International Association for Cryptologic Research
The proposal is also code-based, and like McEliece's well-known method, it relies on a \"Scrambled\" efficiently-decodable error correcting code. Apart from the adoption of the scrambling technique, the method is distinct from all previous methods. (In particular contrary to possible casual impression, it does not include McEliece's method as some kind of special case.) An advantage of the new method is that the scrambled generator matrix of the code is not public, thereby reducing the reliance of the cryptosystem on the hardness of decoding random linear codes.