Questions tagged [niederreiter]

The Niederreiter cryptosystem is a variation of the McEliece Cryptosystem and is equivalent to McEliece from a security point of view, but encryption using Niederreiter is about ten times faster than encryption with McEliece.

Niederreiter applies the same idea as to the parity check matrix H of a linear code. It uses a syndrome as ciphertext and the message is an error pattern. Niederreiter can be used to construct a digital signature scheme.

The cryptosystem was developed and published by Harald Niederreiter in 1986.

"Knapsack-type cryptosystems and algebraic coding theory" by H. Niederreiter (1986).
in Problems of Control and Information Theory. Problemy Upravlenija i Teorii Informacii 15
Pages 159–166.

12 questions

votes

1 answer

Why doesn't “Classic McEliece” need scrambling?

The original McEliece scheme uses two random matrices S and P to scramble the generator matrix and uses $\mathsf S·\mathsf G·\mathsf P$ as the public key. The Niederreiter variant also does about the same thing. However, in the Classic McEliece…

asked Apr 20 '19 at 13:03

Marian

votes

1 answer

McEliece/Niederreiter signature scheme

What is the reason for why the McEliece/Niederreiter signature scheme[1] was not put forward for standardization at the NIST competition? And has it been put forward or made a standard anywhere else? Would it not be an attractive target for…

signature dsa nist mceliece niederreiter

asked Jan 09 '25 at 23:25

Reiter

votes

2 answers

Decrypting McEliece if security assumptions fail

1. G known - how to decrypt Referring to this question: Basic attacks on McEliece; finding S and P (nobody answered) Take a McEliece cryptosystem with public generator matrix $G′=SGP$ where $G$ is a generator matrix of a secret code with known fast…

coding-theory mceliece niederreiter

asked Sep 08 '23 at 11:37

fepaul

votes

0 answers

A proposal for randomization of Niederreiter cryptosystem

The Niederreiter cryptosystem is a public key cryptosystem using Goppa code. Unfortunately it it is insecure unless it is a binary code. So I thought I could insert random linear codes into randomly selected columns of the public key in the parity…

public-key cryptanalysis post-quantum-cryptography niederreiter code-based-cryptography

asked Jul 30 '19 at 23:28

cryptomania

votes

2 answers

Niederreiter cryptosystem

I can't understand how Niederreiter cryptosystem works. If $c=mH^{'T}$ than why we cannot compute $m$ directly by multiplying $c$ with the $(H^{'T})^{-1}$? Can you give me an example of a "fast decoding algorithm"? Thank you!

post-quantum-cryptography niederreiter

asked Feb 08 '19 at 11:32

mip

vote

1 answer

why Niederreiter cryptosystem is not a candidate in NIST PQC competition?

Seemingly, Niederreiter cryptosystem is faster than McEliece, and it can also be used to implement digital signature. Why isn't this scheme appear in NIST post quantum competition?

post-quantum-cryptography mceliece niederreiter

asked Dec 14 '20 at 09:31

Evgeni Vaknin

1,155
8
20

vote

1 answer

Proof that Niederreiter Cryptosystem is correct

I read about Niederreiter Cryptosystem. I understood the Key Generator, encryption and decryption of the cryptosystem, but if I want to prove that is a correct cryptosystem, what should I do?

encoding key-generation coding-theory decryption niederreiter

asked Jan 09 '20 at 10:33

CodingGuy

vote

0 answers

Is there a public-key system that can chain?

Does there exist any asymmetric cryptosystem that has the following properties: If I know somebody's public key PBK_1 and my own key pair (PVK_2,PBK_2), I can construct a new public key PBK_3 such that: enc(M,PBK_3) = enc(enc(M,PBK_1),PBK_2) and…

public-key niederreiter

asked May 26 '19 at 21:01

Tehom - Tom Breton

vote

0 answers

Does the McBits cryptosystem work without permutation matrix?

I'm studying post quantum cryptography and recently found McBits (PDF) that is a version of the Niederreiter cryptosystem. I think I understand most of how the system works, but got a bit confused when I looked at the generation of the keys. In the…

post-quantum-cryptography niederreiter

asked Apr 21 '17 at 07:54

Maurax

vote

1 answer

McEliece variants that support signatures

Besides the Niederreiter cryptosystem, are there any other variants that support digital signatures? Can any of them sign arbitrary signatures unlike the Niederreiter cryptosystem? What are the key and signature sizes?

post-quantum-cryptography mceliece niederreiter

asked Apr 08 '16 at 15:05

Melab

4,178
4
24
49

votes

0 answers

Question Error Correcting Codes

Let $C$ be a code over the finite field $GF(2)$ with generator matrix $G$ and parity matrix $H$. Let $e+C=C'$ be a coset of code $C$. Let $S$ be a non-singular matrix and $H'=H\times S$. Finally, let $C''\subset C'$. Is there any efficient way of…

post-quantum-cryptography niederreiter

asked Jan 22 '14 at 10:25

juaninf

2,781
3
21
29

votes

1 answer

How to choose rank(A) independant columns of matrix A efficiently

Is there a better way than brute forcing (choose $k=\mathrm{rank}(A)$ first columns - test the determinant, if determinant = 0 choose new column set - there are $\binom nk$ many possibilities which is inefficient if the full rank sub matrices are…

coding-theory mceliece niederreiter

asked Sep 10 '23 at 14:21

fepaul