The next problems use the following simplied from of the McEliece Cryptosystem. All parties agree on a family of error correcting codes given by generator matrices with a good decoding algorithm. (a) Alice selects a [n, k, 2t + 1]-linear code over F, from the agreed family with generator matrix G. (b) Alice selects a random k x k binary invertible matrix S (c) Alice computes the k x n matrix = SG. Alice's public key is (,t); her private key is (S,G) (The decoding algorithm might depend on knowing G. The role of S is to hide G and the decoding algorithm. This will not matter for problems 2 and 3 below.) Encryption Suppose Bob wishes to send a message m to Alice, encoded as a vector of length k with entries in F. Bob computes the vector d = m. Bob generates a random vector z of length n and weight t with entries in F. Bob computes the ciphertext as c= d+z. Decryption Alice does the following steps to decrypt the message c. Alice uses the decoding algorithm to decode c to d' and writes d' as m'G. Alice then computes m = m's-1. Suppose that we use [7, 3, 5) codes over F7 as our family of codes. Suppose that Alice's public key is (, t) where t = 2 and [3 2 6 4 5 1 37 = 3 4 4 2 4 6 0 [3 1 5 1 6 10 2. Compute a valid encryption of the following message m= (1,2,3). The next problems use the following simplied from of the McEliece Cryptosystem. All parties agree on a family of error correcting codes given by generator matrices with a good decoding algorithm. (a) Alice selects a [n, k, 2t + 1]-linear code over F, from the agreed family with generator matrix G. (b) Alice selects a random k x k binary invertible matrix S (c) Alice computes the k x n matrix = SG. Alice's public key is (,t); her private key is (SG) (The decoding algorithm might depend on knowing G. The role of S is to hide G and the decoding algorithm. This will not matter for problems 2 and 3 below.) Encryption Suppose Bob wishes to send a message m to Alice, encoded as a vector of length k with entries in F. Bob computes the vector d = mG. Bob generates a random vector 2 of length n and weight t with entries in F. Bob computes the ciphertext as c= d+z. Decryption Alice does the following steps to decrypt the message c. Alice uses the decoding algorithm to decode c to d and writes d' as m'G. Alice then computes m = m's-1 Suppose that we use (7,3,5) codes over F, as our family of codes. Suppose that Alice's public key is (,t) where t = 2 and [3 2 6 4 5 1 3] = 3 4 4 2 4 6 0 [3 1 51610 2. Compute a valid encryption of the following message m= (1,2,3). 3. Assume now that you are trying to break a communication between Alice and Bob and that Bob sent Alice the ciphertext (0.3.5,1.6.0.1). What is the plaintext message? (Note, you don't have Alice's decoding algorithm, so you may need to come up with some decoding algorithm yourself.) 4. Is this cryptosystem secure? What if Alice had some way of decoding t = 3 errors, would (G.3) be more secure? What if we worked with [2t + 3,3,2t + 1]-codes over F, then how big would t, q need to be to make your attack impractical while keeping the message sizes manageable? The next problems use the following simplied from of the McEliece Cryptosystem. All parties agree on a family of error correcting codes given by generator matrices with a good decoding algorithm. (a) Alice selects a [n, k, 2t + 1]-linear code over F, from the agreed family with generator matrix G. (b) Alice selects a random k x k binary invertible matrix S (c) Alice computes the k x n matrix = SG. Alice's public key is (,t); her private key is (S,G) (The decoding algorithm might depend on knowing G. The role of S is to hide G and the decoding algorithm. This will not matter for problems 2 and 3 below.) Encryption Suppose Bob wishes to send a message m to Alice, encoded as a vector of length k with entries in F. Bob computes the vector d = m. Bob generates a random vector z of length n and weight t with entries in F. Bob computes the ciphertext as c= d+z. Decryption Alice does the following steps to decrypt the message c. Alice uses the decoding algorithm to decode c to d' and writes d' as m'G. Alice then computes m = m's-1. Suppose that we use [7, 3, 5) codes over F7 as our family of codes. Suppose that Alice's public key is (, t) where t = 2 and [3 2 6 4 5 1 37 = 3 4 4 2 4 6 0 [3 1 5 1 6 10 2. Compute a valid encryption of the following message m= (1,2,3). The next problems use the following simplied from of the McEliece Cryptosystem. All parties agree on a family of error correcting codes given by generator matrices with a good decoding algorithm. (a) Alice selects a [n, k, 2t + 1]-linear code over F, from the agreed family with generator matrix G. (b) Alice selects a random k x k binary invertible matrix S (c) Alice computes the k x n matrix = SG. Alice's public key is (,t); her private key is (SG) (The decoding algorithm might depend on knowing G. The role of S is to hide G and the decoding algorithm. This will not matter for problems 2 and 3 below.) Encryption Suppose Bob wishes to send a message m to Alice, encoded as a vector of length k with entries in F. Bob computes the vector d = mG. Bob generates a random vector 2 of length n and weight t with entries in F. Bob computes the ciphertext as c= d+z. Decryption Alice does the following steps to decrypt the message c. Alice uses the decoding algorithm to decode c to d and writes d' as m'G. Alice then computes m = m's-1 Suppose that we use (7,3,5) codes over F, as our family of codes. Suppose that Alice's public key is (,t) where t = 2 and [3 2 6 4 5 1 3] = 3 4 4 2 4 6 0 [3 1 51610 2. Compute a valid encryption of the following message m= (1,2,3). 3. Assume now that you are trying to break a communication between Alice and Bob and that Bob sent Alice the ciphertext (0.3.5,1.6.0.1). What is the plaintext message? (Note, you don't have Alice's decoding algorithm, so you may need to come up with some decoding algorithm yourself.) 4. Is this cryptosystem secure? What if Alice had some way of decoding t = 3 errors, would (G.3) be more secure? What if we worked with [2t + 3,3,2t + 1]-codes over F, then how big would t, q need to be to make your attack impractical while keeping the message sizes manageable