Cryptanalysis of McEliece cryptosystem variants based on quasi-cyclic low-density parity check codes

IET Inf. Secur. Pub Date : 2016-07-01 DOI:10.1049/iet-ifs.2015.0064

Masoumeh Koochak Shooshtari, M. Ahmadian-Attari, T. Johansson, M. Aref

{"title":"Cryptanalysis of McEliece cryptosystem variants based on quasi-cyclic low-density parity check codes","authors":"Masoumeh Koochak Shooshtari, M. Ahmadian-Attari, T. Johansson, M. Aref","doi":"10.1049/iet-ifs.2015.0064","DOIUrl":null,"url":null,"abstract":"One of the approaches to modify the McEliece cryptosystem to overcome its large key size is replacing binary Goppa codes with a new structured code. However, this modification makes such cryptosystems encounter some new attacks. There are a few modified McEliece cryptosystem variants which are known to be secure. One of them is the cryptosystem introduced by Baldi et al. which uses quasi-cyclic low-density parity check (QC-LDPC) codes. This cryptosystem is still unbroken as no efficient attack has been reported against it since 2008. In this study, an attack has been applied to this cryptosystem which is feasible when the code length is a multiple of a power of 2. Also an important weakness of this kind of cryptosystem has been pointed out, namely utilising a too low-weight intentional error vector. The authors have established a new security level for this cryptosystem which is applicable to other McEliece-like cryptosystems using QC-LDPC codes. This security level for instance is 29.18 times lower than previous ones in the case of n = 4 x 4096 when only one ciphertext is available. The gain of the attack in this study can be increased if more than one ciphertext is available.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"37 1","pages":"194-202"},"PeriodicalIF":0.0000,"publicationDate":"2016-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/iet-ifs.2015.0064","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

Abstract

One of the approaches to modify the McEliece cryptosystem to overcome its large key size is replacing binary Goppa codes with a new structured code. However, this modification makes such cryptosystems encounter some new attacks. There are a few modified McEliece cryptosystem variants which are known to be secure. One of them is the cryptosystem introduced by Baldi et al. which uses quasi-cyclic low-density parity check (QC-LDPC) codes. This cryptosystem is still unbroken as no efficient attack has been reported against it since 2008. In this study, an attack has been applied to this cryptosystem which is feasible when the code length is a multiple of a power of 2. Also an important weakness of this kind of cryptosystem has been pointed out, namely utilising a too low-weight intentional error vector. The authors have established a new security level for this cryptosystem which is applicable to other McEliece-like cryptosystems using QC-LDPC codes. This security level for instance is 29.18 times lower than previous ones in the case of n = 4 x 4096 when only one ciphertext is available. The gain of the attack in this study can be increased if more than one ciphertext is available.

查看原文本刊更多论文

基于准循环低密度奇偶校验码的McEliece密码系统变体密码分析

修改McEliece密码系统以克服其大密钥大小的方法之一是用新的结构化代码替换二进制Goppa代码。然而，这种修改使得这样的密码系统遇到了一些新的攻击。有一些修改过的McEliece密码系统变种是已知安全的。其中一种是Baldi等人引入的使用准循环低密度奇偶校验(QC-LDPC)码的密码系统。这个密码系统仍然没有被破解，因为自2008年以来就没有针对它的有效攻击。在本研究中，对该密码系统进行了一种攻击，该攻击在码长为2的倍数时是可行的。此外，还指出了这种密码系统的一个重要弱点，即使用过低权重的故意错误向量。作者为该密码系统建立了一个新的安全级别，适用于其他使用QC-LDPC码的类mcelece密码系统。例如，在n = 4 x 4096的情况下，当只有一个密文可用时，此安全级别比以前的安全级别低29.18倍。在本研究中，如果有多个密文可用，则可以增加攻击的增益。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IET Inf. Secur.

自引率

0.00%

发文量