Regular Paper

Journal of Cryptographic Engineering

, Volume 1, Issue 1, pp 29-36

First online:

A simple power analysis attack on a McEliece cryptoprocessor

  • H. Gregor MolterAffiliated withIntegrated Circuits and Systems Lab, Technische Universität Darmstadt Email author 
  • , Marc StöttingerAffiliated withIntegrated Circuits and Systems Lab, Technische Universität Darmstadt
  • , Abdulhadi ShoufanAffiliated withDepartment of Electrical and Computer Engineering, College of Engineering, University of SharjahCenter for Advanced Security Research Darmstadt (CASED)
  • , Falko StrenzkeAffiliated withFlexSecure GmbHCryptography and Computeralgebra Lab, Technische Universität Darmstadt

Rent the article at a discount

Rent now

* Final gross prices may vary according to local VAT.

Get Access


The security of McEliece public-key cryptosystem is based on the difficulty of the decoding problem which is NP-hard. In this article, we propose a simple power analysis attack on this cryptosystem. The attack exploits an information leakage, which results from the relation between the error vector weight and the iteration number of the extended Euclidean algorithm used in Patterson Algorithm. Executing the proposed attacks enables the extraction of the secret error vector, and thus the plain text with minimal overhead. A countermeasure is presented which removes the information leakage and prevents the simple power analysis attack. The attack procedure and the countermeasure are applied to a cryptoprocessor implementation of the McEliece cryptosystem running on a FPGA platform.


Simple power analysis attack Code-based cryptography McEliece public-key cryptosystems Countermeasure