Enhanced Public Key Security for the McEliece Cryptosystem

Baldi, Marco; Bianchi, Marco; Chiaraluce, Franco; Rosenthal, Joachim; Schipani, Davide

doi:10.1007/s00145-014-9187-8

Cited by 72 publications

(85 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For this purpose, Wieschebrink proposed to add some random columns to the generator matrix of a GRS code [53]. The solution proposed in [54] and then refined in [55] instead exploits a transformation from the private matrix to the public matrix which is no longer a permutation, such that the public code is no longer a GRS code.…”

Section: Variants Of the Mceliece And Niederreiter Cryptosystemsmentioning

confidence: 99%

The McEliece and Niederreiter Cryptosystems

Baldi

2014

SpringerBriefs in Electrical and Computer Engineering

Self Cite

View full text Add to dashboard Cite

This chapter is devoted to the McEliece and Niederreiter cryptosystems, which are the first and best known examples of code-based public-key cryptosystems. The classical instances of the McEliece and Niederreiter cryptosystems are described, together with the class of Goppa codes, which are the codes originally used in these systems and which have best resisted cryptanalysis during years. The main attacks against these systems are reviewed, and their complexity is estimated in order to assess the security level. Some subsequent variants of the McEliece and Niederreiter cryptosystems are briefly reviewed.Since many years, error correcting codes have gained an important place in cryptography. In fact, in 1978, just a couple of years after the publication of the pioneeristic work of Diffie and Hellman on the use of private and public keys [1], McEliece proposed a public-key cryptosystem based on algebraic coding theory [2] that revealed to have a very high security level. The rationale of the McEliece system, that adopts a generator matrix as the private key and a transformed version of it as the public key, lies in the difficulty of decoding a large linear code with no visible structure, that in fact is known to be a hard problem [3].The original McEliece cryptosystem is still unbroken, in the sense that no polynomial-time algorithm to implement an attack has been ever found. Moreover, the system is two or three orders of magnitude faster than competing solutions, like RSA. In spite of this, less attention has been devoted to the McEliece cryptosystem with respect to other solutions, for two main reasons: (1) the large size of its public keys and (2) its low information rate (that is about 0.5). In fact, the original McEliece cryptosystem requires public keys with size in the order of several thousands of bytes, while more widespread solutions, like RSA, work with public keys of less than one thousand bytes. In addition, the McEliece cryptosystem adds redundancy during encryption, therefore the ciphertexts are longer than their corresponding cleartexts. This latter fact has most consequences only when one wishes to use the McEliece M. Baldi, QC-LDPC Code-Based Cryptography, 6 5 SpringerBriefs in Electrical and Computer Engineering,

show abstract

Section: Variants Of the Mceliece And Niederreiter Cryptosystemsmentioning

confidence: 99%

The McEliece and Niederreiter Cryptosystems

Baldi

2014

SpringerBriefs in Electrical and Computer Engineering

Self Cite

View full text Add to dashboard Cite

show abstract

“…Joint encoding and encryption by LDPC codes and RS codes for public key cryptography is a tradeoff between security and reliable communication [5,22,6]. New scrambling and permutating matrices for McEliece system with RS codes are proposed in [6] to enhance security.…”

Section: Related Workmentioning

confidence: 99%

“…New scrambling and permutating matrices for McEliece system with RS codes are proposed in [6] to enhance security. In [2] the wire-tap encoding and the error correction encoding are concatenated to enhance security.…”

Section: Related Workmentioning

confidence: 99%

“…RS code has been widely used in communications and storage systems to correct errors, which can also be used together with BCH code to ensure data integrity [4]. The idea of using RS code as a carriage for stream cipher comes from the observation of RS code for code-based cryptography, where it is found that the errors are intentionally inserted and recovered with much computation and energy [5,6]. In fact, the code-based peudo random generator and its security can be considered to achieve stream cipher [7].…”

Section: Introductionmentioning

confidence: 99%

“…Code based cryptography [11] with Goppa codes [12] or MDPC codes [13], for example, can be applied to realize McEliece system . Meanwhile, generalized RS code can also be used to implement asymmetric cryptography [6], which brings out short keys compared with that obtained by Goppa code.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations