Abstract
The class of public-key cryptosystems based on error-correcting codes is one of the few alternatives to the common algorithms based on number theory.We here present an attack against these systems which actually consists of a new probabilistic algorithm for finding minimum-weight words in any large linear code. This new attack notably points out that McEliece cipher with its original parameters does not provide a sufficient security level.
Chapter PDF
References
A. Canteaut and F. Chabaud. A new algorithm for finding minimum-weight words in a linear code: application to McEliece’s cryptosystem and to narrowsense BCH codes of length 511. IEEE Transactions on Information Theory, IT-44(1):367–378, 1998.
J.G. Kemeny and J.L. Snell. Finite Markov chains. Springer-Verlag, 1960.
P.J. Lee and E.F. Brickell. An observation on the security of McEliece’s public-key cryptosystem. In C.G. Günter, ed., Advances in Cryptology-EUROCRYPT’88, number 330 in Lecture Notes in Computer Science, pages 275–280. Springer-Verlag, 1988.
Y.X. Li, R.H. Deng, and X.M. Wang. On the equivalence of McEliece’s and Niederreiter’s public-key cryptosystems. IEEE Transactions on Information Theory, IT-40(1):271–273, 1994.
J.S. Leon. A probabilistic algorithm for computing minimum weights of large error-correcting codes. IEEE Transactions on Information Theory, 34(5):1354–1359, 1988.
R.J. McEliece. A public-key cryptosystem based on algebraic coding theory. JPL DSN Progress Report, pages 114–116, 1978.
H. Niederreiter. Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory, 15(2):159–166, 1986.
J.K. Omura. Iterative decoding of linear codes by a modulo-2 linear programm. Discrete Math, (3):193–208, 1972.
N. Sendrier. On the structure of a randomly permuted concatenated code. In P. Charpin, ed., EUROCODE 94-Livre des résumés, pages 169–173. INRIA, 1994.
N. Sendrier. On the structure of a randomly permuted concatenated code. Technical Report RR-2460, INRIA, January 1995.
N. Sendrier. An algorithm for finding the permutation between two equivalent binary codes. Technical Report RR-2853, INRIA, April 1996.
V.M. Sidelnikov and S.O. Shestakov. On cryptosystems based on generalized Reed-Solomon codes. Diskretnaya Math, 4:57–63, 1992.
J. Stern. A method for finding codewords of small weight. In G. Cohen and J. Wolfmann, eds., Coding Theory and Applications, number 388 in Lecture Notes in Computer Science, pages 106–113. Springer-Verlag, 1989.
J. Stern. A new identification scheme based on syndrome decoding. In D.R. Stinson, ed., Advances in Cryptology-CRYPTO’93, number 773 in Lecture Notes in Computer Science, pages 13–21. Springer-Verlag, 1993.
P. Véron. Probleme SD, Opérateur Trace, schémas d’identification et codes de Goppa. PhD thesis, Université de Toulon et du Var, 1995.
J. van Tilburg. Security-analysis of a class of cryptosystems based on linear error-correcting codes. PhD thesis, Technische Universiteit Eindhoven, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Canteaut, A., Sendrier, N. (2000). Cryptanalysis of the Original McEliece Cryptosystem. In: Ohta, K., Pei, D. (eds) Advances in Cryptology — ASIACRYPT’98. ASIACRYPT 1998. Lecture Notes in Computer Science, vol 1514. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49649-1_16
Download citation
DOI: https://doi.org/10.1007/3-540-49649-1_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65109-3
Online ISBN: 978-3-540-49649-6
eBook Packages: Springer Book Archive