Abstract
McEliece is one of the oldest known public key cryptosystems. Though it was less widely studied than RSA, it is remarkable that all known attacks are still exponential. It is widely believed that code-based cryptosystems like McEliece do not allow practical digital signatures. In the present paper we disprove this belief and show a way to build a practical signature scheme based on coding theory. Its security can be reduced in the random oracle model to the well-known syndrome decoding problem and the distinguishability of permuted binary Goppa codes from a random code. For example we propose a scheme with signatures of 81-bits and a binary security workfactor of 283.
Chapter PDF
Similar content being viewed by others
Keywords
References
A. Barg. Some new NP-complete coding problems. Problemy Peredachi Informatsii, 30:23–28, 1994 (in Russian).
A. Barg. Handbook of Coding theory, chapter 7-Complexity issues in coding theory. North-Holland, 1999.
E. R. Berlekamp, R. J. McEliece, and H. C. van Tilborg. On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory, 24(3), May 1978.
A. Canteaut and F. Chabaud. A new algorithm for finding minimum-weight words in a linear code: Application to McEliece’s cryptosystem and to narrow-sense BCH codes of length 511. IEEE Transactions on Information Theory, 44(1):367–378, January 1998.
N. Courtois, M. Finiasz, and N. Sendrier. How to achieve a McEliece-based digital signature scheme. Cryptology ePrint Archive, Report 2001/010, February 2001. http://eprint.iacr.org/ et RR-INRIA 4118.
K. Kobara and H. Imai. Semantically secure McEliece public-key cryptosystems-Conversions for McEliece PKC-. In PKC’2001, LNCS, Cheju Island, Korea, 2001. Springer-Verlag.
P. J. Lee and E. F. Brickell. An observation on the security of McEliece’s publickey cryptosystem. In C. G. Günther, editor, Advances in Cryptology-EUROCRYPT’88, number 330 in LNCS, pages 275–280. Springer-Verlag, 1988.
Y. X. Li, R. H. Deng, and X. M. Wang. On the equivalence of McEliece’s and Niederreiter’s public-key cryptosystems. IEEE Transactions on Information Theory, 40(1):271–273, January 1994.
P. Loidreau and N. Sendrier. Weak keys in McEliece public-key cryptosystem. IEEE Transactions on Information Theory, 47(3):1207–1212, April 2001.
F. J. MacWilliams and N. J. A. Sloane. The Theory of Error-Correcting Codes. North-Holland, 1977.
R. J. McEliece. A public-key cryptosystem based on algebraic coding theory. DSN Prog. Rep., Jet Prop. Lab., California Inst. Technol., Pasadena, CA, pages 114–116, January 1978.
H. Niederreiter. Knapsack-type crytosystems and algebraic coding theory. Prob. Contr. Inform. Theory, 15(2):157–166, 1986.
J. Patarin. Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms. In Eurocrypt’96, LNCS, pages 33–48, 1996.
J. Patarin, L. Goubin, and N. Courtois. 128-bit long digital signatures. In Cryptographers’ Track Rsa Conference 2001, San Francisco, April 2001. Springer-Verlag. to appear.
E. Petrank and R. M. Roth. Is code equivalence easy to decide? IEEE Transactions on Information Theory, 43(5):1602–1604, September 1997.
A. Vardy. The Intractability of Computing the Minimum Distance of a Code. IEEE Transactions on Information Theory, 43(6):1757–1766, November 1997.
N. Sendrier. Finding the permutation between equivalent codes: the support splitting algorithm. IEEE Transactions on Information Theory, 46(4):1193–1203, July 2000.
J. Stern. A method for finding codewords of small weight. In G. Cohen and J. Wolfmann, editors, Coding theory and applications, number 388 in LNCS, pages 106–113. Springer-Verlag, 1989.
J. Stern. A new identification scheme based on syndrome decoding. In D. R. Stinson, editor, Advances in Cryptology-CRYPTO’93, number 773 in LNCS, pages 13–21. Springer-Verlag, 1993.
J. Stern. Can one design a signature scheme based on error-correcting codes ? In Asiacrypt 1994, number 917 in LNCS, pages 424–426. Springer-Verlag, 1994. Rump session.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Courtois, N.T., Finiasz, M., Sendrier, N. (2001). How to Achieve a McEliece-Based Digital Signature Scheme. In: Boyd, C. (eds) Advances in Cryptology — ASIACRYPT 2001. ASIACRYPT 2001. Lecture Notes in Computer Science, vol 2248. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45682-1_10
Download citation
DOI: https://doi.org/10.1007/3-540-45682-1_10
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42987-6
Online ISBN: 978-3-540-45682-7
eBook Packages: Springer Book Archive