Page 66 - ISCI’2017

P. 66

'
However, instead of restoring data word 'I , this user calculates the code word c = ' G ⋅ , and after it,
I
*
and error vector ' e = с − ' c . Calculation of the vector (which includes the confidential information)
e = e’⋅ P ⋅ D exists on the last step.

Thus, the primary mean of masking line code under the random code in the Niederreiter
cryptosystem is (as and for the McEliece cryptosystem) the matrices X, P and D. If the Goppa codes

can be used, then a polynomial G(x) can be as additional secret parameter.

As it was shown in the work [19], resistances of the McEliece and Niederreiter cryptosystems
are equivalent and an effective attack to one scheme can be easy transformed to an attack to another

scheme. In this sense, the assessments if a resistance of the McEliece cryptosystem, which was shown
in Table 1, are also valid in a relation to the Niederreiter cryptosystem. Other characteristics of these

cryptosystems are also comparable (speed encryption / decryption, the volume of private and public

key).
The obvious advantage of the theoretical and code the Niederreiter scheme in comparison with

the McEliece cryptosystem is significantly majority relative speed of data transmission. Indeed, the
relative speed in the McEliece cryptosystem is determined by the relative speed of used (n, k, d)-code,

i.e. it is equal to R = k / n ≈ 2/3 (see Fig. 1). Information message in the Niederreiter scheme, firstly,

is transformed in an equilibrium e-sequence of n-length and the (w(e) ≤ t)-weight, after it, its multiples
to a validation matrix as in the expression (23). Let w(e) = t (in this case, the maximum cryptosystem

resistance for a given (n, k, d)-code parameters will be provided). Then the maximum number of bits

of information data, which can be encrypted in the Niederreiter system when used binary (n, k, d)-
code, will be determined by the expression:

  ! n  
= log
l inf =  log C n t   2   ,

 
2
t
  t ( ! n − )!  
where x is the largest integer number less than x.
 
Cryptogram (23) is a syndromic vector of (n – k)-length, i.e. the relative speed of data
transmission in the Niederreiter cryptosystem (for the binary code) is given by:

  n!  
 log 2   t (! n − t)!   
*
R =     .
n − k
The last expression can be easily generalized to the case of non-binary codes with a base q:

  t n!  
(
 log q q − )1 t (! n − t)!   
R =     . (24)
*
n − k

61 62 63 64 65 66 67 68 69 70 71