Can one design a signature scheme based on error-correcting codes?
In this note, we show that the signature scheme based on error-correcting codes which has been proposed during the ASIACRYPT'94 conference and appears in this volume (see ) is not secure. The attack involves gathering a few hundred signatures. ⩉From then on, only elementary linear algebra is used.
KeywordsSignature Scheme Error Vector Authentication Scheme Favourable Situation Fair Coin
Unable to display preview. Download preview PDF.
- 1.M. Alabbadi and S. B. Wicker, A digital signature scheme based on linear error-correcting block codes, this volume.Google Scholar
- 2.A. Fiat and A. Shamir, How to prove yourself: Practical solutions to identification and signature problems, Proceedings of Crypto 86, Lecture Notes in Computer Science 263, 181–187.Google Scholar
- 3.R. J. McEliece, Public key cryptosystem based on algebraic coding theory, JPLDSN Progress Report 42-44, Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA, January and February 1978, 114–116.Google Scholar
- 4.J. Stern, A new identification scheme based on syndrome decoding. Proceedings of Crypto 93, Lecture Notes in Computer Science 773, 13–21.Google Scholar