An Efficient CCA2-Secure Variant of the McEliece Cryptosystem in the Standard Model

TL;DR

This paper introduces a highly efficient CCA2-secure variant of the McEliece cryptosystem that employs a generic conversion applicable to any one-way trapdoor function, addressing key size and efficiency issues.

Contribution

It presents a novel, generic approach to achieve CCA2-security in public-key encryption, applicable to any one-way trapdoor function, improving efficiency over previous schemes.

Findings

Achieves CCA2-security in the standard model

Reduces key size compared to previous schemes

Provides a generic conversion applicable to various functions

Abstract

Recently, a few chosen-ciphertext secure (CCA2-secure) variants of the McEliece public-key encryption (PKE) scheme in the standard model were introduced. All the proposed schemes are based on encryption repetition paradigm and use general transformation from CPA-secure scheme to a CCA2-secure one. Therefore, the resulting encryption scheme needs \textit{separate} encryption and has \textit{large} key size compared to the original scheme, which complex public key size problem in the code-based PKE schemes. Thus, the proposed schemes are not sufficiently efficient to be used in practice. In this work, we propose an efficient CCA2-secure variant of the McEliece PKE scheme in the standard model. The main novelty is that, unlike previous approaches, our approach is a generic conversion and can be applied to \textit{any} one-way trapdoor function (OW-TDF), the lowest-level security notion in the context of public-key cryptography, resolving a big fundamental and central problem that has remained unsolved in the past two decades.