Cryptanalysis of McEliece’s Public-Key Cryptosystem

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 547)


An approach is proposed for the cryptanalysis of the well-known version of McEliece’s public-key cryptosystem that is based on a new iterative optimization algorithm for decoding an arbitrary linear code. The algorithm provides guaranteed correction of all error patterns with Hamming weight less than d/2, where d is the minimum distance of the code, and has time complexity about O(n3) where n is the block length. The approach is illustrated by the cryptanalysis of McEliece’s system when a (63, 36) binary code with d = 11 is the underlying linear code.


Linear Code Code Word Error Pattern Decode Algorithm Binary Word 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    C. M. Adams and H. Meijer, Security-related comments regarding McEliece’s public-key cryptosystem, IEEE Trans. Info. Th., vol. IT-35, pp. 454–457, March 1989.CrossRefMathSciNetGoogle Scholar
  2. [2]
    A. I. Turkin and V. I. Korzhik, The practically-optimal decoding algorithm for arbitrary linear codes over a BSC with polynomial time complexity, to be presented at the IEEE Intl. Symp. Info. Th., Budapest, June 1991.Google Scholar
  3. [3]
    E. R. Berlekamp, R. J. McEliece and H. C. A. van Tilborg, On the inherent intractability of certain coding problems, IEEE Trans. Info. Th., vol. IT-24, pp. 384–386, May 1978.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  1. 1.Department of Communication TheoryLeningrad Electroengineering Institute of CommunicationsLeningradUSSR
  2. 2.Computer DepartmentGorky Polytechnical InstituteNizhnii NovgorodUSSR

Personalised recommendations