“…On the one hand, some proposals suggested to replace Goppa or alternant codes by more structured codes such as generalised Reed-Solomon (GRS) codes [24], their low dimensional subcodes [6], or GRS codes to which various transformations have been applied [30,2,29]. It turns out that most of these proposals have been subject to polynomial time key-recovery attacks [28,31,9,13]. In addition, proposals based on Goppa codes which are close to GRS codes, namely Goppa code with a low extension degree m have been the target of some structural attacks [17,12].…”