Abstract
We present a polynomial time structural attack against the McEliece system based on Wild Goppa codes from a quadratic finite field extension. This attack uses the fact that such codes can be distinguished from random codes to compute some filtration, that is to say a family of nested subcodes which will reveal their secret algebraic description.
Chapter PDF
Similar content being viewed by others
References
Baldi, M., Bianchi, M., Chiaraluce, F., Rosenthal, J., Schipani, D.: Enhanced public key security for the McEliece cryptosystem. arxiv:1108.2462v2[cs.IT] (2011) (submitted)
Baldi, M., Bodrato, M., Chiaraluce, F.: A new analysis of the McEliece cryptosystem based on QC-LDPC codes. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 246–262. Springer, Heidelberg (2008)
Becker, A., Joux, A., May, A., Meurer, A.: Decoding random binary linear codes in 2n/20: How 1 + 1 = 0 improves information set decoding. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 520–536. Springer, Heidelberg (2012)
Berger, T.P., Loidreau, P.: How to mask the structure of codes for a cryptographic use. Des. Codes Cryptogr. 35(1), 63–79 (2005)
Bernstein, D.J., Lange, T., Peters, C.: Attacking and defending the McEliece cryptosystem. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 31–46. Springer, Heidelberg (2008)
Bernstein, D.J., Lange, T., Peters, C.: Wild mcEliece. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 143–158. Springer, Heidelberg (2011)
Bernstein, D.J., Lange, T., Peters, C.: Wild mcEliece incognito. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 244–254. Springer, Heidelberg (2011)
Bogdanov, A., Lee, C.H.: Homorphic encryption from codes. In: Proceedings of the 44th ACM Symposium on Theory of Computing (STOC) (2012) (to appear)
Bosma, W., Cannon, J.J., Playoust, C.: The Magma algebra system I: The user language. J. Symbolic Comput. 24(3/4), 235–265 (1997)
Canteaut, A., Chabaud, F.: A new algorithm for finding minimum-weight words in a linear code: Application to McEliece’s cryptosystem and to narrow-sense BCH codes of length 511. IEEE Trans. Inform. Theory 44(1), 367–378 (1998)
Cascudo, I., Chen, H., Cramer, R., Xing, C.: Asymptotically Good Ideal Linear Secret Sharing with Strong Multiplication over Any Fixed Finite Field. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 466–486. Springer, Heidelberg (2009)
Cascudo, I., Cramer, R., Xing, C.: The Torsion-Limit for Algebraic Function Fields and Its Application to Arithmetic Secret Sharing. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 685–705. Springer, Heidelberg (2011)
Couvreur, A., Gaborit, P., Gauthier-Umaña, V., Otmani, A., Tillich, J.-P.: Distinguisher-based attacks on public-key cryptosystems using Reed-Solomon codes. ArXiv:1307.6458 (2014) To appear in Des. Codes Cryptogr.
Couvreur, A., Márquez-Corbella, I., Pellikaan, R.: A polynomial time attack against algebraic geometry code based public key cryptosystems. ArXiv:1401.6025 (January 2014)
Couvreur, A., Otmani, A., Tillich, J.-P.: New identities relating Wild Goppa codes. ArXiv:1310.3202v2 (2013)
Faugère, J.-C., Gauthier-Umaña, V., Otmani, A., Perret, L., Tillich, J.-P.: A distinguisher for high rate McEliece cryptosystems. In: Proceedings of the Information Theory Workshop 2011, ITW 2011, Paraty, Brasil, pp. 282–286 (2011)
Faugère, J.-C., Gauthier-Umaña, V., Otmani, A., Perret, L., Tillich, J.-P.: A distinguisher for high rate McEliece cryptosystems. IEEE Trans. Inform. Theory 59(10), 6830–6844 (2013)
Faugère, J.-C., Otmani, A., Perret, L., Tillich, J.-P.: Algebraic cryptanalysis of mcEliece variants with compact keys. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 279–298. Springer, Heidelberg (2010)
Faure, C., Minder, L.: Cryptanalysis of the McEliece cryptosystem over hyperelliptic curves. In: Proceedings of the Eleventh International Workshop on Algebraic and Combinatorial Coding Theory, Pamporovo, Bulgaria, pp. 99–107 (June 2008)
Gauthier-Umaña, V., Leander, G.: Practical key recovery attacks on two McEliece variants. IACR Cryptology ePrint Archive 509 (2009)
Gibson, J.K.: Equivalent Goppa codes and trapdoors to McEliece’s public key cryptosystem. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 517–521. Springer, Heidelberg (1991)
Janwa, H., Moreno, O.: McEliece public key cryptosystems using algebraic-geometric codes. Des. Codes Cryptogr. 8(3), 293–307 (1996)
Kötter, R.: A unified description of an error locating procedure for linear codes. In: Proc. Algebraic and Combinatorial Coding Theory, Voneshta Voda, pp. 113–117 (1992)
