Paper 2009/509

Practical Key Recovery Attacks On Two McEliece Variants

Valerie Gauthier Umana and Gregor Leander

Abstract

The McEliece cryptosystem is a promising alternative to conventional public key encryption systems like RSA and ECC. In particular, it is supposed to resist even attackers equipped with quantum computers. Moreover, the encryption process requires only simple binary operations making it a good candidate for low cost devices like RFID tags. However, McEliece's original scheme has the drawback that the keys are very large. Two promising variants have been proposed to overcome this disadvantage. The rst one is due to Berger et al. presented at AFRICACRYPT 2009 and the second is due to Barreto and Misoczki presented at SAC 2009. In this paper we rst present a general attack framework and apply it to both schemes subsequently. Our framework allows us to recover the private key for most parameters proposed by the authors of both schemes within at most a few days on a single PC

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
public key cryptographyMcEliece cryptosystemcoding theorypost-quantum cryptography
Contact author(s)
g leander @ mat dtu dk
History
2009-10-26: received
Short URL
https://ia.cr/2009/509
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/509,
      author = {Valerie Gauthier Umana and Gregor Leander},
      title = {Practical Key Recovery Attacks On Two McEliece Variants},
      howpublished = {Cryptology ePrint Archive, Paper 2009/509},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/509}},
      url = {https://eprint.iacr.org/2009/509}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.