An observation on the security of McEliece's public-key cryptosystem
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
A method for finding codewords of small weight
Proceedings of the 3rd International Colloquium on Coding Theory and Applications
On the McEliece Public-Key Cryptosystem
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Original McEliece Cryptosystem
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Semantically Secure McEliece Public-Key Cryptosystems-Conversions for McEliece PKC
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Cryptanalysis of the Sidelnikov Cryptosystem
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
On Kabatianskii-Krouk-Smeets Signatures
WAIFI '07 Proceedings of the 1st international workshop on Arithmetic of Finite Fields
Attacking and Defending the McEliece Cryptosystem
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
McEliece Cryptosystem Implementation: Theory and Practice
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
IEEE Transactions on Information Theory
Security Bounds for the Design of Code-Based Cryptosystems
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Provably Secure Code-Based Threshold Ring Signatures
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Code-based public-key cryptosystems and their applications
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
A zero-knowledge identification scheme based on the q-ary syndrome decoding problem
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Algebraic cryptanalysis of mceliece variants with compact keys
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Information-set decoding for linear codes over Fq
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Designing a rank metric based mceliece cryptosystem
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Monoidic codes in cryptography
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Statistical decoding of codes over Fq
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Reducing the key size of rainbow using non-commutative rings
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Private identification of RFID tags
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Efficient implementation of a CCA2-Secure variant of mceliece using generalized srivastava codes
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
ISC'12 Proceedings of the 15th international conference on Information Security
Towards one cycle per bit asymmetric encryption: code-based cryptography on reconfigurable hardware
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Smaller keys for code-based cryptography: QC-MDPC mceliece implementations on embedded devices
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Computational aspects of retrieving a representation of an algebraic geometry code
Journal of Symbolic Computation
Hi-index | 0.00 |
The McEliece cryptosystem is one of the oldest public-key cryptosystems ever designed. It is also the first public-key cryptosystem based on linear error-correcting codes. Its main advantage is to have very fast encryption and decryption functions. However it suffers from a major drawback. It requires a very large public key which makes it very difficult to use in many practical situations. A possible solution is to advantageously use quasi-cyclic codes because of their compact representation. On the other hand, for a fixed level of security, the use of optimal codes like Maximum Distance Separable ones allows to use smaller codes. The almost only known family of MDS codes with an efficient decoding algorithm is the class of Generalized Reed-Solomon (GRS) codes. However, it is well-known that GRS codes and quasi-cyclic codes do not represent secure solutions. In this paper we propose a new general method to reduce the public key size by constructing quasi-cyclic Alternant codes over a relatively small field like ${\mathbb{F}}_{2^8}$. We introduce a new method of hiding the structure of a quasi-cyclic GRS code. The idea is to start from a Reed-Solomon code in quasi-cyclic form defined over a large field. We then apply three transformations that preserve the quasi-cyclic feature. First, we randomly block shorten the RS code. Next, we transform it to get a Generalised Reed Solomon, and lastly we take the subfield subcode over a smaller field. We show that all existing structural attacks are infeasible. We also introduce a new NP-complete decision problem called quasi-cyclic syndrome decoding. This result suggests that decoding attack against our variant has little chance to be better than the general one against the classical McEliece cryptosystem. We propose a system with several sizes of parameters from 6,800 to 20,000 bits with a security ranging from 280 to 2120.