Cryptology ePrint Archive: Report 2015/610

McBits: fast constant-time code-based cryptography

Daniel J. Bernstein and Tung Chou and Peter Schwabe

Abstract: This paper presents extremely fast algorithms for code-based public-key cryptography, including full protection against timing attacks. For example, at a 2^128 security level, this paper achieves a reciprocal decryption throughput of just 60493 cycles (plus cipher cost etc.) on a single Ivy Bridge core. These algorithms rely on an additive FFT for fast root computation, a transposed additive FFT for fast syndrome computation, and a sorting network to avoid cache-timing attacks.

Category / Keywords: implementation / McEliece, Niederreiter, CFS, bitslicing, software implementation

Original Publication (with minor differences): IACR-CHES-2013

Date: received 21 Jun 2015

Contact author: peter at cryptojedi org

Available format(s): PDF | BibTeX Citation

Version: 20150628:193232 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]