Worst case QC-MDPC decoder for McEliece cryptosystem

Chaulet, Julia; Sendrier, Nicolas

doi:10.1109/isit.2016.7541522

Cited by 23 publications

(18 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since both the parity-check matrix and the error vector are sparse, the probability of wt s (l) being significantly different from w (l) s is negligible. So, (14) allows predicting the average syndrome weight starting from t ′ l . In order to predict how t ′ l varies during iterations, let us consider the i-th codeword bit and the corresponding correlation value ρ (l) i at the l-th iteration.…”

Section: Choice Of the Q-decoder Decision Thresholdsmentioning

confidence: 99%

LEDAkem: A Post-quantum Key Encapsulation Mechanism Based on QC-LDPC Codes

Baldi

Barenghi

Chiaraluce

et al. 2018

Post-Quantum Cryptography

View full text Add to dashboard Cite

This work presents a new code-based key encapsulation mechanism (KEM) called LEDAkem. It is built on the Niederreiter cryptosystem and relies on quasi-cyclic low-density parity-check codes as secret codes, providing high decoding speeds and compact keypairs. LEDAkem uses ephemeral keys to foil known statistical attacks, and takes advantage of a new decoding algorithm that provides faster decoding than the classical bit-flipping decoder commonly adopted in this kind of systems. The main attacks against LEDAkem are investigated, taking into account quantum speedups. Some instances of LEDAkem are designed to achieve different security levels against classical and quantum computers. Some performance figures obtained through an efficient C99 implementation of LEDAkem are provided.

show abstract

Section: Choice Of the Q-decoder Decision Thresholdsmentioning

confidence: 99%

LEDAkem: A Post-quantum Key Encapsulation Mechanism Based on QC-LDPC Codes

Baldi

Barenghi

Chiaraluce

et al. 2018

Post-Quantum Cryptography

View full text Add to dashboard Cite

show abstract

“…However, in cryptography, We The probabilistic decoding algorithm used in the cryptosystem is known as the modified bit flipping algorithm. During the last few years this probabilistic aspect was very intensively examined by community [1], [7]. The results of this research increased error-correcting capability for the tested systems for security 2 80 .…”

Section: Motivationmentioning

confidence: 99%

“…An random (n, r, w)-MDPC code is easily generated by selecting a random parity-check matrix H ∈ F r×n 2 of row weight w. We only have to check that the rightmost r × r block is full rank. If not, wecan swap a few columns to get 1 Indistinguishability under chosen-plaintext attack a full rank matrix. The general definition of MDPC codes can be found in [9].…”

Section: A Mdpc and Qc-mdpc Codementioning

confidence: 99%

MDPC decoding algorithms and their impact on the McEliece cryptosystem

Janoska¹

2018

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

In recent years, research has been conducted aimed at finding alternative asymmetric systems other than traditional systems such as RSA (Rivest-Shamir-Adleman algorithm) and ECC (Elliptic-curve cryptography). One of the most promising is code-based cryptosystems since their security is based on well-known NP-hard problems. Especially, the most interesting cryptosystem is system proposed by Misoczki et al. based on QC-MDPC codes which use the modified BitFlip algorithm as the decoding algorithm. This work presents a comparison of different variants of MDPC decoding algorithms and their impact on the cryptosystem. We present a complete analysis of modification of this algorithm and new results of the likelihood of correct word decoding for security systems which ensure security level 2 128 and 2 256 .

show abstract

“…The parameters suggested in Table 2 consider the security attacks discussed in Section 6. In addition, the block size r is chosen so that state-of-the-art bit flipping decoding (see [34]; or [16] for a comprehensive assessment) has a failure rate not exceeding 10 −7 (validated through exhaustive simulation). The last column shows the public and private key size which are both n bits long.…”

Section: How To Choose Mdpc Parametersmentioning

confidence: 99%

“…This approach led to key sizes that are just a few thousand bits long, and approximated the distinguishing problem to the decoding problem. These features attracted great attention from the community (see [26,53,54,16], just to mention a few) including a mention in the preliminary European recommendations for post-quantum cryptography [31].…”

Section: Introductionmentioning

confidence: 99%

CAKE: Code-Based Algorithm for Key Encapsulation

Barreto

Gueron

Güneysu

et al. 2017

Cryptography and Coding

Self Cite

View full text Add to dashboard Cite

Current widely-used key exchange (KE) mechanisms will be vulnerable to quantum attacks when sufficiently strong quantum computers become available. Therefore, devising quantum-resistant replacements that combine efficiency with solid security guarantees is an important and challenging task. This paper proposes several contributions towards this goal. First, we introduce "CAKE", a key encapsulation algorithm based on the QC-MDPC McEliece encryption scheme, with two major improvements: a) the use of ephemeral keys that defeats a recent reaction attack against MDPC decoding of the corresponding encryption scheme and b) a highly efficient key generation procedure for QC-MDPCbased cryptosystems. Then, we present an authenticated key exchange protocol based on CAKE, which is suitable for the Internet Key Exchange (IKE) standard. We prove that CAKE is IND-CPA secure, that the protocol is SK-Secure, and suggest practical parameters. Compared to other post-quantum schemes, we believe that CAKE is a promising candidate for post-quantum key exchange standardization.

show abstract

Worst case QC-MDPC decoder for McEliece cryptosystem

Cited by 23 publications

References 19 publications

LEDAkem: A Post-quantum Key Encapsulation Mechanism Based on QC-LDPC Codes

LEDAkem: A Post-quantum Key Encapsulation Mechanism Based on QC-LDPC Codes

MDPC decoding algorithms and their impact on the McEliece cryptosystem

CAKE: Code-Based Algorithm for Key Encapsulation

Contact Info

Product

Resources

About