Landais, G., Tillich, J.-P.: An efficient attack of a mcEliece cryptosystem variant based on convolutional codes. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 102–117. Springer, Heidelberg (2013)
Lee, P.J., Brickell, E.F.: An observation on the security of McEliece’s public-key cryptosystem. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 275–280. Springer, Heidelberg (1988)
Leon, J.S.: A probabilistic algorithm for computing minimum weights of large error-correcting codes. IEEE Trans. Inform. Theory 34(5), 1354–1359 (1988)
Loidreau, P., Sendrier, N.: Weak keys in the McEliece public-key cryptosystem. IEEE Trans. Inform. Theory 47(3), 1207–1211 (2001)
Löndahl, C., Johansson, T.: A new version of mcEliece PKC based on convolutional codes. In: Chim, T.W., Yuen, T.H. (eds.) ICICS 2012. LNCS, vol. 7618, pp. 461–470. Springer, Heidelberg (2012)
MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes, 1st edn. North–Holland, Amsterdam (1986)
Márquez-Corbella, I., Martínez-Moro, E., Pellikaan, R.: Evaluation of public-key cryptosystems based on algebraic geometry codes. In: Borges, J., Villanueva, M. (eds.) Proceedings of the Third International Castle Meeting on Coding Theory and Applications, Barcelona, Spain, September 11-15, pp. 199–204 (2011)
Márquez-Corbella, I., Martínez-Moro, E., Pellikaan, R.: The non-gap sequence of a subcode of a Generalized Reed–Solomon code. In: Des. Codes Cryptogr, pp. 1–17 (2012)
Márquez-Corbella, I., Martínez-Moro, E., Pellikaan, R.: On the unique representation of very strong algebraic geometry codes. Des. Codes Cryptogr., 1–16 (2012) (in press)
Márquez-Corbella, I., Pellikaan, R.: Error-correcting pairs for a public-key cryptosystem (2012) (preprint)
May, A., Meurer, A., Thomae, E.: Decoding random linear codes in \(\tilde{\mathcal{O}}(2^{0.054n})\). In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 107–124. Springer, Heidelberg (2011)
McEliece, R.J.: A Public-Key System Based on Algebraic Coding Theory. Jet Propulsion Lab., 114–116 (1978), DSN Progress Report 44
Minder, L., Shokrollahi, M.A.: Cryptanalysis of the Sidelnikov Cryptosystem. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 347–360. Springer, Heidelberg (2007)
Misoczki, R., Tillich, J.-P., Sendrier, N., Barreto, P.S.L.M.: MDPC-McEliece: New McEliece variants from moderate density parity-check codes. IACR Cryptology ePrint Archive, 2012:409 (2012)
Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory 15(2), 159–166 (1986)
Otmani, A., Tillich, J.-P., Dallot, L.: Cryptanalysis of two McEliece cryptosystems based on quasi-cyclic codes. Special Issues of Mathematics in Computer Science 3(2), 129–140 (2010)
Pellikaan, R.: On decoding by error location and dependent sets of error positions. Discrete Math. 107, 368–381 (1992)
Peters, C.: Information-set decoding for linear codes over f q . In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 81–94. Springer, Heidelberg (2010)
Sendrier, N.: Finding the permutation between equivalent linear codes: The support splitting algorithm. IEEE Trans. Inform. Theory 46(4), 1193–1203 (2000)
Sidelnikov, V.M.: A public-key cryptosytem based on Reed-Muller codes. Discrete Math. Appl. 4(3), 191–207 (1994)
Sidelnikov, V.M., Shestakov, S.O.: On the insecurity of cryptosystems based on generalized Reed-Solomon codes. Discrete Math. Appl. 1(4), 439–444 (1992)
Stern, J.: A method for finding codewords of small weight. In: Wolfmann, J., Cohen, G. (eds.) Coding Theory 1988. LNCS, vol. 388, pp. 106–113. Springer, Heidelberg (1989)
Sugiyama, Y., Kasahara, M., Hirasawa, S., Namekawa, T.: Further results on Goppa codes and their applications to constructing efficient binary codes. IEEE Trans. Inform. Theory 22, 518–526 (1976)
Wieschebrink, C.: Two NP-complete problems in coding theory with an application in code based cryptography. In: 2006 IEEE International Symposium on Information Theory, pp. 1733–1737 (2006)
Wieschebrink, C.: Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 61–72. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 International Association for Cryptologic Research
About this paper
Cite this paper
Couvreur, A., Otmani, A., Tillich, J. (2014). Polynomial Time Attack on Wild McEliece over Quadratic Extensions. In: Nguyen, P.Q., Oswald, E. (eds) Advances in Cryptology – EUROCRYPT 2014. EUROCRYPT 2014. Lecture Notes in Computer Science, vol 8441. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55220-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-55220-5_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55219-9
Online ISBN: 978-3-642-55220-5
eBook Packages: Computer ScienceComputer Science (R0)