- مبلغ: ۸۶,۰۰۰ تومان
- مبلغ: ۹۱,۰۰۰ تومان
Nowadays public-key cryptography is based on number theory problems, such as computing the discrete logarithm on an elliptic curve or factoring big integers. Even though these problems are considered difficult to solve with the help of a classical computer, they can be solved in polynomial time on a quantum computer. Which is why the research community proposed alternative solutions that are quantum-resistant. The process of finding adequate post-quantum cryptographic schemes has moved to the next level, right after NIST’s announcement for post-quantum standardization. One of the oldest quantum-resistant proposition goes back to McEliece in 1978, who proposed a public-key cryptosystem based on coding theory. It benefits of really efficient algorithms as well as a strong mathematical background. Nonetheless, its security has been challenged many times and several variants were cryptanalyzed. However, some versions remain unbroken. In this paper, we propose to give some background on coding theory in order to present some of the main flawless in the protocols. We analyze the existing side-channel attacks and give some recommendations on how to securely implement the most suitable variants. We also detail some structural attacks and potential drawbacks for new variants.
VII. CONCLUSIONS AND PERSPECTIVES
Code-based cryptography became one of the most promising post-quantum security solutions. It is a dynamic field, especially because of the NIST’s standardization. However, the community needs to be aware of several weaknesses, that are theoretical as well as physical. The mathematical problems in code-based cryptography are well known. Depending on the chosen code, the first issue is to distinguish it from a random code. On one hand, message recovery attacks are mainly based on the information decoding problem. On the other hand, key recovery attacks are much difficult to classify, by their various methods, but much more efficient from the attacker point of view. Side-channel analysis must be performed on digital signature schemes and key-establishment algorithms. These schemes are the most deployed in real-world. Side-channel analysis should also be improved on public-key encryption.