CCA2 Key-Privacy for Code-Based Encryption in the Standard Model

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10346)


The code-based public-key encryption schemes by McEliece and Niederreiter are famous candidates for the post-quantum world. In this work, we study key-privacy (or anonymity) for these schemes in the standard model. Specifically, we show that the following two paradigms for constructing \(\mathrm {IND}\text {-}\mathrm {CCA}2\) encryption yield \(\mathrm {IK}\text {-}\mathrm {CCA}2\) encryption, if the underlying primitive satisfies \(\mathrm {IK}\text {-}\mathrm {CPA}\) under k-repetition: (1) The Rosen-Segev construction (TCC 2009), we instantiate it with the Niederreiter scheme; (2) The Döttling et al. construction (IEEE Transactions on Information Theory 2012), we instantiate it with both the McEliece scheme and the Niederreiter scheme. As far as we know, these instantiations give the first IK-CCA2 code-based schemes in the standard model. In our proofs, we rely on an important observation by Yamakawa et al. (AAECC 2007) that the randomized McEliece encryption is \(\mathrm {IK}\text {-}\mathrm {CPA}\) in the standard model. As a side result, we show that the randomized Niederreiter encryption is \(\mathrm {IK}\text {-}\mathrm {CPA}\) as well.


Code-based encryption CCA2 Key-privacy Anonymity Standard model 


  1. 1.
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566–582. Springer, Heidelberg (2001). doi: 10.1007/3-540-45682-1_33 CrossRefGoogle Scholar
  2. 2.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography. Springer Science & Business Media, Heidelberg (2009)CrossRefzbMATHGoogle Scholar
  3. 3.
    Dolev, D., Dwork, C., Naor, M.: Nonmalleable cryptography. SIAM J. Comput. 30(2), 391–437 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Döttling, N., Dowsley, R., Muller-Quade, J., Nascimento, A.C.A.: A CCA2 secure variant of the mceliece cryptosystem. IEEE Trans. Inf. Theory 58(10), 6672–6680 (2012)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Faugère, J., Gauthier-Umaña, V., Otmani, A., Perret, L., Tillich, J.: A distinguisher for high rate McEliece cryptosystems. In: 2011 IEEE Information Theory Workshop, ITW 2011, Paraty, Brazil, 16–20 October 2011, pp. 282–286 (2011)Google Scholar
  6. 6.
    Fischer, J.-B., Stern, J.: An efficient pseudo-random generator provably as secure as syndrome decoding. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 245–255. Springer, Heidelberg (1996). doi: 10.1007/3-540-68339-9_22 Google Scholar
  7. 7.
    Freeman, D.M., Goldreich, O., Kiltz, E., Rosen, A., Segev, G.: More constructions of lossy and correlation-secure trapdoor functions. J. Cryptol. 26(1), 39–74 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC), Seattle, Washigton, USA, 14–17 May 1989, pp. 25–32 (1989)Google Scholar
  9. 9.
    Hayashi, R.: Anonymity on public-key cryptosystems. Ph.D. thesis, Tokyo Institute of Technology (2007)Google Scholar
  10. 10.
    Katz, J., Shin, J.S.: Parallel and concurrent security of the HB and \(\text{ HB }^{+}\) protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006). doi: 10.1007/11761679_6 CrossRefGoogle Scholar
  11. 11.
    Kobara, K., Imai, H.: Semantically secure McEliece public-key cryptosystems-conversions for McEliece PKC. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 19–35. Springer, Heidelberg (2001). doi: 10.1007/3-540-44586-2_2 CrossRefGoogle Scholar
  12. 12.
    McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Prog. Rep. 4244, 114–116 (1978)Google Scholar
  13. 13.
    Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Probl. Control Inf. Theory-Probl. Upravleniya I Teorii Informatsii 15(2), 159–166 (1986)zbMATHGoogle Scholar
  14. 14.
    Nojima, R., Imai, H., Kobara, K., Morozov, K.: Semantic security for the McEliece cryptosystem without random oracles. Des. Codes Crypt. 49(1–3), 289–305 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Persichetti, E.: Secure and anonymous hybrid encryption from coding theory. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 174–187. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38616-9_12 CrossRefGoogle Scholar
  16. 16.
    Rosen, A., Segev, G.: Chosen-ciphertext security via correlated products. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 419–436. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00457-5_25 CrossRefGoogle Scholar
  17. 17.
    Yamakawa, S., Cui, Y., Kobara, K., Hagiwara, M., Imai, H.: On the key-privacy issue of McEliece public-key encryption. In: Boztaş, S., Lu, H.-F.F. (eds.) AAECC 2007. LNCS, vol. 4851, pp. 168–177. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-77224-8_21 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Tokyo Institute of TechnologyTokyoJapan

Personalised recommendations