October 24, 2008
Cryptographers crack 30-year-old code

A cryptosystem proposed in 1978, one of the leading candidates for "post-quantum cryptography", has been broken by researchers at TU/e. Physicists have been racing to build quantum computers that would break the public-key cryptosystems used to protect Internet commerce today, such as RSA and elliptic-curve cryptography. However, quantum computers are not believed to affect the "McEliece cryptosystem" published thirty years ago. Professor Tanja Lange (EiPSI), in a joint paper with her Ph.D. student Christiane Peters and with Professor Daniel J. Bernstein visiting from the University of Illinois at Chicago, described a way to speed up attacks against the McEliece cryptosystem. The researchers wrote software that would decrypt a McEliece ciphertext in just 14 days on a cluster of 100 computers.

The software was run on many computers in the Coding and Cryptography Computer Cluster (C4) and the SAN Distributed and Parallel Integrated Terminal (SANdpit) at TU/e, along with cooperating computers in Amsterdam (CWI), France, Ireland, Taiwan, and the United States. A lucky computer in Ireland found the ciphertext.
The successful attack was announced Saturday at a conference in Cincinnati on Post-Quantum Cryptography. The researchers said that the McEliece cryptosystem, when scaled to larger key sizes to avoid their attacks, remains a leading candidate for post-quantum cryptography.

Press coverage
Eindhovens Dagblad, October 24, 2008.