International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Wild McEliece

Authors:
Daniel J. Bernstein
Tanja Lange
Christiane Peters
Download:
URL: http://eprint.iacr.org/2010/410
Search ePrint
Search Google
Abstract: The original McEliece cryptosystem uses length-n codes over F_2 with dimension >=n-mt efficiently correcting t errors where 2^m>=n. This paper presents a generalized cryptosystem that uses length-n codes over small finite fields F_q with dimension >=n-m(q-1)t efficiently correcting floor(qt/2) errors where q^m>=n. Previously proposed cryptosystems with the same length and dimension corrected only floor((q-1)t/2) errors for q>=3. This paper also presents list-decoding algorithms that efficiently correct even more errors for the same codes over F_q. Finally, this paper shows that the increase from floor((q-1)t/2) errors to more than floor(qt/2) errors allows considerably smaller keys to achieve the same security level against all known attacks.
BibTeX
@misc{eprint-2010-23311,
  title={Wild McEliece},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / McEliece cryptosystem, Niederreiter cryptosystem, Goppa codes, wild Goppa codes, list decoding},
  url={http://eprint.iacr.org/2010/410},
  note={accepted to SAC 2010 c.p.peters@tue.nl 14812 received 22 Jul 2010},
  author={Daniel J. Bernstein and Tanja Lange and Christiane Peters},
  year=2010
}