Cryptanalysis of Two McEliece Cryptosystems Based on Quasi-Cyclic Codes
نویسندگان
چکیده
We cryptanalyse here two variants of the McEliece cryptosystem based on quasi-cyclic codes. Both aim at reducing the key size by restricting the public and secret generator matrices to be in quasi-cyclic form. The first variant considers subcodes of a primitive BCH code. The aforementioned constraint on the public and secret keys implies to choose very structured permutations. We prove that this variant is not secure by producing many linear equations that the entries of the secret permutation matrix have to satisfy by using the fact that the secret code is a subcode of a known BCH code. This attack has been implemented and in all experiments we have performed the solution space of the linear system was of dimension one and revealed the permutation matrix. The other variant uses quasi-cyclic low density parity-check codes. This scheme was devised to be immune against general attacks working for McEliece type cryptosystems based on low density parity-check codes by choosing in the McEliece scheme more general one-to-one mappings than permutation matrices. We suggest here a structural attack exploiting the quasi-cyclic structure of the code and a certain weakness in the choice of the linear transformations that hide the generator matrix of the code. This cryptanalysis adopts a polynomial-oriented approach and basically consists in searching for two polynomials of low weight such that their product is a public polynomial. Our analysis shows that with high probability a parity-check matrix of a punctured version of the secret code can be recovered with time complexity O `
منابع مشابه
Algebraic Cryptanalysis of Compact McEliece’s Variants – Toward a Complexity Analysis
A new algebraic approach to investigate the security of the McEliece cryptosystem has been proposed by Faugère-Otmani-Perret-Tillich in Eurocrypt 2010. This paper is an extension of this work. The McEliece’s scheme relies on the use of error-correcting codes. It has been proved that the private key of the cryptosystem satisfies a system of bi-homogeneous polynomial equations. This property is d...
متن کاملAlgebraic Cryptanalysis of McEliece Variants with Compact Keys
In this paper we propose a new approach to investigate the security of the McEliece cryptosystem. We recall that this cryptosystem relies on the use of error-correcting codes. Since its invention thirty years ago, no efficient attack had been devised that managed to recover the private key. We prove that the private key of the cryptosystem satisfies a system of bi-homogeneous polynomial equatio...
متن کاملProtograph-based Quasi-Cyclic MDPC Codes for McEliece Cryptosystems
In this paper, ensembles of quasi-cyclic moderatedensity parity-check (MDPC) codes based on protographs are introduced and analyzed in the context of a McEliece-like cryptosystem. The proposed ensembles significantly improve the error correction capability of the regular MDPC code ensembles that are currently considered for post-quantum cryptosystems without increasing the public key size. The ...
متن کاملRésultants de polynômes de Ore et Cryptosystèmes de McEliece sur des Codes Rang faiblement structurés. (Resultants of Ore polynomials and McEliece Cryptosystems based on weakly structured Rank Codes)
Weakly Structured Error Correcting Codes in Rank Metric and their Application to Cryptography The most commonly used encryption techniques in cryptography are based on problems in number theory. Despite their efficiency, they are vulnerable to post-quantum cryptographic attack. Therefore it is relevant to study other types of cryptosystems. In this work we study errorcorrector codes based crypt...
متن کاملLDPC Codes in the McEliece Cryptosystem
The original McEliece cryptosystem, based on Goppa codes, has two important drawbacks: long keys and low transmission rate. LDPC codes seem natural candidates to overcome such drawbacks, because of their sparse parity-check matrices, that could form the public keys, and the flexibility in transmission rates. Moreover, quasi-cyclic (QC) LDPC codes could permit to further reduce the key length. S...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Mathematics in Computer Science
دوره 3 شماره
صفحات -
تاریخ انتشار 2010