Skip to main content
SpringerLink
Log in

Wild McEliece Incognito

  • Conference paper
Post-Quantum Cryptography (PQCrypto 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7071))

Included in the following conference series:

Abstract

The wild McEliece cryptosystem uses wild Goppa codes over finite fields to achieve smaller public key sizes compared to the original McEliece cryptosystem at the same level of security against all attacks known. However, the cryptosystem drops one of the confidence-inspiring shields built into the original McEliece cryptosystem, namely a large pool of Goppa polynomials to choose from.

This paper shows how to achieve almost all of the same reduction in key size while preserving this shield. Even if support splitting could be (1) generalized to handle an unknown support set and (2) sped up by a square-root factor, polynomial-searching attacks in the new system will still be at least as hard as information-set decoding.

Furthermore, this paper presents a set of concrete cryptanalytic challenges to encourage the cryptographic community to study the security of code-based cryptography. The challenges range through codes over F 2,F 3, …, F 32, and cover two different levels of how much the wildness is hidden.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Augot, D., Barbier, M., Couvreur, A.: List-decoding of binary Goppa codes up to the binary Johnson bound (2010), http://arxiv.org/abs/1012.3439 ; Citations in this document: §2

  2. Berger, T.P., Loidreau, P.: How to mask the structure of codes for a cryptographic use. Designs, Codes and Cryptography 35, 63–79 (2005), MR 2006d:94038, http://www.springerlink.com/index/JR001118R1567U13.pdf ; Citations in this document: §1, §3, §3

  3. Berlekamp, E.R.: Algebraic coding theory. Aegean Park Press (1984) ISBN 0894120638; Citations in this document: §2

    Google Scholar 

  4. Bernstein, D.J.: List decoding for binary Goppa codes. In: IWCC [10], pp. 62–80 (2011), http://cr.yp.to/papers.html#goppalist ; Citations in this document: §2

  5. Bernstein, D.J.: Simplified high-speed high-distance list decoding for alternant codes. In: PQCrypto 2011 [27], pp. 200–216 (2011), http://cr.yp.to/papers.html#simplelist ; Citations in this document: §2, §2

  6. Bernstein, D.J., Lange, T., Peters, C.: Wild McEliece. In: SAC 2010 [7], pp. 143–158 (2011), http://eprint.iacr.org/2010/410 ; Citations in this document: §1, §1, §1, §1, §1, §1, §2, §2, §2, §3, §4, §4

  7. Biryukov, A., Gong, G., Stinson, D.R. (eds.): Selected areas in cryptography—17th international workshop, SAC 2010, Waterloo, Ontario, Canada, August 12-13, 2010, revised selected papers. Lecture Notes in Computer Science, vol. 6544. Springer, Heidelberg (2011); See [6]

    Google Scholar 

  8. Certicom: Certicom ECC Challenge (1997), http://www.certicom.com/images/pdfs/cert_ecc_challenge.pdf ; Citations in this document: §4, §4

  9. Charpin, P. (ed.): Livre des résumés—EUROCODE 94, Abbaye de la Bussière sur Ouche, France (October 1994); See [20]

    Google Scholar 

  10. Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.): Coding and cryptology—third international workshop, IWCC 2011, Qingdao, China, May 30-June 3, 2011, proceedings. Lecture Notes in Computer Science, vol. 6639. Springer, Heidelberg (2011); See [4]

    Google Scholar 

  11. Goppa, V.D.: A new class of linear error correcting codes. Problemy Peredachi Informatsii 6, 24–30 (1970); Citations in this document: §2, §2

    MathSciNet  MATH  Google Scholar 

  12. Goppa, V.D.: Rational representation of codes and (L,g)-codes. Problemy Peredachi Informatsii 7, 41–49 (1971); Citations in this document: §2

    MathSciNet  MATH  Google Scholar 

  13. Kim, K. (ed.): Public key cryptography: proceedings of the 4th international workshop on practice and theory in public key cryptosystems (PKC 2001) Held on Cheju Island, February 13-15, 2001. Lecture Notes in Computer Science, vol. 1992. Springer, Heidelberg (2001); See [14]

