cryptosource implements the McEliece scheme in Botan
Dec. 3rd 2014
cryptosource implements the quantum-computer secure McEliece public-key cryptosystem in the open source C++ library Botan. It is available as of version 1.11.10 of the library.
The McEliece scheme is a public key cryptosystem, which has the special feature to be resistant against attacks employing quantum computers. This new kind of computer poses a threat for the commonly used public-key schemes like RSA and those based on elliptic curves. Due to the fundamental difference of their functionality to that of classical computers, they are capable of carrying out certain computations considerably faster. Even though at present no practical quantum computer can be built, the threat exists that messages encrypted today under RSA can be decrypted in a few years from now by the use of that technology.
The McEliece scheme is based on error correcting codes. The secret key corresponds to a randomly chosen secret code (1). The public key is derived from the secret code as the generator matrix of the code (2); however, it has the property that the secret key cannot be reconstructed from the public information. In order to encrypt a message, Alice multiplies it by the generator matrix (3), just as it would be the case in the normal application of error correcting codes. Afterwards, she adds a predefined number of bit-flip errors to the ciphertext. The message encrypted in this way can only be decrypted by the use of the corresponding secret key.
The implementation provided by cryptosource follows the results of scientify works of the past years, which address the efficiency and security of implementations of this more than 30 years old cryptosystem. The source code created by cryptosource is based on the HyMES implementation published by Bhaskar Biswas and Nicolas Sendrier. With kind permission of Nicolas Sendrier and INRIA this implementation was made available to cryptosource under a compatible license.
The open source cryptographic library Botan was chosen for this endeavour, because it is a well-maintained library with a convenient C++ user interface. Furthermore, this library is available under the relatively free BSD license, so that also proprietary applications can make use of the quantum computer secure encryption scheme.
Details about the implementation and a manual for its usage can be found in this paper.