Journal of Cryptographic Engineering

, Volume 1, Issue 1, pp 29–36 | Cite as

A simple power analysis attack on a McEliece cryptoprocessor

  • H. Gregor MolterEmail author
  • Marc Stöttinger
  • Abdulhadi Shoufan
  • Falko Strenzke
Regular Paper


The security of McEliece public-key cryptosystem is based on the difficulty of the decoding problem which is NP-hard. In this article, we propose a simple power analysis attack on this cryptosystem. The attack exploits an information leakage, which results from the relation between the error vector weight and the iteration number of the extended Euclidean algorithm used in Patterson Algorithm. Executing the proposed attacks enables the extraction of the secret error vector, and thus the plain text with minimal overhead. A countermeasure is presented which removes the information leakage and prevents the simple power analysis attack. The attack procedure and the countermeasure are applied to a cryptoprocessor implementation of the McEliece cryptosystem running on a FPGA platform.


Simple power analysis attack Code-based cryptography McEliece public-key cryptosystems Countermeasure 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balasubramanian, S., et al.: Fast multivariate signature generation in hardware: the case of rainbow. In: Proceedings of the 19th IEEE International Conference on Application-Specific Systems, Architectures and Processors, ASAP 2008 (2008)Google Scholar
  2. 2.
    Beuchat, J.C., Sendrier, N., Tisserand, A., Villard, G.: FPGA Implementation of a Recently Published Signature Scheme. Rapport de recherche RR LIP 2004-14 (2004)Google Scholar
  3. 3.
    Diffie W., Hellman M.: New directions in cryptography. IEEE Trans. Inform. Theory 22(6), 644–654 (1976)CrossRefzbMATHMathSciNetGoogle Scholar
  4. 4.
    El-Hadedy, M., Gligoroski, D., Knapskog, S.J.: High performance implementation of a public key block cipher—MQQ, for FPGA platforms. In: Proceedings of the International Conference on ReConFigurable Computing and FPGAs, ReConFig 2008 (2008)Google Scholar
  5. 5.
    ElGamal T.: A public key cryptosystem and a signature based on discrete logarithms. IEEE Trans. Inform. Theory 31, 469–472 (1985)CrossRefzbMATHMathSciNetGoogle Scholar
  6. 6.
    Fell, H., Diffie, W.: Analysis of a public key approach based on polynomial substitution. In: LNCS on Advances in Cryptology, CRYPTO’85 (1986)Google Scholar
  7. 7.
    Heyse, S., Moradi, A., Paar, C.: Practical power analysis attacks on software implementations of McEliece. In: Post-Quantum Cryptography, pp. 108–125 (2010). doi: 10.1007/978-3-642-12929-2_9
  8. 8.
    Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, pp. 104–113 (1996)Google Scholar
  9. 9.
    Kocher, P.: Differential power analysis. In: Advances in Cryptology-CRYPTO’99, 19th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 15–19, 1999, Proceedings 1666, 388–397 (1999)Google Scholar
  10. 10.
    Lenstra A.K., Lenstra H.W., Lovász L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515–534 (1982)CrossRefzbMATHMathSciNetGoogle Scholar
  11. 11.
    Lin S.: Error Control Coding: Fundamentals and Applications. Prentice-Hall, Englewood Cliffs, NJ (1983)Google Scholar
  12. 12.
    McEliece R.J.: A public key cryptosystem based on algebraic coding theory. DSN Progr. Rep. 42–44, 114–116 (1978)Google Scholar
  13. 13.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996).
  14. 14.
    Merkle, R.: A Certified digital signature. In: Proceedings on Advances in Cryptology, CRYPTO 89 (1989)Google Scholar
  15. 15.
    Miller, V.: Use of Elliptic Curves in Cryptography. Lecture Notes in Computer Science, vol. 218, pp. 417–426 (1985)Google Scholar
  16. 16.
    Patterson N.: Algebraic decoding of Goppa codes. IEEE Trans. Inform. Theory 21, 203–207 (1975)CrossRefzbMATHMathSciNetGoogle Scholar
  17. 17.
    Proos, J., Zalka, C.: Shor’s Discrete Logarithm Quantum Algorithm for Elliptic Curves. ArXiv Quantum Physics e-prints (2003)Google Scholar
  18. 18.
    Rivest R., Shamir A., Adleman L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)CrossRefzbMATHMathSciNetGoogle Scholar
  19. 19.
    Rodriguez-Henriques F., Saqib N., Perez A., Koc C.: Cryptographic algorithms on reconfigurable hardware. Springer, Heidelberg (2006)Google Scholar
  20. 20.
    Side-Channel Attack Standard Evaluation Board SASEBO-G Specification: Tech. rep., Research Center for Information Security (RCIS) (2008)Google Scholar
  21. 21.
    Schindler W., Lemke K., Paar C.: A stochastic model for differential side channel cryptanalysis. Proc. CHES 3659, 30–46 (2005)Google Scholar
  22. 22.
    Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings of the 35th Annual Symposium on Foundation of Computer Science (1994)Google Scholar
  23. 23.
    Shor P.W.: Polynomial time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)CrossRefzbMATHMathSciNetGoogle Scholar
  24. 24.
    Shoufan, A., Strenzke, F., Molter, H.G., Stoettinger, M.: A timing attack against Patterson Algorithm in the McEliece PKC. In: Proceedings of the 12th International Conference on Information Security and Cryptology (ICISC’09), Lecture Notes in Computer Science (2009)Google Scholar
  25. 25.
    Shoufan, A., Wink, T., Molter, G., Huss, S., Strenzke, F.: A novel processor architecture for McEliece cryptosystem and FPGA platforms. In: Proceedings of the 20th IEEE International Conference on Application-specific Systems, Architectures and Processors, ASAP 2009 (2009)Google Scholar
  26. 26.
    Strenzke, F., Tews, E., Molter, H.G., Overbeck, R., Shoufan, A.: Side channels in the McEliece PKC. In: Proceedings of International Workshop on Post-Quantum Cryptography, PQCrypto 2008, pp. 30–46 (2008)Google Scholar
  27. 27.
    Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of block ciphers implemented on computers with cache. In: Proceedings of International Symposium on Information Theory and Applications, pp. 803–806 (2002)Google Scholar

Copyright information

© Springer-Verlag 2011

Authors and Affiliations

  • H. Gregor Molter
    • 1
    Email author
  • Marc Stöttinger
    • 1
  • Abdulhadi Shoufan
    • 2
    • 3
  • Falko Strenzke
    • 4
    • 5
  1. 1.Integrated Circuits and Systems LabTechnische Universität DarmstadtDarmstadtGermany
  2. 2.Department of Electrical and Computer Engineering, College of EngineeringUniversity of SharjahSharjahUnited Arab Emirates
  3. 3.Center for Advanced Security Research Darmstadt (CASED)DarmstadtGermany
  4. 4.FlexSecure GmbHDarmstadtGermany
  5. 5.Cryptography and Computeralgebra LabTechnische Universität DarmstadtDarmstadtGermany

Personalised recommendations