*2.4. McEliece's Public-Key Cryptosystem*

McEliece's public-key cryptosystem is the first system based on the algebraic block codes; it was presented in 1978 [7]. In order to construct his cryptosystem, it used a binary (*n*, *k*, 2*t* + 1) Goppa code *C*. It is clear that *n* is the code length, *k* is the code dimension, and *t* is the error-correcting capacity of *C*. The encryption and decryption algorithms are as follows.

**Private-key:** *G*, *S*, *P*; where *G* is a *k* × *n* generator matrix, *S* is any *k* × *k* non-singular matrix, and *P* is any *n* × *n* permutation matrix.

**Public-key:** *G* = *SGP* and *t*.

**Plaintexts:** *<sup>k</sup>* bit vectors *<sup>m</sup>* over F2.

**Encryption:**

$$
\mathcal{L} = m\mathcal{G}' + \mathcal{e},
\tag{4}
$$

where *e* is an *n*-bit error vector with Hamming weight *t*. So, *c* is the *n*-bit ciphertext. **Decryption:**

$$cP^{-1} = (mS)G + eP^{-1} \tag{5}$$

since

$$x = mSGP.\tag{6}$$

It is used as the fast decoding algorithm for *C* to correct the error *eP*<sup>−</sup>1; then, it is found *mS* and therefore *m*.
