219 research outputs found
Improving the efficiency of the LDPC code-based McEliece cryptosystem through irregular codes
We consider the framework of the McEliece cryptosystem based on LDPC codes,
which is a promising post-quantum alternative to classical public key
cryptosystems. The use of LDPC codes in this context allows to achieve good
security levels with very compact keys, which is an important advantage over
the classical McEliece cryptosystem based on Goppa codes. However, only regular
LDPC codes have been considered up to now, while some further improvement can
be achieved by using irregular LDPC codes, which are known to achieve better
error correction performance than regular LDPC codes. This is shown in this
paper, for the first time at our knowledge. The possible use of irregular
transformation matrices is also investigated, which further increases the
efficiency of the system, especially in regard to the public key size.Comment: 6 pages, 3 figures, presented at ISCC 201
Variations of the McEliece Cryptosystem
Two variations of the McEliece cryptosystem are presented. The first one is
based on a relaxation of the column permutation in the classical McEliece
scrambling process. This is done in such a way that the Hamming weight of the
error, added in the encryption process, can be controlled so that efficient
decryption remains possible. The second variation is based on the use of
spatially coupled moderate-density parity-check codes as secret codes. These
codes are known for their excellent error-correction performance and allow for
a relatively low key size in the cryptosystem. For both variants the security
with respect to known attacks is discussed
Worst case QC-MDPC decoder for McEliece cryptosystem
McEliece encryption scheme which enjoys relatively small key sizes as well as
a security reduction to hard problems of coding theory. Furthermore, it remains
secure against a quantum adversary and is very well suited to low cost
implementations on embedded devices.
Decoding MDPC codes is achieved with the (iterative) bit flipping algorithm,
as for LDPC codes. Variable time decoders might leak some information on the
code structure (that is on the sparse parity check equations) and must be
avoided. A constant time decoder is easy to emulate, but its running time
depends on the worst case rather than on the average case. So far
implementations were focused on minimizing the average cost. We show that the
tuning of the algorithm is not the same to reduce the maximal number of
iterations as for reducing the average cost. This provides some indications on
how to engineer the QC-MDPC-McEliece scheme to resist a timing side-channel
attack.Comment: 5 pages, conference ISIT 201
LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes
This work presents a new code-based key encapsulation mechanism (KEM) called
LEDAkem. It is built on the Niederreiter cryptosystem and relies on
quasi-cyclic low-density parity-check codes as secret codes, providing high
decoding speeds and compact keypairs. LEDAkem uses ephemeral keys to foil known
statistical attacks, and takes advantage of a new decoding algorithm that
provides faster decoding than the classical bit-flipping decoder commonly
adopted in this kind of systems. The main attacks against LEDAkem are
investigated, taking into account quantum speedups. Some instances of LEDAkem
are designed to achieve different security levels against classical and quantum
computers. Some performance figures obtained through an efficient C99
implementation of LEDAkem are provided.Comment: 21 pages, 3 table
On Decoding Schemes for the MDPC-McEliece Cryptosystem
Recently, it has been shown how McEliece public-key cryptosystems based on
moderate-density parity-check (MDPC) codes allow for very compact keys compared
to variants based on other code families. In this paper, classical (iterative)
decoding schemes for MPDC codes are considered. The algorithms are analyzed
with respect to their error-correction capability as well as their resilience
against a recently proposed reaction-based key-recovery attack on a variant of
the MDPC-McEliece cryptosystem by Guo, Johansson and Stankovski (GJS). New
message-passing decoding algorithms are presented and analyzed. Two proposed
decoding algorithms have an improved error-correction performance compared to
existing hard-decision decoding schemes and are resilient against the GJS
reaction-based attack for an appropriate choice of the algorithm's parameters.
Finally, a modified belief propagation decoding algorithm that is resilient
against the GJS reaction-based attack is presented
Assessing and countering reaction attacks against post-quantum public-key cryptosystems based on QC-LDPC codes
Code-based public-key cryptosystems based on QC-LDPC and QC-MDPC codes are
promising post-quantum candidates to replace quantum vulnerable classical
alternatives. However, a new type of attacks based on Bob's reactions have
recently been introduced and appear to significantly reduce the length of the
life of any keypair used in these systems. In this paper we estimate the
complexity of all known reaction attacks against QC-LDPC and QC-MDPC code-based
variants of the McEliece cryptosystem. We also show how the structure of the
secret key and, in particular, the secret code rate affect the complexity of
these attacks. It follows from our results that QC-LDPC code-based systems can
indeed withstand reaction attacks, on condition that some specific decoding
algorithms are used and the secret code has a sufficiently high rate.Comment: 21 pages, 2 figures, to be presented at CANS 201
- …