Worst case QC-MDPC decoder for McEliece cryptosystem

Abstract : QC-MDPC-McEliece is a recent variant of the McEliece encryption scheme which enjoys relatively small key sizes as well as a security reduction to hard problems of coding theory. Furthermore, it remains secure against a quantum adversary and is very well suited to low cost implementations on embedded devices. Decoding MDPC codes is achieved with the (iterative) bit flipping algorithm, as for LDPC codes. Variable time decoders might leak some information on the code structure (that is on the sparse parity check equations) and must be avoided. A constant time decoder is easy to emulate, but its running time depends on the worst case rather than on the average case. So far implementations were focused on minimizing the average cost. We show that the tuning of the algorithm is not the same to reduce the maximal number of iterations as for reducing the average cost. This provides some indications on how to engineer the QC-MDPC-McEliece scheme to resist a timing side-channel attack.
Type de document :
Communication dans un congrès
IEEE International Symposium on Information Theory, ISIT 2016, Jul 2016, Barcelone, Spain. pp.5, 2016, ISIT 2016, proceedings. 〈10.1109/ISIT.2016.7541522〉
Liste complète des métadonnées

Littérature citée [20 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01408633
Contributeur : Nicolas Sendrier <>
Soumis le : lundi 5 décembre 2016 - 10:57:48
Dernière modification le : mardi 13 décembre 2016 - 15:45:27
Document(s) archivé(s) le : mardi 21 mars 2017 - 11:23:22

Fichier

isit_2016.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Julia Chaulet, Nicolas Sendrier. Worst case QC-MDPC decoder for McEliece cryptosystem. IEEE International Symposium on Information Theory, ISIT 2016, Jul 2016, Barcelone, Spain. pp.5, 2016, ISIT 2016, proceedings. 〈10.1109/ISIT.2016.7541522〉. 〈hal-01408633〉

Partager

Métriques

Consultations de la notice

177

Téléchargements de fichiers

41