A CCA2 Secure Variant of the McEliece Cryptosystem

The McEliece public-key encryption scheme has become an interesting alternative to cryptosystems based on number-theoretical problems. Differently from RSA and ElGa- mal, McEliece PKC is not known to be broken by a quantum computer. Moreover, even tough McEliece PKC has a relatively big key size, encryption and decryption operations are rather efficient. In spite of all the recent results in coding theory based cryptosystems, to the date, there are no constructions secure against chosen ciphertext attacks in the standard model - the de facto security notion for public-key cryptosystems. In this work, we show the first construction of a McEliece based public-key cryptosystem secure against chosen ciphertext attacks in the standard model. Our construction is inspired by a recently proposed technique by Rosen and Segev

A lightweight McEliece cryptosystem co-processor design

Due to the rapid advances in the development of quantum computers and their susceptibility to errors, there is a renewed interest in error correction algorithms. In particular, error correcting code-based cryptosystems have reemerged as a highly desirable coding technique. This is due to the fact that most classical asymmetric cryptosystems will fail in the quantum computing era. Quantum computers can solve many of the integer factorization and discrete logarithm problems efficiently. However, code-based cryptosystems are still secure against quantum computers, since the decoding of linear codes remains as NP-hard even on these computing systems. One such cryptosystem is the McEliece code-based cryptosystem. The original McEliece code-based cryptosystem uses binary Goppa code, which is known for its good code rate and error correction capability. However, its key generation and decoding procedures have a high computation complexity. In this work we propose a design and hardware implementation of an public-key encryption and decryption co-processor based on a new variant of McEliece system. This co-processor takes the advantage of the non-binary Orthogonal Latin Square Codes to achieve much smaller computation complexity, hardware cost, and the key size.Published versio

A Lightweight McEliece Cryptosystem Co-processor Design

Due to the rapid advances in the development of quantum computers and their susceptibility to errors, there is a renewed interest in error correction algorithms. In particular, error correcting code-based cryptosystems have reemerged as a highly desirable coding technique. This is due to the fact that most classical asymmetric cryptosystems will fail in the quantum computing era. Quantum computers can solve many of the integer factorization and discrete logarithm problems efficiently. However, code-based cryptosystems are still secure against quantum computers, since the decoding of linear codes remains as NP-hard even on these computing systems. One such cryptosystem is the McEliece code-based cryptosystem. The original McEliece code-based cryptosystem uses binary Goppa code, which is known for its good code rate and error correction capability. However, its key generation and decoding procedures have a high computation complexity. In this work we propose a design and hardware implementation of an public-key encryption and decryption co-processor based on a new variant of McEliece system. This co-processor takes the advantage of the non-binary Orthogonal Latin Square Codes to achieve much smaller computation complexity, hardware cost, and the key size.Comment: 2019 Boston Area Architecture Workshop (BARC'19

Post-quantum cryptographic hardware primitives

The development and implementation of post-quantum cryptosystems have become a pressing issue in the design of secure computing systems, as general quantum computers have become more feasible in the last two years. In this work, we introduce a set of hardware post-quantum cryptographic primitives (PCPs) consisting of four frequently used security components, i.e., public-key cryptosystem (PKC), key exchange (KEX), oblivious transfer (OT), and zero-knowledge proof (ZKP). In addition, we design a high speed polynomial multiplier to accelerate these primitives. These primitives will aid researchers and designers in constructing quantum-proof secure computing systems in the post-quantum era.Published versio

Investigating Lattice-Based Cryptography

Cryptography is important for data confidentiality, integrity, and authentication. Public key cryptosystems allow for the encryption and decryption of data using two different keys, one that is public and one that is private. This is beneficial because there is no need to securely distribute a secret key. However, the development of quantum computers implies that many public-key cryptosystems for which security depends on the hardness of solving math problems will no longer be secure. It is important to develop systems that have harder math problems which cannot be solved by a quantum computer. In this project, two public-key cryptosystems which are candidates for quantum-resistance were implemented using Rust. The security of the McEliece system is based on the hardness of decoding a linear code which is an NP-hard problem, and the security of the Regev system is based off of the Learning with Errors problem which is as hard as several worst-case lattice problems [1], [2]. Tests were run to verify the correctness of the implemented systems and experiments were run to analyze the cost of replacing pre-quantum systems with post- quantum systems

Hardware Implementation of a Polar Code-based Public Key Cryptosystem

In recent years, there have been many studies on quantum computing and the construction of quantum computers which are capable of breaking conventional number theory-based public key cryptosystems. Therefore, in the not-too-distant future, we need the public key cryptosystems that withstand against the attacks executed by quantum computers, so-called post-quantum cryptosystems. A public key cryptosystem based on polar codes (PKC-PC) has recently been introduced whose security depends on the difficulty of solving the general decoding problem of polar code. In this paper, we first implement the encryption, key generation and decryption algorithms of PKC-PC on Raspberry Pi3. Then, to evaluate its performance, we have measured several related parameters such as execution time, energy consumption, memory consumption and CPU utilization. All these metrics are investigated for encryption/decryption algorithms of PKC-PC with various parameters of polar codes. In the next step, the investigated parameters are compared to the implemented McEliece public key cryptosystem. Analyses of such results show that the execution time of encryption/decryption as well as the energy and memory consumption of PKC-PC is shorter than the McEliece cryptosystem.Comment: 19 pages, 15 figure

Quantum Algorithms for Boolean Equation Solving and Quantum Algebraic Attack on Cryptosystems

Decision of whether a Boolean equation system has a solution is an NPC problem and finding a solution is NP hard. In this paper, we present a quantum algorithm to decide whether a Boolean equation system FS has a solution and compute one if FS does have solutions with any given success probability. The runtime complexity of the algorithm is polynomial in the size of FS and the condition number of FS. As a consequence, we give a polynomial-time quantum algorithm for solving Boolean equation systems if their condition numbers are small, say polynomial in the size of FS. We apply our quantum algorithm for solving Boolean equations to the cryptanalysis of several important cryptosystems: the stream cipher Trivum, the block cipher AES, the hash function SHA-3/Keccak, and the multivariate public key cryptosystems, and show that they are secure under quantum algebraic attack only if the condition numbers of the corresponding equation systems are large. This leads to a new criterion for designing cryptosystems that can against the attack of quantum computers: their corresponding equation systems must have large condition numbers