Paper 2023/428
Security analysis of the Classic McEliece, HQC and BIKE schemes in low memory
Abstract
With the advancement of NIST PQC standardization, three of the four candidates in Round 4 are code-based schemes, namely Classic McEliece, HQC and BIKE. Currently, one of the most important tasks is to further analyze their security levels for the suggested parameter sets. At PKC 2022 Esser and Bellini restated the major information set decoding (ISD) algorithms by using nearest neighbor search and then applied these ISD algorithms to estimate the bit security of Classic McEliece, HQC and BIKE under the suggested parameter sets. However, all major ISD algorithms consume a large amount of memory, which in turn affects their time complexities. In this paper, we reestimate the bit-security levels of the parameter sets suggested by these three schemes in low memory by applying $K$-list sum algorithms to ISD algorithms. Compared with Esser-Bellini's results, our results achieve the best gains for Classic McEliece, HQC, and BIKE, with reductions in bit-security levels of $11.09$, $12.64$, and $12.19$ bits, respectively.
Note: We revise the four instances V1, V2, V3 and V4 of Theorem 1 for writing errors.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- Information Set DecodingSyndrome DecodingCode-based CryptographyK-list.
- Contact author(s)
-
liyu1 @ iie ac cn
wangliping @ iie ac cn - History
- 2024-02-29: revised
- 2023-03-24: received
- See all versions
- Short URL
- https://ia.cr/2023/428
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/428,
author = {Yu Li and Li-Ping Wang},
title = {Security analysis of the Classic {McEliece}, {HQC} and {BIKE} schemes in low memory},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/428},
year = {2023},
url = {https://eprint.iacr.org/2023/428}
}
