Cryptography Reference
In-Depth Information
used to exchange session keys, and (2) the encryption scheme is used to encrypt
a long stream of data. In the first scenario the number of session keys in a public
key lifetime must be used to select the security parameters according to the
result of the present study. The second scenario is plausible because code-based
encryption is very fast, but in that case, it is enough to introduce some kind of
chaining between encrypted blocks to counter the attack. Decrypting a single
block will then be of no use to the attacker.
Acknowledgements.
The author would like to thank the anonymous reviewers
for their valuable comments and suggestions to improve the quality of the paper.
References
1. Augot, D., Finiasz, M., Gaborit, P., Manuel, S., Sendrier, N.: SHA-3 proposal:
FSB. Submission to the SHA-3 NIST Competition (2008),
http://www-rocq.inria.fr/secret/CBCrypto/index.php?pg=fsb
2. Augot, D., Finiasz, M., Sendrier, N.: A fast provably secure cryptographic hash
function. Cryptology ePrint Archive, Report 2003/230 (2003),
http://eprint.iacr.org/
3. Barg, A.: Complexity issues in coding theory. In: Pless, V., Huffman, W. (eds.)
Handbook of Coding Theory, vol. I, ch. 7, pp. 649-754. North-Holland (1998)
4. Berlekamp, E., McEliece, R., van Tilborg, H.: On the inherent intractability of
certain coding problems. IEEE Trans. on Information Theory 24(3) (May 1978)
5. Bernstein, D.J., Lange, T., Peters, C.: Attacking and Defending the Mceliece Cryp-
tosystem. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp.
31-46. Springer, Heidelberg (2008)
6. Bernstein, D.J., Lange, T., Peters, C.: Smaller Decoding Exponents: Ball-Collision
Decoding. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 743-760.
Springer, Heidelberg (2011)
7. Bernstein, D.J., Lange, T., Peters, C., Schwabe, P.: Really Fast Syndrome-Based
Hashing. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS,
vol. 6737, pp. 134-152. Springer, Heidelberg (2011)
8. Camion, P., Patarin, J.: The Knapsack Hash Function Proposed at Crypto'89 can
be Broken. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 39-53.
Springer, Heidelberg (1991)
9. Canteaut, A., Chabaud, F.: A new algorithm for finding minimum-weight words in
a linear code: Application to McEliece's cryptosystem and to narrow-sense BCH
codes of length 511. IEEE Trans. on Information Theory 44(1), 367-378 (1998)
10. Coron, J.S., Joux, A.: Cryptanalysis of a provably secure cryptographic hash func-
tion. Cryptology ePrint Archive, Report 2004/013 (2004),
http://eprint.iacr.org/
11. Courtois, N.T., Finiasz, M., Sendrier, N.: How to Achieve a McEliece-Based Digital
Signature Scheme. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 157-
174. Springer, Heidelberg (2001)
12. Dumer, I.: On minimum distance decoding of linear codes. In: Proc. 5th Joint
Soviet-Swedish Int. Workshop Inform. Theory, Moscow, pp. 50-52 (1991)
13. Finiasz, M.: Parallel-CFS: Strengthening the CFS McEliece-Based Signature
Scheme. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS,
vol. 6544, pp. 159-170. Springer, Heidelberg (2011)
