Hacker can get your private key if he will know a half of it (and pubkey.py, decode.py and Reed-Solomon algo).
Check break.py to understand how hacker can do this.
todo: check randomization during encode (add vector z, check https://en.wikipedia.org/wiki/McEliece_cryptosystem)
todo:
1. left part of G is E, because we use Reed-Solomon algo; so left part of S @ G is S and cutting right colomns works; my_fix(G) returns E and in break_S we needn't get inv(G), just S = my_fix(G_ @ inv(P)), check it; try break_S with another (not Reed-Solomon) code (matrix G will be different; will my_fix(G) and my_fix(G_) return nonsingular matrices?; of course, rank(G) = rank(G_) = k and we can iterate through all possible combinations of column deletions and find one that does not lead to a nonsingular matrices); another way to get S is calculating it row by row (solving k systems, each has n equations with k variables, k < n, but we need to do it in Galois Field)
2. check randomization during encode (add vector z, check https://en.wikipedia.org/wiki/McEliece_cryptosystem)
vovuas2003
6 months ago
committed by
GitHub