exa/codecrypt
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

mce_qd: add a security warning

Browse source
This commit is contained in:
Mirek Kratochvil 2015-10-31 10:00:10 +01:00
parent 67192f621e
commit a2c1c3992d
1 changed files with 44 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/mce_qd.cpp
View file

@ -22,12 +22,26 @@ using namespace mce_qd;
#include "decoding.h" #include "decoding.h"
#include "qd_utils.h" #include "qd_utils.h"
#include "iohelpers.h"
#include <set> #include <set>
static void print_attack_warning()
{
bool printed = false;
if (printed) return;
err ("\n***MCEQD SECURITY WARNING***\n\n"
"Security of the QD-McEliece variant was greatly reduced to less than 2^50\n"
"by an algebraic attack! The functions are kept only for compatibility.\n"
"Be sure to use another encryption variant instead.");
printed = true;
}
int mce_qd::generate (pubkey&pub, privkey&priv, prng&rng, int mce_qd::generate (pubkey&pub, privkey&priv, prng&rng,
uint m, uint T, uint block_count, uint block_discard) uint m, uint T, uint block_count, uint block_discard)
{ {
print_attack_warning();
//convenience //convenience
gf2m&fld = priv.fld; gf2m&fld = priv.fld;
std::vector<uint>&essence = priv.essence; std::vector<uint>&essence = priv.essence;
@ -201,6 +215,8 @@ int mce_qd::generate (pubkey&pub, privkey&priv, prng&rng,
int privkey::prepare() int privkey::prepare()
{ {
print_attack_warning();
uint s, i, j; uint s, i, j;
std::vector<uint> Hsig, support; std::vector<uint> Hsig, support;
uint omega; uint omega;
@ -342,6 +358,8 @@ int pubkey::encrypt (const bvector& in, bvector&out, prng&rng)
int pubkey::encrypt (const bvector & in, bvector & out, const bvector&errors) int pubkey::encrypt (const bvector & in, bvector & out, const bvector&errors)
{ {
print_attack_warning();
uint t = 1 << T; uint t = 1 << T;
bvector p, g, r, cksum; bvector p, g, r, cksum;
uint i, j; uint i, j;
@ -399,6 +417,8 @@ int privkey::decrypt (const bvector & in, bvector & out)
int privkey::decrypt (const bvector & in, bvector & out, bvector & errors) int privkey::decrypt (const bvector & in, bvector & out, bvector & errors)
{ {
print_attack_warning();
if (in.size() != cipher_size()) return 2; if (in.size() != cipher_size()) return 2;
polynomial synd; polynomial synd;
uint i, tmp; uint i, tmp;