Skip to Main content Skip to Navigation
Conference papers

Worst case QC-MDPC decoder for McEliece cryptosystem

Abstract : QC-MDPC-McEliece is a recent variant of the McEliece encryption scheme which enjoys relatively small key sizes as well as a security reduction to hard problems of coding theory. Furthermore, it remains secure against a quantum adversary and is very well suited to low cost implementations on embedded devices. Decoding MDPC codes is achieved with the (iterative) bit flipping algorithm, as for LDPC codes. Variable time decoders might leak some information on the code structure (that is on the sparse parity check equations) and must be avoided. A constant time decoder is easy to emulate, but its running time depends on the worst case rather than on the average case. So far implementations were focused on minimizing the average cost. We show that the tuning of the algorithm is not the same to reduce the maximal number of iterations as for reducing the average cost. This provides some indications on how to engineer the QC-MDPC-McEliece scheme to resist a timing side-channel attack.
Document type :
Conference papers
Complete list of metadatas

Cited literature [20 references]  Display  Hide  Download

https://hal.inria.fr/hal-01408633
Contributor : Nicolas Sendrier <>
Submitted on : Monday, December 5, 2016 - 10:57:48 AM
Last modification on : Thursday, March 5, 2020 - 4:56:16 PM
Long-term archiving on: : Tuesday, March 21, 2017 - 11:23:22 AM

File

isit_2016.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Julia Chaulet, Nicolas Sendrier. Worst case QC-MDPC decoder for McEliece cryptosystem. IEEE International Symposium on Information Theory, ISIT 2016, Jul 2016, Barcelone, Spain. pp.5, ⟨10.1109/ISIT.2016.7541522⟩. ⟨hal-01408633⟩

Share

Metrics

Record views

310

Files downloads

327