An Efficient Decoding of Goppa Codes for the McEliece Cryptosystem

The McEliece cryptosystem is defined using a Goppa code, and decoding the Goppa code is a crucial step of its decryption. Patterson's decoding algorithm is the best known algorithm for decoding Goppa codes. Currently, the most efficient implementation of Patterson's algorithm uses a precomputation. In this paper, we modify Patterson's decoding algorithm so that one can remove the precomputation part while sustaining the best efficiency. Precomputations yield additional storage requirement to store the precomputed value which increases as the security level increases in McEliece cryptosystem. In the original decoding algorithm of Patterson, computing square root in a quotient field of polynomial ring over a finite field is necessary. In our modification, the computations are involved only in the arithmetics of polynomial ring over a finite field, not in the quotient field. This achieves better efficiency because one can remove polynomial reductions in the computations of quotient field.