|
|||||
|
|
Semantic security for the McEliece cryptosystem without random oracles |
|
| Authors: | Ryo Nojima Hideki Imai Kazukuni Kobara Kirill Morozov |
| Affiliation: | 1. Information Security Research Center, National Institute of Information and Communications Technology (NICT), Tokyo, Japan 2. Department of Electrical, Electronic and Communication Engineering, Chuo University, Tokyo, Japan 3. Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan |
| Abstract: | In this paper, we formally prove that padding the plaintext with a random bit-string provides the semantic security against chosen plaintext attack (IND-CPA) for the McEliece (and its dual, the Niederreiter) cryptosystems under the standard assumptions. Such padding has recently been used by Suzuki, Kobara and Imai in the context of RFID security. Our proof relies on the technical result by Katz and Shin from Eurocrypt ’05 showing “pseudorandomness” implied by the learning parity with noise (LPN) problem. We do not need the random oracles as opposed to the known generic constructions which, on the other hand, provide a stronger protection as compared to our scheme—against (adaptive) chosen ciphertext attack, i.e., IND-CCA(2). In order to show that the padded version of the cryptosystem remains practical, we provide some estimates for suitable key sizes together with corresponding workload required for successful attack. |
| Keywords: | |
| 本文献已被 SpringerLink 等数据库收录! | |