Post-Quantum Cryptography

Volume 7071 of the series Lecture Notes in Computer Science pp 179-199

Monoidic Codes in Cryptography

  • Paulo S. L. M. BarretoAffiliated withLancaster UniversityDepartmento de Engenharia de Computação e Sistemas Digitais (PCS), Escola Politécnica, Universidade de São Paulo
  • , Richard LindnerAffiliated withLancaster UniversityDepartment of Computer Science, Technische Universität Darmstadt
  • , Rafael MisoczkiAffiliated withLancaster UniversityProject SECRET, INRIA-Rocquencourt

* Final gross prices may vary according to local VAT.

Get Access


At SAC 2009, Misoczki and Barreto proposed a new class of codes, which have parity-check matrices that are quasi-dyadic. A special subclass of these codes were shown to coincide with Goppa codes and those were recommended for cryptosystems based on error-correcting codes. Quasi-dyadic codes have both very compact representations and allow for efficient processing, resulting in fast cryptosystems with small key sizes. In this paper, we generalize these results and introduce quasi-monoidic codes, which retain all desirable properties of quasi-dyadic codes. We show that, as before, a subclass of our codes contains only Goppa codes or, for a slightly bigger subclass, only Generalized Srivastava codes. Unlike before, we also capture codes over fields of odd characteristic. These include wild Goppa codes that were proposed at SAC 2010 by Bernstein, Lange, and Peters for their exceptional error-correction capabilities. We show how to instantiate standard code-based encryption and signature schemes with our codes and give some preliminary parameters.


post-quantum cryptography codes efficient algorithms