Results 1 
8 of
8
How to achieve a McEliecebased digital signature scheme
, 2001
"... Abstract. McEliece is one of the oldest known public key cryptosystems. Though it was less widely studied than RSA, it is remarkable that all known attacks are still exponential. It is widely believed that codebased cryptosystems like McEliece do not allow practical digital signatures. In the prese ..."
Abstract

Cited by 63 (7 self)
 Add to MetaCart
(Show Context)
Abstract. McEliece is one of the oldest known public key cryptosystems. Though it was less widely studied than RSA, it is remarkable that all known attacks are still exponential. It is widely believed that codebased cryptosystems like McEliece do not allow practical digital signatures. In the present paper we disprove this belief and show a way to build a practical signature scheme based on coding theory. Its security can be reduced in the random oracle model to the wellknown syndrome decoding problem and the distinguishability of permuted binary Goppa codes from a random code. For example we propose a scheme with signatures of 81bits and a binary security workfactor of 2 83.
Security Bounds for the Design of CodeBased Cryptosystems
, 2009
"... Codebased cryptography is often viewed as an interesting “PostQuantum” alternative to the classical number theory cryptography. Unlike many other such alternatives, it has the convenient advantage of having only a few, well identified, attack algorithms. However, improvements to these algorithms h ..."
Abstract

Cited by 36 (5 self)
 Add to MetaCart
Codebased cryptography is often viewed as an interesting “PostQuantum” alternative to the classical number theory cryptography. Unlike many other such alternatives, it has the convenient advantage of having only a few, well identified, attack algorithms. However, improvements to these algorithms have made their effective complexity quite complex to compute. We give here some lower bounds on the work factor of idealized versions of these algorithms, taking into account all possible tweaks which could improve their practical complexity. The aim of this article is to help designers select durably secure parameters.
Improved fast syndrome based cryptographic hash functions
 in Proceedings of ECRYPT Hash Workshop 2007 (2007). URL: http://wwwroc.inria.fr/secret/Matthieu.Finiasz
"... Abstract. Recently, some collisions have been exposed for a variety of cryptographic hash functions [19] including some of the most widely used today. Many other hash functions using similar constrcutions can however still be considered secure. Nevertheless, this has drawn attention on the need for ..."
Abstract

Cited by 28 (6 self)
 Add to MetaCart
(Show Context)
Abstract. Recently, some collisions have been exposed for a variety of cryptographic hash functions [19] including some of the most widely used today. Many other hash functions using similar constrcutions can however still be considered secure. Nevertheless, this has drawn attention on the need for new hash function designs. In this article is presented a familly of secure hash functions, whose security is directly related to the syndrome decoding problem from the theory of errorcorrecting codes. Taking into account the analysis by Coron and Joux [4] based on Wagner’s generalized birthday algorithm [18] we study the asymptotical security of our functions. We demonstrate that this attack is always exponential in terms of the length of the hash value. We also study the workfactor of this attack, along with other attacks from coding theory, for non asymptotic range, i.e. for practical values. Accordingly, we propose a few sets of parameters giving a good security and either a faster hashing or a shorter desciption for the function. Key Words: cryptographic hash functions, provable security, syndrome decoding, NPcompleteness, Wagner’s generalized birthday problem.
A Fast Provably Secure Cryptographic Hash Function
 Proceedings of the 2 nd Conference on ObjectOriented Technology and Systems (COOTS’96), Usenix Association
, 1996
"... We propose a family of fast and provably secure cryptographic hash functions. The security of these functions relies directly on the wellknown syndrome decoding problem for linear codes. Attacks on this problem are well identified and their complexity is known. This enables us to study precisely ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
(Show Context)
We propose a family of fast and provably secure cryptographic hash functions. The security of these functions relies directly on the wellknown syndrome decoding problem for linear codes. Attacks on this problem are well identified and their complexity is known. This enables us to study precisely the practical security of the hash functions and propose valid parameters for implementation. Furthermore, the design proposed here is fully scalable, with respect to security, hash size and output rate.
ParallelCFS Strengthening the CFS McElieceBased Signature Scheme
"... Abstract. This article presents a modification of the CFS code based signature scheme. By producing two (or more generally i) signatures in parallel, we show that it is possible to protect this scheme from “one out of many ” decoding attacks. With this modification, and at the cost of slightly large ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Abstract. This article presents a modification of the CFS code based signature scheme. By producing two (or more generally i) signatures in parallel, we show that it is possible to protect this scheme from “one out of many ” decoding attacks. With this modification, and at the cost of slightly larger signatures, it is possible to use smaller parameters for the CFS signature, thus making this new ParallelCFS construction more practical than standard CFS signatures.