Cryptology ePrint Archive: Report 2020/298

Fast polynomial inversion for post quantum QC-MDPC cryptography

Nir Drucker and Shay Gueron and Dusan Kostic

Abstract: The NIST PQC standardization project evaluates multiple new designs for post-quantum Key Encapsulation Mechanisms (KEMs). Some of them present challenging tradeoffs between communication bandwidth and computational overheads. An interesting case is the set of QC-MDPC based KEMs. Here, schemes that use the Niederreiter framework require only half the communication bandwidth compared to schemes that use the McEliece framework. However, this requires costly polynomial inversion during the key generation, which is prohibitive when ephemeral keys are used. One example is BIKE, where the BIKE-1 variant uses McEliece and the BIKE-2 variant uses Niederreiter. This paper shows an optimized constant-time polynomial inversion method that makes the computation costs of BIKE-2 key generation tolerable. We report a speedup of 11.8x over the commonly used NTL library, and 55.5 over OpenSSL. We achieve additional speedups by leveraging the latest Intel's Vector-PCLMULQDQ instructions on a laptop machine, 14.3x over NTL and 96.8x over OpenSSL. With this, BIKE-2 becomes a competitive variant of BIKE.

Category / Keywords: implementation / Polynomial inversion, BIKE, QC-MDPC codes, constanttime algorithm, constant-time implementation

Date: received 6 Mar 2020

Contact author: drucker nir at gmail com,shay gueron@gmail com,dusan kostic@epfl ch

Available format(s): PDF | BibTeX Citation

Version: 20200309:131154 (All versions of this report)

Short URL: ia.cr/2020/298


[ Cryptology ePrint archive ]