分量码的长度。对于合理小的交织阶数$s \ll n$，该复杂度在分量码长度$n$上是次二次的，并且优于已知的、具有二次复杂度的基于伴随式的HILRS码译码器。此外，它缩小了与垂直交织LRS码的性能差距，后者已知的译码器复杂度为$\tilde{\mathcal{O}}(s^{2.373} n^{1.635})$。我们可以超越唯一译码半径进行译码，并处理分量码维度为$k$时和秩权重高达$\frac{s}{s + 1} (n - k)$的错误。我们还给出了零推导场景下失败概率的上界，并通过蒙特卡洛模拟验证了其紧致性。