Abstract
The wild McEliece cryptosystem uses wild Goppa codes over
nite elds to achieve smaller public key sizes compared to the original
McEliece cryptosystem at the same level of security against all attacks
known. However, the cryptosystem drops one of the condence-inspiring
shields built into the original McEliece cryptosystem, namely a large pool
of Goppa polynomials to choose from.
This paper shows how to achieve almost all of the same reduction in
key size while preserving this shield. Even if support splitting could be
(1) generalized to handle an unknown support set and (2) sped up by a
square-root factor, polynomial-searching attacks in the new system will
still be at least as hard as information-set decoding.
Furthermore, this paper presents a set of concrete cryptanalytic chal-
lenges to encourage the cryptographic community to study the security
of code-based cryptography. The challenges range through codes over
F2;F3; : : : ;F32, and cover two dierent levels of how much the wildness
is hidden.
Original language | English |
---|---|
Title of host publication | Lecture Notes in Computer Science |
Volume | 7071 |
Publisher | Springer |
Publication date | 2011 |
Pages | 244-254 |
DOIs | |
Publication status | Published - 2011 |
Event | 4th International Conference on Post-Quantum Cryptography - Taipei, Taiwan, Province of China Duration: 29 Nov 2011 → 2 Dec 2011 |
Conference
Conference | 4th International Conference on Post-Quantum Cryptography |
---|---|
Country/Territory | Taiwan, Province of China |
City | Taipei |
Period | 29/11/2011 → 02/12/2011 |
Keywords
- List decoding
- McEliece cryptosystem
- Goppa codes
- Wild Goppa codes
- Niederreiter cryptosystem