# A timing attack on Codecrypt

Codecrypt

Codecrypt is a software developed by Miroslav ‘Mirek’ Kratochvil (@__exa__). From the documentation of codecrypt:

This is a GnuPG-like unix program for encryption and signing that uses only quantum-computer-resistant algorithms:

• McEliece cryptosystem (compact QC-MDPC variant) for encryption
• Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures

Scribbles on timing attack on codecrypt:

1. Message recovery: The error weight (when below correction bound) determines the time it takes to decrypt a block. Flip bits in encrypted block and note when decryption time decreases. Takes $n \cdot w$, were $n$ is dimension and $w$ error weight. Adaptive known-ciphertext attack. The timing attack is briefly investigated here.
2. Key recovery: Basically the same principle as above, but we choose ciphertexts adaptively and use the decoding to determine which bits are set in the private key. TODO: formulate a clear description.

Addition: There is a result on the key recovery here!