1978 McEliece System Becomes New Post-Quantum International Security Standard

A cryptographic system originally conceived in 1978 is now expected to defend digital infrastructure against the looming threat of quantum computers; the Classic McEliece algorithm has been selected as a new international standard by the International Organization for Standardization (ISO). This move addresses a critical vulnerability stemming from the development of Peter Shor’s algorithm in the 1990s, which demonstrated the ability to break widely used public-key systems like Diffie-Hellman and RSA by solving complex mathematical problems exponentially faster than classical computers. “The expected development of large-scale, fault-tolerant quantum computers capable of running Shor’s algorithm will undermine the security of today’s most widely used public-key cryptographic mechanisms,” says a researcher involved in the project. According to Professor Carlos Cid of the Okinawa Institute of Science and Technology (OIST), Classic McEliece offers a longer track record of security and lower costs than more recently developed post-quantum alternatives, relying on error-correcting codes rather than vulnerable exponentiation.

The foundation of modern digital security is under threat from an algorithm developed decades ago. In the 1990s, Peter Shor devised a quantum algorithm that demonstrated a critical vulnerability in the widely used Diffie-Hellman (DH) and RSA public-key cryptographic systems, algorithms that underpin secure online transactions and data protection globally. These algorithms, previously considered virtually uncrackable, rely on the computational difficulty of factoring extremely large numbers and solving discrete logarithms; however, Shor’s algorithm revealed a method to perform these calculations exponentially faster than any known classical approach. This vulnerability is not a distant concern; the potential for quantum computers to break these systems has spurred a global race to develop and deploy post-quantum cryptography. The implications extend beyond simple inconvenience, potentially exposing sensitive data ranging from financial records to government communications. Unlike algorithms like DH and RSA, the newly adopted Classic McEliece system, originally conceived by Robert J. McEliece in 1978, operates on fundamentally different mathematical principles, utilizing error-correcting codes instead of exponentiation. This difference is crucial, as it sidesteps the computational shortcuts exploited by Shor’s algorithm, offering a pathway to sustained security in a post-quantum world. “Classic McEliece is a code-based cryptographic scheme that relies on different mathematical assumptions for its security,” Cid states, adding that the original system “has been thoroughly studied and analysed for almost five decades, and its classical and quantum security is very well understood.” Daniel J. Bernstein, Professor at University of Illinois Chicago, further highlights a surprising benefit, noting, “The fact that the ciphertexts are so small turns out to be connected to one of the security features that McEliece already figured out in 1978,” and adding, “Pursuing security isn’t always a performance problem.”

The fact that the ciphertexts are so small turns out to be connected to one of the security features that McEliece already figured out in 1978.

Daniel J. Bernstein, Professor at University of Illinois Chicago

Classic McEliece Standardizes Code-Based Post-Quantum Security

The selection of Classic McEliece as a new international standard signals a proactive shift in cryptographic defenses against the anticipated arrival of cryptographically relevant quantum computers (CRQCs). While widely used public-key algorithms, Diffie-Hellman (DH) and RSA, face imminent threats from Shor’s algorithm, developed in the 1990s, Classic McEliece offers a fundamentally different approach to security, rooted in error-correcting codes instead of prime factorization and discrete logarithms. This difference is not a recent development; the underlying system was initially proposed by Robert J. McEliece in 1978, demonstrating a remarkable longevity and resilience to evolving attacks. This new ISO standard, an amendment to the existing ISO/IEC 18033-2 dating back to 2006, formally recognizes Classic McEliece as a high-security option for protecting data in the face of quantum computing advances.

The algorithm’s design also offers practical advantages; it allows for smaller ciphertexts, reducing transmission costs and bandwidth requirements, while distributing the burden of large public keys. Professor Cid anticipates that “Classic McEliece has already been integrated into several real-world applications,” and the standard will further encourage its implementation as a trusted cryptographic mechanism.

Classic McEliece is a code-based cryptographic scheme that relies on different mathematical assumptions for its security. The original McEliece cryptosystem, on which it is based, has been thoroughly studied and analysed for almost five decades, and its classical and quantum security is very well understood.

Stay current. See today’s quantum computing news on Quantum Zeitgeist for the latest breakthroughs in qubits, hardware, algorithms, and industry deals.
Avatar of Rusty Flint

Rusty Flint

Rusty is a quantum science nerd. He's been into academic science all his life, but spent his formative years doing less academic things. Now he turns his attention to write about his passion, the quantum realm. He loves all things Quantum Physics especially. Rusty likes the more esoteric side of Quantum Computing and the Quantum world. Everything from Quantum Entanglement to Quantum Physics. Rusty thinks that we are in the 1950s quantum equivalent of the classical computing world. While other quantum journalists focus on IBM's latest chip or which startup just raised $50 million, Rusty's over here writing 3,000-word deep dives on whether quantum entanglement might explain why you sometimes think about someone right before they text you. (Spoiler: it doesn't, but the exploration is fascinating)

Latest Posts by Rusty Flint: