Compact McEliece Keys from Goppa Codes

* Final gross prices may vary according to local VAT.

Get Access

Abstract

The classical McEliece cryptosystem is built upon the class of Goppa codes, which remains secure to this date in contrast to many other families of codes but leads to very large public keys. Previous proposals to obtain short McEliece keys have primarily centered around replacing that class by other families of codes, most of which were shown to contain weaknesses, and at the cost of reducing in half the capability of error correction. In this paper we describe a simple way to reduce significantly the key size in McEliece and related cryptosystems using a subclass of Goppa codes, while also improving the efficiency of cryptographic operations to \(\tilde{O}(n)\) time, and keeping the capability of correcting the full designed number of errors in the binary case.