[botan-devel] Announcement: McEliece in Botan

Falko Strenzke fstrenzke at cryptosource.de
Thu Sep 26 12:40:27 EDT 2013


I wish to announce that I started working on an implementation of the
McEliece public key cryptosystem in Botan. This cryptosystem is regarded
as secure in the presence of quantum computers (unlike RSA or elliptic
curve based cryptography). The implementation will be based on the C implementation at
http://cryptosource.de/flea_0.1.1.zip which in turn is based on the HyMES McEliece implementation
https://www.rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes

Nicolas Sendrier, one of the authors of the HyMES implementation and responsible person at INRIA Rocquencourt  has kindly granted me the right to publish the C++ ported code under a BSD license. 

In the following I summarize the implementation's main features:
- the implementation will have countermeasures against all known timing
side channel issues.
- it will come with two CCA2 conversions
    - the Overbeck conversion
    - a KEM scheme
    For neither one exists a published security prove, however I might
publish the proof for the        
    Overbeck conversion at some point. For the KEM scheme, a proof
exists for the closely related    
    Niederreiter scheme, which is also meaningful for the McEliece scheme.
- an appropriate ASN.1/DER encoding for public and private keys will
specified and implemented
- I am using Botan 1.11.3 as basis
- I assume to finish the work by the end of the year 2013
- An implementation of the Niederreiter cryptosystems is also planned 

Falko

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/botan-devel/attachments/20130926/3c8bd71f/attachment.html>


More information about the botan-devel mailing list