Fast and Secure Root Finding for Code-Based Cryptosystems
In this work we analyze five previously published respectively trivial approaches and two new hybrid variants for the task of finding the roots of the error locator polynomial during the decryption operation of code-based encryption schemes. We compare the performance of these algorithms and show that optimizations concerning finite field element representations play a key role for the speed of software implementations. Furthermore, we point out a number of timing attack vulnerabilities that can arise in root-finding algorithms, some aimed at recovering the message, others at the secret support. We give experimental results of software implementations showing that manifestations of these vulnerabilities are present in straightforward implementations of most of the root-finding variants presented in this work. As a result, we find that one of the variants provides security with respect to all vulnerabilities as well as competitive computation time for code parameters that minimize the public key size.
Keywordsside channel attack timing attack implementation code-based cryptography
Unable to display preview. Download preview PDF.
- 1.McEliece, R.J.: A public key cryptosystem based on algebraic coding theory. DSN Progress Report 42-44, 114–116 (1978)Google Scholar
- 6.Shoufan, A., Wink, T., Molter, G., Huss, S., Strenzke, F.: A Novel Processor Architecture for McEliece Cryptosystem and FPGA Platforms. In: ASAP 2009: Proceedings of the 2009 20th IEEE International Conference on Application-specific Systems, Architectures and Processors, pp. 98–105. IEEE Computer Society, Washington, DC (2009)Google Scholar
- 8.Molter, H.G., Stöttinger, M., Shoufan, A., Strenzke, F.: A Simple Power Analysis Attack on a McEliece Cryptoprocessor. Journal of Cryptographic Engineering (2011)Google Scholar
- 13.Strenzke, F.: Message-aimed Side Channel and Fault Attacks against Public Key Cryptosystems with homomorphic Properties. Journal of Cryptographic Engineering (2011), doi:10.1007/s13389-011-0020-0; a preliminary version appeared at COSADE 2011Google Scholar
- 15.Biswas, B., Sendrier, N.: HyMES - an open source implementation of the McEliece cryptosystem (2008), http://www-rocq.inria.fr/secret/CBCrypto/index.php?pg=hymes
- 19.Biswas, B., Herbert, V.: Efficient Root Finding of Polynomials over Fields of Characteristic 2. WEWoRK (2009), http://hal.inria.fr/hal-00626997/PDF/tbz.pdf
- 21.Overbeck, R.: An Analysis of Side Channels in the McEliece PKC (2008), https://www.cosic.esat.kuleuven.be/nato_arw/slides_participants/Overbeck_slides_nato08.pdf