The Code Equivalence problem is that of determining whether two given linear
codes are equivalent to each other up to a permutation of the coordinates. This
problem has a direct reduction to a nonabelian hidden subgroup problem (HSP),
suggesting a possible quantum algorithm analogous to Shor's algorithms for
factoring or discrete log. However, we recently showed that in many cases of
interest---including Goppa codes---solving this case of the HSP requires rich,
entangled measurements. Thus, solving these cases of Code Equivalence via
Fourier sampling appears to be out of reach of current families of quantum
algorithms.
Code equivalence is directly related to the security of McEliece-type
cryptosystems in the case where the private code is known to the adversary.
However, for many codes the support splitting algorithm of Sendrier provides a
classical attack in this case. We revisit the claims of our previous article in
the light of these classical attacks, and discuss the particular case of the
Sidelnikov cryptosystem, which is based on Reed-Muller codes