What is Code-based Cryptography?

Definition: Code-based Cryptography comprises of all symmetric or asymmetric cryptosystems whose security depends, in part or entirely, on the difficulty of decoding a linear error-correcting code (for instance, quasi-cyclic code, or Goppa codes).


Code-based Cryptography explained

Code-based cryptography is the area of research that focuses on the study of cryptosystems based on error-correcting codes. In digital communications, the alteration of a single bit may cause disaster if there was no way to identify and fix problems. Checksums are a basic illustration of an error-detection code. The objective is to maximise the likelihood of data transmission accuracy while decreasing the volume of additional information added.

This idea of error-correcting code first came to Robert McEliece in 1978. He began with a specific error-correcting code, the binary Goppa code, and used an invertible linear transformation to jumble it. On a very fundamental level, McEliece's approach equates to a secret factorization, which is somewhat similar to the Rivest Shamir and Adleman public key cryptosystem, known as RSA. Only the owner is aware of the factorization of the public key, which is the result of the Goppa code and the linear transformation.

The public key is a randomly generating matrix of an arbitrarily permuted version of the private key, which is a random binary irreducible Goppa code. Only the owner of the private key (the Goppa code) can fix the flaws that have been introduced to the ciphertext, which is a codeword.

In code-based cryptography, the message sender purposefully introduces flaws to the codeword to make decoding — and subsequently decryption — challenging. The recipient of the message can decode it using some secret knowledge (often regarding the code structure), but an attacker without access to the secret knowledge cannot.

Code-based cryptography has the potential to be recognised as a comprehensive cryptosystem given the availability of encryption, key exchange, and digital signature algorithms.

In contrast to RSA and other well-known public key systems, McEliece's method appears to be quantum-resistant, which has rekindled interest in it.

The McEliece technique was relegated to the back of the line for designers. Due to the fact that McEliece's approach required significantly larger public keys than other methods, like RSA, it did not generate much interest at the time. However, as the era of quantum computers approaches, it is being given another look because it appears to be impervious to attacks utilising Shor's method.

Therefore, the underlying algorithm “Classic McEliece” for key encapsulation is currently in round 4 of the NIST standardization process for Post Quantum Cryptography (PQC).



Blog posts

Blog posts



Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.