Cryptology ePrint Archive: Report 2019/1434

About Low DFR for QC-MDPC Decoding

Nicolas Sendrier and Valentin Vasseur

Abstract: McEliece-like code-based key exchange mechanisms using QC-MDPC codes can reach IND-CPA security under hardness assumptions from coding theory, namely quasi-cyclic syndrome decoding and quasi-cyclic codeword finding. To reach higher security requirements, like IND-CCA security, it is necessary in addition to prove that the decoding failure rate (DFR) is negligible, for some decoding algorithm and a proper choice of parameters. Getting a formal proof of a low DFR is a difficult task. Instead, we propose to ensure this low DFR under some additional security assumption on the decoder. This assumption relates to the asymptotic behavior of the decoder and is supported by several other works. We define a new decoder, Backflip, which features a low DFR. We evaluate the Backflip decoder by simulation and extrapolate its DFR under the decoder security assumption. We also measure the accuracy of our simulation data, in the form of confidence intervals, using standard techniques from communication systems.

Category / Keywords: public-key cryptography / code-based cryptography, QC-MDPC code, BIKE, bit flipping algorithm

Date: received 9 Dec 2019

Contact author: nicolas sendrier at inria fr, valentin vasseur@inria fr

Available format(s): PDF | BibTeX Citation

Version: 20191210:081133 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]