but  the  total number of  operations will  be reduced due  to  the  reduced dimension of  modules.

                                                     3
                                                             3
                                                        3
            Complexity of  transformation will  be  2 l =  3l and the values  in Table 1 correspond to  this
                                                     2
            assessment. The size of the module and the appropriate assessment of resistance (as the equivalent
            the length of a symmetric cipher key) was shown in the work [49]. Estimates of the volume of the
            quantum resources, which need to solve of some asymmetric cryptographic tasks with the help of

            Shor's algorithm at different parameters of these tasks, and a comparison of them with a complexity
            of sort out problem solution at searching of symmetric cipher key, were been presented in the work

                                                   3
            [50].  In particular, the assessment  4m   of time complexity of the quantum  factorization Shor's
            algorithm gives for m-bits number, and the volumes, which were shown in Table 1, correspond to this
            assessment.

                  Description of  block symmetric ciphers  AES (FIPS-197)  and  Kalyna  (DSTU  7624:2014)

            presents  in the works [44, 45].  Research  complexity of quantum  algorithms for  cryptanalysis of
            symmetric ciphers was performed in the work [51]. In particular, the quantum Grover’s algorithm for

            the solution of brute force problems, includes brute force searching of m-bits secret key of symmetric
                                           π
                                                m
            cipher, requires of execution of   2 iterations. In practice, this leads to a corresponding reduction
                                            4
            in resistance (twice the equivalent length of the key is reduced).
                  It should be noted to a high speed of crypto-transformation in the McEliece scheme, which

            approaching by encryption speed to block symmetric ciphers. Really, at using the Goppa code with

            recommended in the author’s manuscript [15] parameters
                                       n = 1024, k = 524, t = 50, d = 2t + 1 = 101,

            needs to execute no more than 524 XOR-operations per one processed word for an encryption by

            matrix method (calculation  IG + ). For example, one from the most fast modern block symmetric
                                              e
                                          X
            ciphers  AES (American Encryption Standard,  FIPS-197)  requires  to  encryption  no  less  4  XOR-
            operations to 32-bits word in each round [44] that at 10 rounds consists no less 40 XOR-operations.

                  The second important advantage of the McEliece scheme is a possibility to combine a crypto-
            transformation with errors resulting control. Really, if at the cryptogram forming (18) a random errors

            vector e and weights w(e)< t can be used, then will allow a possibility of a control errors within
            correcting capacity simultaneously with the cryptographic data conversion. Weight reducing of vector

            e decreases a cryptographic persistence of the McEliece scheme, but increases a data transmission
            noise immunity, i.e. changing the w(e) can adaptively respond to the need for appropriate security

            services in this “hybrid” scheme.

                  Let  us  denote  fraction of  weight vector error  of  the vector  e,  attributable to  the artificial
            introduction of the cryptogram formation (see to expression (18)) by the symbol ρ = w(e) / t. Then

            64