Abstract
The wild McEliece cryptosystem uses wild Goppa codes over finite fields to achieve smaller public key sizes compared to the original McEliece cryptosystem at the same level of security against all attacks known. However, the cryptosystem drops one of the confidence-inspiring shields built into the original McEliece cryptosystem, namely a large pool of Goppa polynomials to choose from.
This paper shows how to achieve almost all of the same reduction in key size while preserving this shield. Even if support splitting could be (1) generalized to handle an unknown support set and (2) sped up by a square-root factor, polynomial-searching attacks in the new system will still be at least as hard as information-set decoding.
Furthermore, this paper presents a set of concrete cryptanalytic challenges to encourage the cryptographic community to study the security of code-based cryptography. The challenges range through codes over F 2,F 3, …, F 32, and cover two different levels of how much the wildness is hidden.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Augot, D., Barbier, M., Couvreur, A.: List-decoding of binary Goppa codes up to the binary Johnson bound (2010), http://arxiv.org/abs/1012.3439 ; Citations in this document: §2
Berger, T.P., Loidreau, P.: How to mask the structure of codes for a cryptographic use. Designs, Codes and Cryptography 35, 63–79 (2005), MR 2006d:94038, http://www.springerlink.com/index/JR001118R1567U13.pdf ; Citations in this document: §1, §3, §3
Berlekamp, E.R.: Algebraic coding theory. Aegean Park Press (1984) ISBN 0894120638; Citations in this document: §2
Bernstein, D.J.: List decoding for binary Goppa codes. In: IWCC [10], pp. 62–80 (2011), http://cr.yp.to/papers.html#goppalist ; Citations in this document: §2
Bernstein, D.J.: Simplified high-speed high-distance list decoding for alternant codes. In: PQCrypto 2011 [27], pp. 200–216 (2011), http://cr.yp.to/papers.html#simplelist ; Citations in this document: §2, §2
Bernstein, D.J., Lange, T., Peters, C.: Wild McEliece. In: SAC 2010 [7], pp. 143–158 (2011), http://eprint.iacr.org/2010/410 ; Citations in this document: §1, §1, §1, §1, §1, §1, §2, §2, §2, §3, §4, §4
Biryukov, A., Gong, G., Stinson, D.R. (eds.): Selected areas in cryptography—17th international workshop, SAC 2010, Waterloo, Ontario, Canada, August 12-13, 2010, revised selected papers. Lecture Notes in Computer Science, vol. 6544. Springer, Heidelberg (2011); See [6]
Certicom: Certicom ECC Challenge (1997), http://www.certicom.com/images/pdfs/cert_ecc_challenge.pdf ; Citations in this document: §4, §4
Charpin, P. (ed.): Livre des résumés—EUROCODE 94, Abbaye de la Bussière sur Ouche, France (October 1994); See [20]
Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.): Coding and cryptology—third international workshop, IWCC 2011, Qingdao, China, May 30-June 3, 2011, proceedings. Lecture Notes in Computer Science, vol. 6639. Springer, Heidelberg (2011); See [4]
Goppa, V.D.: A new class of linear error correcting codes. Problemy Peredachi Informatsii 6, 24–30 (1970); Citations in this document: §2, §2
Goppa, V.D.: Rational representation of codes and (L,g)-codes. Problemy Peredachi Informatsii 7, 41–49 (1971); Citations in this document: §2
Kim, K. (ed.): Public key cryptography: proceedings of the 4th international workshop on practice and theory in public key cryptosystems (PKC 2001) Held on Cheju Island, February 13-15, 2001. Lecture Notes in Computer Science, vol. 1992. Springer, Heidelberg (2001); See [14]
Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems—conversions for McEliece PKC. In: PKC 2001 [13], pp. 19–35 (2001), MR 2003c:94027; Citations in this document: §4
McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. JPL DSN Progress Report, 114–116 (1978), http://ipnpr.jpl.nasa.gov/progress_report2/42-44/44N.PDF ; Citations in this document: §1
Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory 15, 159–166 (1986); Citations in this document: §1, §4
Patterson, N.J.: The algebraic decoding of Goppa codes. IEEE Transactions on Information Theory 21, 203–207 (1975); Citations in this document: §2
Peters, C.: Information-set decoding for linear codes over F q. In: PQCrypto 2010 [22], pp. 81–94 (2010), http://eprint.iacr.org/2009/589 ; Citations in this document: §1, §3, §4, §4, §4, §5
RSA Laboratories: The RSA Factoring Challenge (1991), http://www.rsa.com/rsalabs/node.asp?id=2092 ; Citations in this document: §4
Sendrier, N.: On the structure of a randomly permuted concatenated code. In: EUROCODE 94 [9], pp. 169–173 (1994); Citations in this document: §3, §3
Sendrier, N.: Finding the permutation between equivalent linear codes: the support splitting algorithm. IEEE Transactions on Information Theory 46, 1193–1203 (2000), MR 2001e:94017, http://hal.inria.fr/docs/00/07/30/37/PDF/RR-3637.pdf ; Citations in this document: §1
Sendrier, N. (ed.): Post-quantum cryptography, third international workshop, PQCrypto, Darmstadt, Germany, May 25-28, 2010. Lecture Notes in Computer Science, vol. 6061. Springer, Heidelberg (2010); See [18], [25]
Stein, W. (ed.): Sage Mathematics Software (Version 4.4.3), The Sage Group (2010) http://www.sagemath.org ; Citations in this document: §4
Sugiyama, Y., Kasahara, M., Hirasawa, S., Namekawa, T.: Further results on Goppa codes and their applications to constructing efficient binary codes. IEEE Transactions on Information Theory 22, 518–526 (1976); Citations in this document: §2
Wieschebrink, C.: Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. In: PQCrypto 2010 [22], pp. 61–72 (2010); Citations in this document: §3
Wikipedia: RSA Factoring Challenge—Wikipedia, The Free Encyclopedia (2011), http://en.wikipedia.org/wiki/RSA_Factoring_Challenge (accessed July 01, 2011); Citations in this document: §4
Yang, B.-Y. (ed): Post-quantum cryptography, fourth international workshop, PQCrypto, Taipei, Taiwan, November 29-December 02, 2011. Lecture Notes in Computer Science, vol. 7071. Springer, Heidelberg (2011); See [5]
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bernstein, D.J., Lange, T., Peters, C. (2011). Wild McEliece Incognito. In: Yang, BY. (eds) Post-Quantum Cryptography. PQCrypto 2011. Lecture Notes in Computer Science, vol 7071. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25405-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-25405-5_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25404-8
Online ISBN: 978-3-642-25405-5
eBook Packages: Computer ScienceComputer Science (R0)