Informations pratiques

Description de la ressource

Résumé

In this session, we will study the notion of security of public-key scheme. A public-key scheme is one-way if the probability of success of any adversary running in polynomial time is negligible. That is, without the private key, it is computationally impossible to recover the plaintext. For the McEliece, if we assume that the general decoding problem of a linear code is on average a difficult problem and there exists no efficient distinguisher for Goppa codes, then the McEliece scheme has the One-Wayness property. However, McEliece is vulnerable to many attacks as we will see in the following slides, and also in the next session. In this session, we will use the notion of Oracle, along the following slides. An Oracle is simply a system that takes queries and provides answers. The queries might be plaintext or ciphertext and the answers are the corresponding ciphertext or plaintext. Non-malleability guarantees that it is infeasible to modify the ciphertext into another ciphertext of related messages. The following attack tells us that the McEliece does not satisfy non-malleability. Suppose that the adversary intercepts a ciphertext. That is, the ciphertext is the sum of an encoded message and a random error. Then, the adversary can choose a codeword and generate a new ciphertext without knowing the original plaintext. And there exists a relation between the first plaintext and the new plaintext. Now, suppose that the adversary has access to a decryption Oracle.

"Domaine(s)" et indice(s) Dewey

• Analyse numérique (518)
• Théorie de l'information (003.54)
• données dans les systèmes informatiques (005.7)
• cryptographie (652.8)
• Mathématiques (510)

Domaine(s)

• Cette ressource fait partie de
  • 2: McEliece Cryptosystem