Information-Set Decoding for Linear Codes over Fq
The best known non-structural attacks against code-based cryptosystems are based on information-set decoding. Stern’s algorithm and its improvements are well optimized and the complexity is reasonably well understood. However, these algorithms only handle codes over F 2.
This paper presents a generalization of Stern’s information-set- decoding algorithm for decoding linear codes over arbitrary finite fields F q and analyzes the complexity. This result makes it possible to compute the security of recently proposed code-based systems over non-binary fields.
As an illustration, ranges of parameters for generalized McEliece cryptosystems using classical Goppa codes over F 31 are suggested for which the new information-set-decoding algorithm needs 2128 bit operations.
KeywordsGeneralized McEliece cryptosystem security analysis Stern attack linear codes over Fq information-set decoding
Unable to display preview. Download preview PDF.
- 5.Bernstein, D.J., Lange, T., Peters, C., van Tilborg, H.C.A.: Explicit bounds for generic decoding algorithms for code-based cryptography. In: Pre-Proceedings of WCC 2009, pp. 168–180 (2009)Google Scholar
- 10.Lee, P.J., Brickell, E.F.: An observation on the security of McEliece’s public-key cryptosystem. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 275–280. Springer, Heidelberg (1988)Google Scholar
- 12.McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. Jet Propulsion Laboratory DSN Progress Report 42–44 (1978), http://ipnpr.jpl.nasa.gov/progress_report2/42-44/44N.PDF