Quantum Brain
← Back to papers

Attack on the Edon-kKey Encapsulation Mechanism

Matthieu Lequesne, J. Tillich·February 16, 2018·DOI: 10.1109/ISIT.2018.8437498
Computer ScienceMathematics

AI Breakdown

Get a structured breakdown of this paper — what it's about, the core idea, and key takeaways for the field.

Abstract

The key encapsulation mechanism $\text{EDON}-\mathcal{K}$ was proposed in response to the call for post-quantum cryptography standardization issued by the National Institute of Standards and Technologies (NIST). This scheme is inspired by the McEliece scheme but uses another family of codes defined over $\mathbb{F}_{2^{128}}$ instead of $\mathbb{F}_{2}$ and is not based on the Hamming metric. It allows significantly shorter public keys than the McEliece scheme. In this paper, we give a polynomial time algorithm that recovers the encapsulated secret. This attack makes the scheme insecure for the intended use. We obtain this result by observing that recovering the error in the McEliece scheme corresponding to $\text{EDON}-\mathcal{K}$ can be viewed as a decoding problem for the rank-metric. We show that the code used in $\text{EDON}-\mathcal{K}$ is in fact a super-code of a Low Rank Parity Check (LRPC) code of very small rank (1 or 2). A suitable parity-check matrix for the super-code of such low rank can be easily derived from for the public key. We then use this parity-check matrix in a decoding algorithm that was devised for LRPC codes to recover the error. Finally we explain how we decapsulate the secret once we have found the error.

Related Research

Quantum Intelligence

Ask about quantum research, companies, or market developments.