Skip to main content
Log in

Squaring attacks on McEliece public-key cryptosystems using quasi-cyclic codes of even dimension

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We present a general purpose algorithm for finding low-weight codewords as well as for decoding a received codeword in any quasi-cyclic code whose length and dimension is a multiple of a power of 2. In this paper, we apply the algorithm on a McEliece variant recently proposed by Misoczki et al. (MDPC-McEliece: New McEliece variants from moderate density parity-check codes, 2013). In their paper, the authors present instances of LDPC codes with increased weight for use in a McEliece type PKC. They claim that all message-recovery and key-recovery attacks can be avoided. We show that this is not true for certain parameters and public-key matrices.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. In the early version of the publication.

References

  1. Baldi M.: LDPC codes in the McEliece cryptosystem: attacks and countermeasures. In: NATO Science for Peace and Security Series—D: Information and Communication Security. LNCS, vol. 23 of , pp. 160–174 (2009).

  2. Baldi M., Bodrato M., Chiaraluce F.: A new analysis of the McEliece cryptosystem based on QC–LDPC codes. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) 6th International Conference on Security and Cryptography for Networks (SCN 2008). LNCS, vol. 5229, pp. 246–262. Springer, Berlin (2008).

  3. Baldi M., Bambozzi F., Chiaraluce F.: On a family of circulant matrices for quasi-cyclic low-density generator matrix codes. IEEE Trans. Inf. Theory 57(9), 6052–6067 (2011).

  4. Baldi M., Bianchi M., Chiaraluce F.: Security and complexity of the McEliece cryptosystem based on quasi-cyclic low-density parity-check codes. IET Inf. Secur. 7(3), 212–220 (2013).

  5. Baldi M., Bianchi M., Chiaraluce F.: Optimization of the parity-check matrix density in QC–LDPC code-based McEliece cryptosystems. In: Workshop on Information Security Over Noisy and Lossy Communication Systems (IEEE ICC 2013) (2013).

  6. Baldi M., Chiaraluce F., Garello R., Mininni F.: Quasi-cyclic low-density parity-check codes in the McEliece cryptosystem. In: Proceedings of IEEE International Conference on Communications (ICC 2007), pp. 951–956 (2007).

  7. Becker A., Joux A., May A., Meurer A.: Decoding random binary linear codes in \(2^{n/20}\): How 1 + 1 = 0 improves information set decoding. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 520–536. Springer, Berlin (2012).

  8. Bernstein D.J., Lange T., Peters C.: Attacking and defending the McEliece cryptosystem. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299. pp. 31–46. Springer, Berlin (2008).

  9. Dumer I., Micciancio D., Sudan M.: Hardness of approximating the minimum distance of a linear code. IEEE Trans. Inf. Theory 49(1):22–37 (2007).

  10. Faugère J.C., Otmani A., Perret L., Tillich J-P.: Algebraic cryptanalysis of McEliece variants with compact keys. In: Gilbert, H. (eds.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 279–298. Springer, Berlin (2010).

  11. Gaborit P.: Shorter keys for code based cryptography. In: International Workshop on Coding and Cryptography. LNCS, vol. 6110, pp. 81–91 (2005).

  12. Heyse S., von Maurich I., Güneysu T.: Smaller keys for code-based cryptography: QC-MDPC McEliece implementations on embedded devices. In: Bertoni, G., Coron, J. (eds.) CHES 2013. LNCS, vol. 8086, pp. 273–292. Springer, Berlin (2013).

  13. Johansson T., Löndahl C.: An improvement to Stern’s algorithm, internal report. http://lup.lub.lu.se/record/2204753 (2011).

  14. Koochak Shooshtari M., Ahmadian M., Payandeh A.: Improving the security of McEliece-like public key cryptosystem based on LDPC codes. In: Proceedings of the 11th International Conference on Advanced Communication Technology (ICACT’09), pp. 1050–1053. IEEE Press, New York (2009).

  15. Löndahl C.: Some notes on code-based cryptography, PhD thesis, Lund University. http://lup.lub.lu.se/record/4934002 (2014).

  16. Löndahl C., Johansson T.: A new version of McEliece PKC based on convolutional codes. In: Information and Communications Security. LNCS, vol. 7618, pp. 461–470. Springer, Berlin (2012).

  17. Löndahl C., Johansson T.: Improved algorithms for finding low-weight polynomial multiples in \({\mathbb{F}}_{2}^{}[x]\) and some cryptographic applications. Des. Codes Cryptogr. 73(2), 625–640 (2014).

  18. May A., Meurer A., Thomae E.: Decoding random linear codes in \(\tilde{O}({2^{0.054n}})\). In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 107–124. Springer, Berlin (2011).

  19. McEliece R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Prog. Rep. 42(44), 114–116 (1978).

  20. Misoczki R., Tillich J-P., Sendrier N., Barreto P.S.L.M.: MDPC-McEliece: new McEliece variants from moderate density parity-check codes ePrint archive 2012/409 (2013).

  21. Misoczki R., Tillich J-P., Sendrier N., Barreto P.S.L.M.: MDPC-McEliece: new McEliece variants from moderate density parity-check codes. In: IEEE International Symposium on Information Theory (ISIT’2013), pp. 2069–2073 (2013).

  22. Monico C., Rosenthal J., Shokrollahi A.: Using low density parity check codes in the McEliece cryptosystem. In: IEEE International Symposium on Information Theory (ISIT’2000), p. 215 (2000).

  23. Sendrier N.: Decoding one out of many. In Yang, B. (eds.) Post-Quantum Cryptography. LNCS, vol. 7071, pp. 51–67. Springer, Berlin (2011).

  24. Shor P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science, 20–22 Nov 1994, Santa Fe, pp. 124–134. IEEE Press, New York (1994).

  25. Sidelnikov V.M., Shestakov S.O.: On the insecurity of cryptosystems based on generalized Reed–Solomon codes. Discret. Math. Appl. 2(4), 439–444 (1992).

  26. Stern J.: A method for finding codewords of small weight. In: Wolfmann, J., Cohen, G.D. (eds.) Coding Theory and Applications. LNCS, vol. 388, pp. 106–113. Springer, Berlin (1989).

Download references

Acknowledgments

The authors would like to thank the anonymous reviewers for extremely useful comments on the reconstruction that greatly helped to improve the publication. The first author would like to thank Pierre Loidreau for useful discussions during an invited stay at IRMAR, Rennes. This research was funded by grant 621-2009-4646 from the Swedish Research Council. It was also supported in part by the Ministry of Science, Research and Technology of I. R. Iran, Iranian National Science Foundation (INSF) cryptography chair and Iran Telecommunications Research Center (ITRC) grant T/500/19241.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Carl Löndahl.

Additional information

Communicated by J.-L. Kim.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Löndahl, C., Johansson, T., Koochak Shooshtari, M. et al. Squaring attacks on McEliece public-key cryptosystems using quasi-cyclic codes of even dimension. Des. Codes Cryptogr. 80, 359–377 (2016). https://doi.org/10.1007/s10623-015-0099-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-015-0099-x

Keywords

Mathematics Subject Classification

Navigation