Amount of Key Information Contained in Plain and Encrypted Text Sets of the Symmetric Randomized McEliece Cryptosystem
- PDF / 107,525 Bytes
- 5 Pages / 594 x 792 pts Page_size
- 23 Downloads / 185 Views
AMOUNT OF KEY INFORMATION CONTAINED IN PLAIN AND ENCRYPTED TEXT SETS OF THE SYMMETRIC RANDOMIZED McELIECE CRYPTOSYSTEM
UDC 621.391:519.2
S. V. Mitin
Abstract. A symmetric code cryptosystem, which is similar to the randomized (asymmetric) McEliece encryption scheme, is considered. An expression for the amount of information on the private key, which can be extracted from public and respective encrypted messages of the cryptosystem, is obtained. It is shown that with this information, the security of the symmetric cryptosystem against attacks based on the known ciphertext coincides with the security of its asymmetric counterpart. Keywords: code-based cryptography, McEliece encryption scheme, randomized code cryptosystem, amount of information.
Creating symmetric post-quantum cryptosystems whose security is based on the complexity of solution of a unique computing problem like RSA cryptosystem security is based on the complexity of factorization of integers is important problems of the modern cryptography. Code cryptosystems form a promising class for creation of such cryptosystems, and the McEliece cryptosystem is the first asymmetric one among them [1]. Nowadays, several types of symmetric code cryptosystems similar to the McEliece cryptosystem are known. These are Jordan [2] and Rao [3] encryption schemes, Rao–Nam cryptosystem [4], and a number of its refinements [5, 6]. However, none of them completely meets modern requirements to security and efficiency simultaneously. The presented paper is devoted to the analysis of a symmetric code cryptosystem, which is an analog of the McEliece randomized encryption schemes proposed in [7] and will determine what information on private key the opponent can extract if there is an access to the encryption oracle of the cryptosystem. We will obtain an expression for the amount of this information. We will show that given this information, the security of the symmetric cryptosystem against attacks based on the known encrypted text coincides with the security of its asymmetric analog. Denote by N = {1, 2, K } the set of natural numbers, Vn is the set of binary vectors of length n, Fm ,n is the set of
( m ´ n) -matrices over the field F = GF(2) , Fn* is the set of invertible matrices of order n over this field, and wt ( x ) = | {i Î1, n : x i = 1}| is the weight of vector x = ( x1 , K , x n ) ÎVn . In what follows, the term ( n, k , d )-code means a binary linear code of length n , of dimension k , with the minimum distance d. The algorithm of decoding ( n, k , d )-code C with parameter t £ ë1 / 2 × ( d - 1) û is defined as an arbitrary algorithm, which receives a vector y = c Å e at the input, such that c ÎC , e ÎVn , wt ( e) £ t , and recovers (a unique) specified pair of words ( c, e) based on y.
Institute of Special Communications and Information Protection, National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute,” Kyiv, Ukraine, [email protected]. Translated from Kibernetika i Sistemnyi Analiz, No. 5, September–October, 2020, pp. 48–53. Origin
Data Loading...
