Soft McEliece: MDPC code-based McEliece cryptosystems with very compact keys through real-valued intentional errors

TL;DR

This paper introduces a novel McEliece cryptosystem variant using real-valued errors and soft-decision decoding, significantly reducing key sizes while analyzing new security risks from real-valued noise.

Contribution

It presents a new approach to McEliece cryptosystems with real-valued errors and soft decoding, achieving smaller keys and addressing security concerns.

Findings

Achieves up to 25% smaller public keys compared to previous methods.

Demonstrates the effectiveness of soft-decision decoding with real-valued errors.

Analyzes security implications of real-valued noise in cryptosystems.

Abstract

We propose to use real-valued errors instead of classical bit flipping intentional errors in the McEliece cryptosystem based on moderate-density parity-check (MDPC) codes. This allows to exploit the error correcting capability of these codes to the utmost, by using soft-decision iterative decoding algorithms instead of hard-decision bit flipping decoders. However, soft reliability values resulting from the use of real-valued noise can also be exploited by attackers. We devise new attack procedures aimed at this, and compute the relevant work factors and security levels. We show that, for a fixed security level, these new systems achieve the shortest public key sizes ever reached, with a reduction up to 25% with respect to previous proposals.