Implementation of McEliece Based on Quasi-dyadic Goppa Codes for Embedded Devices
Most public-key cryptosystems frequently implemented have been proven secure on the basis of the presumed hardness of two mathematical problems: factoring the product of two large primes (FP) and computing discrete logarithms (DLP). At present, both problems are believed to be computationally infeasible with an ordinary computer. However, a quantum-computer having the ability to perform computations on a few thousand qbits could solve both problems using Shor’s algorithm . Although a quantum computer of this dimension has not been reported, development and cryptanalysis of alternative public-key cryptosystems seem suitable. To achieve acceptance and attention in practice, they have to be implemented efficiently. Furthermore, the implementations have to perform fast while keeping memory requirements low for security levels comparable to conventional schemes. The McEliece encryption and decryption do not require computationally expensive multiple precision arithmetic. Hence, it is predestined for an implementation on embedded devices. The major disadvantage of the McEliece public-key cryptosystem(PKC) is its very large public key of several hundred thousands bits. For this reason, the McEliece PKC has achieved little attention in the practice. Another disadvantage of the McEliece scheme, like many other schemes, is that it is not semantically secure. The quasi-dyadic McEliece variant proposed by Barreto and Misoczki addresses both problems. In this work we provide an implementation of this alternative public-key cryptosystem, which is semantically secure and uses a 40 times smaller public key and a five times smaller secret key compared to a previously published implementation .
KeywordsMcEliece Goppa Code Quasi-Dyadic Embedded Device Post-Quantum
Unable to display preview. Download preview PDF.
- 1.Adams, W., Loustaunau, P.: An Introduction to Gröbner Bases, vol. 3 (1994)Google Scholar
- 2.Afanasyev, V.B.: On the complexity of finite field arithmetic. In: Fifth Joint Soviet-Swedish Intern. Workshop Information Theory, pp. 9–12 (January 1991)Google Scholar
- 14.MacWilliams, F.J., Sloane, N.: The Theory of Error-Correcting Codes. North-Holland Mathematical Library, vol. 16 (1997)Google Scholar
- 15.McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Progress Report 42-44, Jet Propulsion Laboratory (January-February 1978)Google Scholar
- 17.Morii, M., Kasahara, M.: Efficient construction of gate circuit for computing multiplicative inverses over gf(2m). Transactions of the IEICE E72, 37–42 (1989)Google Scholar
- 18.Paar, C.: Efficient VLSI Architectures for Bit-Parallel Computation in Galois Fields. Dissertation, Institute for Experimental Mathematics, Universität Essen (1994)Google Scholar
- 20.Preneel, B., Bosselaers, A., Govaerts, R., Vandewalle, J.: A software implementation of the McEliece public-key cryptosystem. In: Proceedings of the 13th Symposium on Information Theory in the Benelux, Werkgemeenschap voor Informatieen Communicatietheorie, pp. 119–126. Springer, Heidelberg (1992)Google Scholar
- 21.Prometheus. Implementation of McEliece cryptosystem for 32-bit microprocessors (c-source), http://www.eccpage.com/
- 22.Sendrier, N.: Encoding information into constant weight words. In: IEEE Conference, ISIT 2005, pp. 435–438 ( September 2005)Google Scholar