Encyclopedia of Cryptography and Security

2011 Edition
| Editors: Henk C. A. van Tilborg, Sushil Jajodia

McEliece Public Key Cryptosystem

  • Nicolas Sendrier
Reference work entry
DOI: https://doi.org/10.1007/978-1-4419-5906-5_384

Related Concepts


The McEliece PKC is a public-key encryption scheme based on error correcting codes. The cryptogram is a code word of a binary Goppa code to which errors are added. Only the legal user, who knows the hidden algebraic structure of the code, can remove those errors and recover the cleartext.


It was introduced by Robert J. McEliece in 1978 [1] and is among the oldest public-key encryption schemes. Its security is related to hard algorithmic problems of algebraic coding theory. Its main advantages are very efficient encryption and decryption procedures and a good practical and theoretical security. On the other hand, its main drawbacks are a public key of large size and a ciphertext which is larger than the cleartext.

General Idea

The cleartext of k binary digits is encoded into a code word of n > k binary digits by means of some encoder of a t-error correcting binary irreducible...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    McEliece RJ (1978) A public-key cryptosystem based on algebraic coding theory. DSN Progress Report, Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, pp 114–116Google Scholar
  2. 2.
    Stern J (1989) A method for finding codewords of small weight. In: Cohen G, Wolfmann J (eds) Coding theory and applications. Lecture notes in computer science, vol 388. Springer, Berlin, pp 106–113Google Scholar
  3. 3.
    Canteaut A, Chabaud F (1998) A new algorithm for finding minimum-weight words in a linear code: application to McEliece’s cryptosystem and to narrow-sense BCH codes of length 511. IEEE Trans Inf Theory 44(1):367–378zbMATHMathSciNetGoogle Scholar
  4. 4.
    Bernstein D, Lange T, Peters C (2008) Attacking and defending the McEliece cryptosystem. In: Buchmann J, Ding J (eds) Post-quantum cryptography. Lecture notes in computer science, vol 5299. Springer, Berlin, pp 31–46Google Scholar
  5. 5.
    Berlekamp ER, McEliece RJ, van Tilborg HC (1978) On the inherent intractability of certain coding problems. IEEE Trans Inf Theory 24(3):384–386zbMATHGoogle Scholar
  6. 6.
    Finiasz M (2004) Nouvelles constructions utilisant des codes correcteurs d’erreurs en cryptographie clef publique. Thèse de doctorat, École PolytechniqueGoogle Scholar
  7. 7.
    Sendrier N (2002) On the security of the McEliece public-key cryptosystem. In: Blaum M, Farrell P, van Tilborg H (eds) Information, coding and mathematics. Kluwer international series in engineering and computer science, vol 687. Kluwer, Dordrecht, pp 141–163. Proceedings of Workshop honoring Prof. Bob McEliece on his 60th birthdayGoogle Scholar
  8. 8.
    Loidreau P, Sendrier N (2001) Weak keys in McEliece public-key cryptosystem. IEEE Trans Inf Theory 47(3):1207–1212zbMATHMathSciNetGoogle Scholar
  9. 9.
    Sendrier N (2000) Finding the permutation between equivalent codes: the support splitting algorithm. IEEE Trans Inf Theory 46(4):1193–1203zbMATHMathSciNetGoogle Scholar
  10. 10.
    Biswas B, Sendrier N (2008) McEliece cryptosystem in real life: theory and practice. In: Buchmann J, Ding J (eds) PQCrypto 2008. Lecture notes in computer science, vol 5299. Springer, Berlin, pp 47–62Google Scholar
  11. 11.
    Finiasz M, Sendrier N (2009) Security bounds for the design of code-based cryptosystems. In: Matsui M (ed) Advances in cryptology – ASIACRYPT 2009. Lecture notes in computer science, vol 5912. Springer, Berlin, pp 88–105Google Scholar
  12. 12.
    HyMES: Hybrid McEliece Encryption Scheme, http://www-roc.inria.fr/secret/CBCrypto/index.php?pg=hymes Open source software

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  • Nicolas Sendrier
    • 1
  1. 1.Project-Team SECRETINRIA Paris-RocquencourtLe ChesnayFrance