An Efficient CCA2-Secure Variant of the McEliece Cryptosystem in the Standard Model
This work addresses a fundamental problem in code-based public-key encryption by providing an efficient CCA2-secure scheme, which is crucial for practical applications in cryptography.
The paper tackles the inefficiency of existing CCA2-secure variants of the McEliece cryptosystem, which have large key sizes and separate encryption, by proposing a new variant that is efficient and based on a generic conversion applicable to any one-way trapdoor function, resolving a long-standing problem in public-key cryptography.
Recently, a few chosen-ciphertext secure (CCA2-secure) variants of the McEliece public-key encryption (PKE) scheme in the standard model were introduced. All the proposed schemes are based on encryption repetition paradigm and use general transformation from CPA-secure scheme to a CCA2-secure one. Therefore, the resulting encryption scheme needs \textit{separate} encryption and has \textit{large} key size compared to the original scheme, which complex public key size problem in the code-based PKE schemes. Thus, the proposed schemes are not sufficiently efficient to be used in practice. In this work, we propose an efficient CCA2-secure variant of the McEliece PKE scheme in the standard model. The main novelty is that, unlike previous approaches, our approach is a generic conversion and can be applied to \textit{any} one-way trapdoor function (OW-TDF), the lowest-level security notion in the context of public-key cryptography, resolving a big fundamental and central problem that has remained unsolved in the past two decades.