A Timing Attack against Patterson Algorithm in the McEliece PKC

  • Abdulhadi Shoufan
  • Falko Strenzke
  • H. Gregor Molter
  • Marc Stöttinger
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5984)


The security of McEliece public-key cryptosystem is based on the difficulty of the decoding problem which is NP-hard. In this paper we propose a timing attack on the Patterson Algorithm, which is used for efficient decoding in Goppa codes. The attack is based on the relation between the error vector weight and the iteration number of the extended Euclidean algorithm used in Patterson Algorithm. This attack enables the extraction of the secret error vector with minimal overhead. A countermeasure is proposed and verified for a FPGA implementation.


Side channel attack timing attack post quantum cryptography code-based cryptography 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)CrossRefMathSciNetzbMATHGoogle Scholar
  2. 2.
    Rivest, R., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21(2), 120–126 (1978)CrossRefMathSciNetzbMATHGoogle Scholar
  3. 3.
    Miller, V.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  4. 4.
    ElGamal, T.: A Public Key Cryptosystem and A Signature Based on Discrete Logarims. IEEE Transactions on Information Theory (1985)Google Scholar
  5. 5.
    Shor, P.W.: Algorithms For Quantum Computation: Discrete Logarithms and Factoring. In: Proceedings, 35th Annual Symposium on Foundation of Computer Science (1994)Google Scholar
  6. 6.
    Shor, P.W.: Polynomial Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM Journal on Computing 26(5), 1484–1509 (1997)CrossRefMathSciNetzbMATHGoogle Scholar
  7. 7.
    Proos, J., Zalka, C.: Shor’s Discrete Logarithm Quantum Algorithm for Elliptic Curves (2003)Google Scholar
  8. 8.
    Merkle, R.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)Google Scholar
  9. 9.
    McEliece, R.J.: A Public Key Cryptosystem Based on Algebraic Coding Theory. DSN Progress Report 42-44 , 114–116Google Scholar
  10. 10.
    Lenstra, A.K., Lovasz, J.L.: Factoring Polynomials with Rational Coefficients. Math., 515–534 (1982)Google Scholar
  11. 11.
    Fell, H., Diffie, W.: Analysis of a Public Key Approach Based on Polynomial Substitution. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 340–349. Springer, Heidelberg (1986)Google Scholar
  12. 12.
    Balasubramanian, S., et al.: Fast Multivariate Signature Generation in Hardware: The Case of Rainbow. In: 19th IEEE Int. Conf. on Application-specific Systems, Architectures and Processors ASAP (2008)Google Scholar
  13. 13.
    El-Hadedy, M., Gligoroski, D., Knapskog, S.J.: High Performance Implementation of a Public Key Block Cipher - MQQ, for FPGA Platforms. In: International Conference on ReConFigurable Computing and FPGAs, ReConFig 2008 (2008)Google Scholar
  14. 14.
    Beuchat, J.C., Sendrier, N., Tisserand, A., Villard, G.: FPGA Implementation of a Recently Published Signature Scheme. Rapport de recherche RR LIP 2004-14 (2004)Google Scholar
  15. 15.
    Shoufan, A., Wink, T., Molter, G., Huss, S., Strenzke, F.: A Novel Processor Architecture for McEliece Cryptosystem and FPGA Platforms. In: 20th IEEE Int. Conf. on Application-specific Systems, Architectures and Processors ASAP 2009 (2009)Google Scholar
  16. 16.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)Google Scholar
  17. 17.
    Patterson, N.: Algebraic Decoding of Goppa Codes. IEEE Transactions Information Theory 21, 203–207 (1975)CrossRefMathSciNetzbMATHGoogle Scholar
  18. 18.
    Kocher, P.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, pp. 104–113 (1996)Google Scholar
  19. 19.
    Kocher, P.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  20. 20.
    Tsunoo, Y., Tsujihara, E., Minematsu, K., Miyauchi, H.: Cryptanalysis of Block Ciphers Implemented on Computers with Cache. In: International Symposium on Information Theory and Applications, pp. 803–806 (2002)Google Scholar
  21. 21.
    Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  22. 22.
    Strenzke, F., Tews, E., Molter, H.G., Overbeck, R., Shoufan, A.: Side Channels in the McEliece PKC. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 30–46. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  23. 23.
    Lin, S.: Error Control Coding: Fundamentals and Applications. Prentice-Hall, Englewood Cliffs (1983)Google Scholar
  24. 24.
    Rodriguez-Henriques, F., Saqib, N., Perez, A., Koc, C.: Cryptographic Algorithms on Reconfigurable Hardware. Springer, Heidelberg (2006)Google Scholar
  25. 25.
    Pointcheval, D.: Chosen-ciphertext security for any one-way cryptosystem. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 129–146. Springer, Heidelberg (2000)Google Scholar
  26. 26.
    Kobara, K., Imai, H.: Semantically Secure McEliece Public-Key Cryptosystems - Conversions for McEliece PKC. In: Practice and Theory in Public Key Cryptography - PKC ’01 Proceedings (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Abdulhadi Shoufan
    • 1
  • Falko Strenzke
    • 2
  • H. Gregor Molter
    • 3
  • Marc Stöttinger
    • 3
  1. 1.Center for Advanced Security Research Darmstadt CASEDGermany
  2. 2.FlexSecure GmbHGermany
  3. 3.Integrated Circuits and Systems Lab, Department of Computer ScienceTechnische Universität Darmstadt, GermanyGermany

Personalised recommendations