Post-Quantum Cryptography: An Analysis of Code-Based and Lattice-Based Cryptosystems
Alexander Meyer
TL;DR
The paper analyzes post-quantum cryptography with a focus on code-based McEliece (binary Goppa codes) and lattice-based NTRU, detailing how each system achieves quantum resistance through distinct hardness assumptions. It explains McEliece's reliance on the difficulty of decoding arbitrary linear codes and Patterson's algorithm for efficient decryption, and it maps NTRU to lattice problems such as SVP, CVP, and their convolutive lattice formulation. The work also discusses key-generation, encryption/decryption procedures, security considerations, and parameter choices, including 128-bit security targets and potential KEM variants. Finally, it highlights deep connections between codes and lattices—through code equivalence, basis reduction, and related decision problems—arguing for a unified perspective on post-quantum security and guiding future parameter optimization and standardization efforts.
Abstract
Most modern cryptographic systems, such as RSA and the Diffie-Hellman Key Exchange, rely on "trapdoor" mathematical functions that are presumed to be computationally difficult with existing tools. However, quantum computers will be able to break these systems using Shor's Algorithm, necessitating the development of quantum-resistant alternatives. We first examine the McEliece cryptosystem, a code-based scheme believed to be secure against quantum attacks due to the hardness of decoding arbitrary linear codes. We then explore NTRU, a lattice-based system grounded in the difficulty of solving the Shortest Vector Problem. Finally, we establish connections between the structural foundations and security of the two systems.
