Attacking and Defending the McEliece Cryptosystem

  • Daniel J. Bernstein
  • Tanja Lange
  • Christiane Peters
Conference paper

DOI: 10.1007/978-3-540-88403-3_3

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5299)
Cite this paper as:
Bernstein D.J., Lange T., Peters C. (2008) Attacking and Defending the McEliece Cryptosystem. In: Buchmann J., Ding J. (eds) Post-Quantum Cryptography. PQCrypto 2008. Lecture Notes in Computer Science, vol 5299. Springer, Berlin, Heidelberg

Abstract

This paper presents several improvements to Stern’s attack on the McEliece cryptosystem and achieves results considerably better than Canteaut et al. This paper shows that the system with the originally proposed parameters can be broken in just 1400 days by a single 2.4GHz Core 2 Quad CPU, or 7 days by a cluster of 200 CPUs. This attack has been implemented and is now in progress.

This paper proposes new parameters for the McEliece and Niederreiter cryptosystems achieving standard levels of security against all known attacks. The new parameters take account of the improved attack; the recent introduction of list decoding for binary Goppa codes; and the possibility of choosing code lengths that are not a power of 2. The resulting public-key sizes are considerably smaller than previous parameter choices for the same level of security.

Keywords

McEliece cryptosystem Stern attack minimal weight code word list decoding binary Goppa codes security analysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Daniel J. Bernstein
    • 1
  • Tanja Lange
    • 2
  • Christiane Peters
    • 2
  1. 1.Department of Mathematics, Statistics, and Computer Science (M/C 249)University of Illinois at ChicagoChicagoUSA
  2. 2.Department of Mathematics and Computer ScienceTechnische Universiteit EindhovenEindhovenNetherlands

Personalised recommendations