Journal of Cryptographic Engineering

, Volume 1, Issue 1, pp 29–36

A simple power analysis attack on a McEliece cryptoprocessor


    • Integrated Circuits and Systems LabTechnische Universität Darmstadt
  • Marc Stöttinger
    • Integrated Circuits and Systems LabTechnische Universität Darmstadt
  • Abdulhadi Shoufan
    • Department of Electrical and Computer Engineering, College of EngineeringUniversity of Sharjah
    • Center for Advanced Security Research Darmstadt (CASED)
  • Falko Strenzke
    • FlexSecure GmbH
    • Cryptography and Computeralgebra LabTechnische Universität Darmstadt
Regular Paper

DOI: 10.1007/s13389-011-0001-3

Cite this article as:
Molter, H.G., Stöttinger, M., Shoufan, A. et al. J Cryptogr Eng (2011) 1: 29. doi:10.1007/s13389-011-0001-3


The security of McEliece public-key cryptosystem is based on the difficulty of the decoding problem which is NP-hard. In this article, we propose a simple power analysis attack on this cryptosystem. The attack exploits an information leakage, which results from the relation between the error vector weight and the iteration number of the extended Euclidean algorithm used in Patterson Algorithm. Executing the proposed attacks enables the extraction of the secret error vector, and thus the plain text with minimal overhead. A countermeasure is presented which removes the information leakage and prevents the simple power analysis attack. The attack procedure and the countermeasure are applied to a cryptoprocessor implementation of the McEliece cryptosystem running on a FPGA platform.


Simple power analysis attackCode-based cryptographyMcEliece public-key cryptosystemsCountermeasure

Copyright information

© Springer-Verlag 2011