Abstract
In this paper we look at the Gabidulin version of the McEliece cryptosystem (GPT) and its variants. We give an overview over the existing structural attacks on the basic scheme, and show how to combine them to get an effective attack for every GPT variant. As a consequence, there are no secure parameter sets left for GPT variants, which one would like to use in practice.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
T.P. Berger, P. Loidreau, Security of the Niederreiter form of the GPT public-key cryptosystem, in IEEE International Symposium on Information Theory, Lausanne, Suisse (IEEE Press, New York, 2002)
T.P. Berger, P. Loidreau, How to mask the structure of codes for a cryptographic use, Des. Codes Cryptogr. 35(1), 63–79 (2005)
N. Courtois, M. Finiasz, N. Sendrier, How to achieve a McEliece-based digital signature scheme, in Advances in Cryptology—ASIACRYPT 2001, vol. 2248 (Springer, Berlin, 2001), pp. 157–174
S.R. Finch, Mathematical Constants. Encyclopedia of Mathematics and Applications. Cambridge, 2003. See http://mathworld.wolfram.com/InfiniteProduct.html
E.M. Gabidulin, On public-key cryptosystems based on linear codes, in Proc. of 4th IMA Conference on Cryptography and Coding 1993. Codes and Ciphers (IMA Press, Southend-on Sea, 1995)
E.M. Gabidulin, P. Loidreau, Subfield subcodes of maximum-rank distance codes, in Seventh International Workshop on Algebraic and Combinatorial Coding Theory. ACCT, vol. 7, pp. 151–156 (2000)
E.M. Gabidulin, A.V. Ourivski, Column scrambler for the GPT cryptosystem, Discrete Appl. Math. 128(1), 207–221 (2003)
E.M. Gabidulin, A.V. Paramonov, O.V. Tretjakov, Ideals over a non-commutative ring and their applications to cryptography, in Proc. Eurocrypt ’91. LNCS, vol. 547 (Springer, Berlin, 1991)
E.M. Gabidulin, A.V. Ourivski, B. Honary, B. Ammar, Reducible rank codes and their applications to cryptography, IEEE Trans. Inform. Theory 49(12), 3289–3293 (2003)
J.K. Gibson, Severely denting the Gabidulin version of the McEliece public key cryptosystem, Des. Codes Cryptogr. 6(1), 37–45 (1995)
K. Gibson, The security of the Gabidulin public key cryptosystem, in Proc. of Eurocrypt’96. LNCS, vol. 1070 (Springer, Berlin, 1996), pp. 212–223
T. Johansson, A.V. Ourivski, New technique for decoding codes in the rank metric and its cryptography applications, Problems Inform. Transm. 38(3), 237–246 (2002)
P. Loidreau, R. Overbeck, Decoding rank errors beyond the error-correction capability, in Proc. of ACCT-10, Zvenigorod (2006)
R.J. McEliece, A public key cryptosystem based on algebraic coding theory, DSN Prog. Rep. 42–44, 114–116 (1978)
A.V. Ourivski, Recovering a parent code for subcodes of maximal rank distance codes, in Proc. of WCC 03, pp. 357–363 (2003)
R. Overbeck, Decoding interleaved Gabidulin codes and ciphertext-security for GPT variants. Available at http://eprint.iacr.org/2006/222
R. Overbeck, A new structural attack for GPT and variants, in Proc. of Mycrypt 2005. LNCS, vol. 3715 (Springer, Berlin, 2005), pp. 50–63
R. Overbeck, Extending Gibson’s attacks on the GPT cryptosystem, in Proc. of WCC 2005. LNCS, vol. 3969 (Springer, Berlin, 2006), pp. 178–188
M. Ogle, T. Migler, K.E. Morrison, Weight and rank of matrices over finite fields, 2003. Available at http://www.calpoly.edu/~kmorriso/Research/research.html
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Lars R. Knudsen
Rights and permissions
About this article
Cite this article
Overbeck, R. Structural Attacks for Public Key Cryptosystems based on Gabidulin Codes. J Cryptol 21, 280–301 (2008). https://doi.org/10.1007/s00145-007-9003-9
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-007-9003-9