Improving the Security of the McEliece Public-Key Cryptosystem

  • Hung -Min Sun
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1514)


At Crypt’97, Berson showed that the McEliece public-key cryptosystem suffers from two weaknesses: (1) failure to protect any message which is encrypted more than once, (2) failure to protect any messages which have a known linear relation to one another. In this paper, we propose some variants of the McEliece scheme which can prevent from these attacks. These variants will not reduce the information rate in the original scheme. In addition, to improve the information rate, we also propose some variants of the McEliece scheme which can prevent from Berson-like attacks.


Error Vector Information Rate Decryption Algorithm Original Scheme Goppa Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Adams, C., and Meijer, H., „Security-Related Comments Regarding McEliece’s Public-Key Cryptosystem,“ Advances in Cryptology-CRYPTO’87, Lecture notes in computer science (Springer-Verlag), pp. 224–228, 1988.Google Scholar
  2. 2.
    Adams, C., and Meijer, H., „Security-Related Comments Regarding McEliece’s Public-Key Cryptosystem,“ IEEE Transactions on Information Theory, Vol. 35, pp. 454–455, 1989.CrossRefMathSciNetGoogle Scholar
  3. 3.
    Bellare, M., and Rogaway, P., „Optimal asymmetric encryption,“ Advances in Cryptology-EUROCRYPT’94, Lecture notes in computer science 950 (Springer-Verlag), pp. 232–249, 1994.Google Scholar
  4. 4.
    Berlekamp, E.R., McEliece, R.J., and van Tilborg, H.C.A., „On the Inherent Intractability of Certain Coding Problems,“ IEEE Transactions on Information Theory, Vol. 24, pp. 384–386, 1978.zbMATHCrossRefGoogle Scholar
  5. 5.
    Berson, T.A., „Failure of the McEliece Public-Key Cryptosystem under Message-resend and Related-message Attack,“ Advances in Cryptology-CRYPTO’97, Lecture notes in computer science (Springer-Verlag), pp. 213–220, 1997.CrossRefGoogle Scholar
  6. 6.
    Blum, M., and Goldwasser, S., „An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information,“ Advances in Cryptology-CRYPTO’84, Lecture notes in computer science (Springer-Verlag), pp. 289–299, 1985..Google Scholar
  7. 7.
    Brickell, E.F., and Odlyzko, A., „Cryptanalysis: A Survey of Recent Results,“ Proc. IEEE, 76,(5), pp. 153–165, 1988.CrossRefGoogle Scholar
  8. 8.
    ElGamal, T., „A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,“ IEEE Trans., IT-31,(4), pp. 469–472, 1985.MathSciNetGoogle Scholar
  9. 9.
    Goldwasser, S., and Micali, S., „Probabilistic Encryption and How to Play Mental Poker Keeping Secret All Partial Information,“ Proceedings of the 14th ACM Symposium on the Theory of Computing, pp. 270–299, 1982.Google Scholar
  10. 10.
    Hamming, R.W., Coding and Information Theory, Prentice-Hall, 1986.Google Scholar
  11. 11.
    Hin, P.J.M., „Channel-Error-Correcting Privacy Cryptosystems,“ M.Sc. Thesis, Delft University of Technology, Delft, 1986.Google Scholar
  12. 12.
    Jorissen, F., „A Security Evaluation of the Public-Key Cipher System Proposed by McEliece, used as a combined scheme,“ Technical Report, Katholieke University Leuven, Dept. Elektrotechniek, Jan 1986.Google Scholar
  13. 13.
    Korzhik, V.I., and Turkin, A.I., „Cryptanalysis of McEliece’s Public-Key Cryptosystem“, Advances in Cryptology-EUROCRYPT’91, Lecture notes in computer science (Springer-Verlag), pp. 68–70, 1991.Google Scholar
  14. 14.
    Lee, P.J., and Brickell, E.F., „An observation on the security of McEliece’s Public-Key Cryptosystem,“ Advances in Cryptology-EUROCRYPT’88, Lecture notes in computer science (Springer-Verlag), pp. 275–280, 1988.Google Scholar
  15. 15.
    Lin, M.C., and Fu, H.L., „Information Rate of McEliece’s Public-Key Cryptosystem,“ Electronics Letters, Vol. 26, No. 1, pp. 16–18, 1990.CrossRefGoogle Scholar
  16. 16.
    McEliece, R.J., „A Public-Key Cryptosystem Based on Algebraic Coding Theory,“ DSN Progress Report, 42-44, pp. 114–116, 1978.Google Scholar
  17. 17.
    National Bureau of Standards, NBS FIPS PUB 46, „Data Encryption Standard,“ National Bureau of Standards, U.S. Department of Commerce, Jan 1977.Google Scholar
  18. 18.
    Park, C.S., „Improving Code Rate of McEliece’s public-Key Cryptosystem,“ Electronics Letters, Vol. 25, No. 21, pp. 1466–1467, 1989.zbMATHCrossRefGoogle Scholar
  19. 19.
    Rabin, M.O., „Digital Signatures and Public-Key Functions as Intractable as Factorization,“ MIT Lab. For Computer Science, Technical Report, MIT/LCS/TR-212, Jan 1979.Google Scholar
  20. 20.
    Rivest, R.L., „The MD5 Message Digest Algorithm,“ RFC 1321, Apr 1992.Google Scholar
  21. 21.
    Rivest, R.L., Shamir, A., and Adleman, L.M., „A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,“ Communications of the ACM, 21,(2), pp. 120–126, 1978.zbMATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    Schneier, B., Applied Cryptography, John Wiley & Sons, 1996.Google Scholar
  23. 23.
    Sendrier, N., „Efficient Generation of Binary Words of Given Weight,“ Cryptography and Coding: 5th IMA Conference, (Springer-Verlag), pp. 184–187, 1995.Google Scholar
  24. 24.
    Sun, H.M., and Hwang, T., „Key Generation of Algebraic-Code Cryptosystems“, Computers and Mathematics with Applications, 27,(2), pp. 99–106, 1994.zbMATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    van Tilburg, J., „On the McEliece Public-Key Cryptosystem,“ Advances in Cryptology-CRYPTO’88, Lecture notes in computer science (Springer-Verlag), pp. 119–131, 1990.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Hung -Min Sun
    • 1
  1. 1.Department of Information ManagementChaoyang University of TechnologyTaichung CountyTaiwan

Personalised recommendations