Paper 2013/080

An efficient attack of a McEliece cryptosystem variant based on convolutional codes

Grégory Landais and Jean-Pierre Tillich


Löndahl and Johansson proposed last year a variant of the McEliece cryptosystem which replaces Goppa codes by convolutional codes. This modification is supposed to make structural attacks more difficult since the public generator matrix of this scheme contains large parts which are generated completely at random. They proposed two schemes of this kind, one of them consists in taking a Goppa code and extending it by adding a generator matrix of a time varying convolutional code. We show here that this scheme can be successfully attacked by looking for low-weight codewords in the public code of this scheme and using it to unravel the convolutional part. It remains to break the Goppa part of this scheme which can be done in less than a day of computation in the case at hand.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Publick key cryptographyMcEliece cryptosystemcryptanalysisconvolutional codes
Contact author(s)
jean-pierre tillich @ inria fr
2013-02-20: revised
2013-02-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Grégory Landais and Jean-Pierre Tillich},
      title = {An efficient attack of a McEliece cryptosystem variant based on convolutional codes},
      howpublished = {Cryptology ePrint Archive, Paper 2013/080},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.