International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 20 February 2013

Grégory Landais, Jean-Pierre Tillich
ePrint Report ePrint Report
L\\\"ondahl and Johansson proposed last year a variant of the McEliece cryptosystem which

replaces Goppa codes by convolutional codes. This modification is supposed to make

structural attacks more difficult since the public generator matrix of this scheme contains

large parts which are generated completely at random. They proposed two schemes of this

kind, one of them consists in taking a Goppa code and extending it by adding a generator matrix of

a time varying convolutional code. We show here that this scheme can be successfully attacked by looking

for low-weight codewords in the public code of this scheme and using it to unravel the convolutional part.

It remains to break the Goppa part of this scheme which can be done in less than a day of computation in

the case at hand.

Expand

Additional news items may be found on the IACR news page.