In this study, the authors elaborate on a recently proposed variant of the public-key McEliece and Niederreiter cryptosystems using generalised Reed–Solomon (GRS) codes as private codes. The use of these codes brings known advantages in terms of public key size, but particular care is needed in the choice of parameters not to endanger the system security. In fact, the considered system exploits a strong disguising technique of the private code within the public code. However, it has recently been pointed out that some new attacks exist which may threaten some instances of such a system, therefore the choice of parameters needs to consider some further constraints compared to the original version. After outlining these constraints, the authors propose a new modification of the system achieving greater flexibility in the parameter choice. Moreover, the new system exhibits a lower complexity than the original GRS code-based system. Its very competitive features such as key size and encryption rate are highlighted with respect to classic systems.
Security of generalised Reed–Solomon code-based cryptosystems / Baldi, Marco; Chiaraluce, Franco; Rosenthal, Joachim; Santini, Paolo; Schipani, DAVIDE MOSE. - In: IET INFORMATION SECURITY. - ISSN 1751-8709. - ELETTRONICO. - 13:4(2019), pp. 404-410. [10.1049/iet-ifs.2018.5207]
Security of generalised Reed–Solomon code-based cryptosystems
Baldi, Marco
;Chiaraluce, Franco;Santini, Paolo;SCHIPANI, DAVIDE MOSE
2019-01-01
Abstract
In this study, the authors elaborate on a recently proposed variant of the public-key McEliece and Niederreiter cryptosystems using generalised Reed–Solomon (GRS) codes as private codes. The use of these codes brings known advantages in terms of public key size, but particular care is needed in the choice of parameters not to endanger the system security. In fact, the considered system exploits a strong disguising technique of the private code within the public code. However, it has recently been pointed out that some new attacks exist which may threaten some instances of such a system, therefore the choice of parameters needs to consider some further constraints compared to the original version. After outlining these constraints, the authors propose a new modification of the system achieving greater flexibility in the parameter choice. Moreover, the new system exhibits a lower complexity than the original GRS code-based system. Its very competitive features such as key size and encryption rate are highlighted with respect to classic systems.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
