*4.2. Generic Attack*

The second attack is to reach *m* from *c* without using the private-key. The plaintext is an *n*-*q* tuple word of weight *t*. We require an useful algorithm that matchs the integers between 1 and ( *n <sup>t</sup>*) to the set of words of weight *t* and length *n* and vice versa, since the plaintext is a *n*-*q* tuple word of weight *t*. In this case, the attacker will try to repeatedly select *n* bits at random from an (*n* − *k*)-bit ciphertext vector and guess *m* based on the *n* selected bits, which is impossible. So, our cryptosystem is strong to all possible attacks. At the same time, the described system presents a general access, which is not for the specific cryptosystem.

Moreover, the probability of no error in the constructing of this system is

$$(1 - \frac{t}{n - k})^n \cdot$$

Consider the Goppa code, which has the parameters

$$n = 1024, k = 524, t = 50.$$

In the public-key cryptosystem constructing based on this code, the probability of no error is

$$(1 - \frac{50}{500})^{1024} = (0, 9)^{1024}.$$

It is a very small number.
