No announcement yet.

McEliece Crypto Cracked:

  • Filter
  • Time
  • Show
Clear All
new posts

  • McEliece Crypto Cracked:


    McEliece Crypto Cracked: Sleeping Better Now?

    When it comes to network intruders, we weren't safe then, we aren't safe now, and from all indications, we won't be safe in the future, or so it seems thanks to researchers at Eindhoven University of Technology. On the other hand, maybe we will be safer--and sleep better--in the future because of the efforts of Tanja Lange, Christiane Peters, and Daniel Bernstein who cracked the McEliece encryption system, which has been considered a strong security candidate for handling Internet traffic as we move into quantum computing.

    They describe their breakthrough in Attacking and Defending the McEliece Cryptosystem. For information on the McEliece public-key encryption, see the Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone.

    What enabled the successful attacks against the McEliece cryptosystem was speed and horsepower. The researchers wrote software that would decrypt a McEliece ciphertext in just one week on a cluster of 200 computers located around the world. The cryptosystem was actually cracked by Dublin City University Ph.D. student Neill Costigan and Professor Michael Scott who reportedly ran Lange et al.'s software for 8000 hours.

    At present, says Lange in their paper Attacking and Defending the McEliece Cryptosystem, banks use the RSA code from 1977 for securing matters such as electronic transactions. For RSA, the currently used key sizes are significantly larger than initially thought--a single PC would need only three weeks to break the parameters from the original paper. Yet a quantum computer will have no problems cracking even the improved current version. For this reason, anticipating the introduction of the quantum computer (which Lange thinks will take at least 10 more years) and to deal with long-term confidentiality such as health records, researchers are trying to find better encryption systems. Still, says, Lange, the McEliece cryptosystem can be scaled to larger key sizes to avoid their attacks and remains a leading candidate for post-quantum cryptography.

    -- Jonathan Erickson

    Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.