Article thumbnail

Wild McEliece

By Daniel J. Bernstein, Tanja Lange and Christiane Peters


Abstract. The original McEliece cryptosystem uses length-n codes over F2 with dimension ≥ n−mt efficiently correcting t errors where 2 m ≥ n. This paper presents a generalized cryptosystem that uses length-n codes over small finite fields Fq with dimension ≥ n − m(q − 1)t efficiently correcting ⌊qt/2 ⌋ errors where q m ≥ n. Previously proposed cryptosystems with the same length and dimension corrected only ⌊(q − 1)t/2⌋ errors for q ≥ 3. This paper also presents list-decoding algorithms that efficiently correct even more errors for the same codes over Fq. Finally, this paper shows that the increase from ⌊(q − 1)t/2 ⌋ errors to more than ⌊qt/2 ⌋ errors allows considerably smaller keys to achieve the same security level against all known attacks

Topics: McEliece cryptosystem, Niederreiter cryptosystem, Goppa codes, wild Goppa codes
Year: 2010
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.