    Google Scholar 

  14. Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems—conversions for McEliece PKC. In: PKC 2001 [13], pp. 19–35 (2001), MR 2003c:94027; Citations in this document: §4

    Google Scholar 

  15. McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. JPL DSN Progress Report, 114–116 (1978), http://ipnpr.jpl.nasa.gov/progress_report2/42-44/44N.PDF ; Citations in this document: §1

  16. Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory 15, 159–166 (1986); Citations in this document: §1, §4

    MathSciNet  MATH  Google Scholar 

  17. Patterson, N.J.: The algebraic decoding of Goppa codes. IEEE Transactions on Information Theory 21, 203–207 (1975); Citations in this document: §2

    Article  MathSciNet  MATH  Google Scholar 

  18. Peters, C.: Information-set decoding for linear codes over F q. In: PQCrypto 2010 [22], pp. 81–94 (2010), http://eprint.iacr.org/2009/589 ; Citations in this document: §1, §3, §4, §4, §4, §5

  19. RSA Laboratories: The RSA Factoring Challenge (1991), http://www.rsa.com/rsalabs/node.asp?id=2092 ; Citations in this document: §4

  20. Sendrier, N.: On the structure of a randomly permuted concatenated code. In: EUROCODE 94 [9], pp. 169–173 (1994); Citations in this document: §3, §3

    Google Scholar 

  21. Sendrier, N.: Finding the permutation between equivalent linear codes: the support splitting algorithm. IEEE Transactions on Information Theory 46, 1193–1203 (2000), MR 2001e:94017, http://hal.inria.fr/docs/00/07/30/37/PDF/RR-3637.pdf ; Citations in this document: §1

    Article  MathSciNet  MATH  Google Scholar 

  22. Sendrier, N. (ed.): Post-quantum cryptography, third international workshop, PQCrypto, Darmstadt, Germany, May 25-28, 2010. Lecture Notes in Computer Science, vol. 6061. Springer, Heidelberg (2010); See [18], [25]

    Google Scholar 

  23. Stein, W. (ed.): Sage Mathematics Software (Version 4.4.3), The Sage Group (2010) http://www.sagemath.org ; Citations in this document: §4

  24. Sugiyama, Y., Kasahara, M., Hirasawa, S., Namekawa, T.: Further results on Goppa codes and their applications to constructing efficient binary codes. IEEE Transactions on Information Theory 22, 518–526 (1976); Citations in this document: §2

    Article  MathSciNet  MATH  Google Scholar 

  25. Wieschebrink, C.: Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. In: PQCrypto 2010 [22], pp. 61–72 (2010); Citations in this document: §3

    Google Scholar 

  26. Wikipedia: RSA Factoring Challenge—Wikipedia, The Free Encyclopedia (2011), http://en.wikipedia.org/wiki/RSA_Factoring_Challenge (accessed July 01, 2011); Citations in this document: §4

  27. Yang, B.-Y. (ed): Post-quantum cryptography, fourth international workshop, PQCrypto, Taipei, Taiwan, November 29-December 02, 2011. Lecture Notes in Computer Science, vol. 7071. Springer, Heidelberg (2011); See [5]

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Illinois at Chicago, Chicago, IL, 60607–7045, USA

    Daniel J. Bernstein

  2. Department of Mathematics and Computer Science, Technische Universiteit Eindhoven, P.O. Box 513, 5600 MB, Eindhoven, Netherlands

    Tanja Lange

  3. Department of Mathematics, Technical University of Denmark, 2800, Kgs. Lyngby, Denmark

    Christiane Peters

Authors
  1. Daniel J. Bernstein
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tanja Lange
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christiane Peters
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Academia Sinica, Taipei, Taiwan

    Bo-Yin Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bernstein, D.J., Lange, T., Peters, C. (2011). Wild McEliece Incognito. In: Yang, BY. (eds) Post-Quantum Cryptography. PQCrypto 2011. Lecture Notes in Computer Science, vol 7071. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25405-5_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25405-5_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25404-8

  • Online ISBN: 978-3-642-25405-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation