A CCA2 Secure Variant of the McEliece Cryptosystem
This addresses a critical security gap for post-quantum cryptography, offering a more robust alternative to number-theoretical cryptosystems, though it is incremental based on existing techniques.
The authors tackled the lack of chosen ciphertext attack (CCA2) security in the McEliece cryptosystem by presenting the first construction secure in the standard model, inspired by a recent technique from Rosen and Segev.
The McEliece public-key encryption scheme has become an interesting alternative to cryptosystems based on number-theoretical problems. Differently from RSA and ElGa- mal, McEliece PKC is not known to be broken by a quantum computer. Moreover, even tough McEliece PKC has a relatively big key size, encryption and decryption operations are rather efficient. In spite of all the recent results in coding theory based cryptosystems, to the date, there are no constructions secure against chosen ciphertext attacks in the standard model - the de facto security notion for public-key cryptosystems. In this work, we show the first construction of a McEliece based public-key cryptosystem secure against chosen ciphertext attacks in the standard model. Our construction is inspired by a recently proposed technique by Rosen and Segev.