Skip to main content
SpringerLink
Log in

Classic McEliece Implementation with Low Memory Footprint

  • Conference paper
  • First Online:
Smart Card Research and Advanced Applications (CARDIS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12609))

Abstract

The Classic McEliece cryptosystem is one of the most trusted quantum-resistant cryptographic schemes. Deploying it in practical applications, however, is challenging due to the size of its public key. In this work, we bridge this gap. We present an implementation of Classic McEliece on an ARM Cortex-M4 processor, optimized to overcome memory constraints. To this end, we present an algorithm to retrieve the public key ad-hoc. This reduces memory and storage requirements and enables the generation of larger key pairs on the device. To further improve the implementation, we perform the public key operation by streaming the key to avoid storing it as a whole. This additionally reduces the risk of denial of service attacks. Finally, we use these results to implement and run TLS on the embedded device.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://groups.google.com/a/list.nist.gov/forum/#!topic/pqc-forum/0ieuPB-b8eg.

  2. 2.

    https://groups.google.com/a/list.nist.gov/forum/#!topic/pqc-forum/cJxMq0_90gU.

  3. 3.

    This wording avoids calling it generating the public key since the public key is already uniquely defined after the private key is chosen. The term “generate” might be misleading and imply that randomness is introduced into this process.

  4. 4.

    While there are other significant, temporary memory-overheads in the Classic McEliece code, none of them is as big as that for S. Furthermore, for the extended private key generation, temporary buffers can often be placed in the buffer where S is written into at the end of the key generation process. This results in a decreased overall memory consumption.

  5. 5.

    https://tls.mbed.org/.

References

  1. Augot, D., et al.: Initial recommendations of long-term secure post-quantum systems (2015)

    Google Scholar 

  2. Baldi, M., Bodrato, M., Chiaraluce, F.: A new analysis of the McEliece cryptosystem based on QC-LDPC codes. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks, pp. 246–262. Springer, Berlin Heidelberg (2008)

    Chapter  Google Scholar 

  3. Baldi, M., Santini, P., Chiaraluce, F.: Soft McEliece: MDPC code-based McEliece cryptosystems with very compact keys through real-valued intentional errors. In: Proceedings of the IEEE International Symposium on Information Theory (ISIT 2016), pp. 795–799, July 2016. https://doi.org/10.1109/ISIT.2016.7541408

  4. Bernstein, D., et al.: Classic McEliece Supporting Documentation (2019)

    Google Scholar 

  5. Bernstein, D.J., Lange, T.: McTiny: fast high-confidence post-quantum key erasure for tiny network servers. Cryptology ePrint Archive, Report 2019/1395 (2019). https://eprint.iacr.org/2019/1395

  6. Cayrel, P.L., Hoffmann, G., Persichetti, E.: Efficient implementation of a CCA2-secure variant of McEliece using generalized srivastava codes. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) Public Key Cryptography - PKC 2012, pp. 138–155. Springer, Berlin Heidelberg (2012)

    Chapter  Google Scholar 

  7. Eisenbarth, T., Güneysu, T., Heyse, S., Paar, C.: MicroEliece: McEliece for embedded devices. In: Clavier, C., Gaj, K. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2009, pp. 49–64. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Faugère, J.C., Otmani, A., Perret, L., de Portzamparc, F., Tillich, J.P.: Structural cryptanalysis of McEliece schemes with compact keys. Designs Codes Crypt. 79(1), 87–112 (2016). https://doi.org/10.1007/s10623-015-0036-z

    Article  MathSciNet  MATH  Google Scholar 

  9. Golub, G.H., van Loan, C.F.: Matrix Computations, 4 edn. JHU Press (2013). http://www.cs.cornell.edu/cv/GVL4/golubandvanloan.htm

  10. Heyse, S.: Low-Reiter: Niederreiter encryption scheme for embedded microcontrollers. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 165–181. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12929-2_13

    Chapter  Google Scholar 

  11. Heyse, S.: Implementation of McEliece based on quasi-dyadic Goppa codes for embedded devices. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 143–162. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_10

    Chapter  Google Scholar 

  12. Heyse, S., von Maurich, I., Güneysu, T.: Smaller keys for code-based cryptography: QC-MDPC McEliece implementations on embedded devices. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 273–292. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_16

    Chapter  MATH  Google Scholar 

  13. Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 446–470. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_17

    Chapter  Google Scholar 

  14. Hülsing, A., et al.: Sphincs+. https://sphincs.org/

  15. van Lint, J.H.: Introduction to Coding Theory, 3rd edn. Springer, Heidelberg (1998). https://doi.org/10.1007/978-3-642-58575-3

    Book  MATH  Google Scholar 

  16. McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. Deep Space Network Prog. Rep. 42(44), 114–116 (1978)

    Google Scholar 

  17. Misoczki, R., Barreto, P.S.L.M.: Compact McEliece keys from Goppa codes. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 376–392. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05445-7_24

    Chapter  Google Scholar 

  18. Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Prob. Control Inf. Theory 15, 159–166 (1986)

    MathSciNet  MATH  Google Scholar 

  19. Shoup, V.: A proposal for an ISO standard for public key encryption (version 2.1), January 2002. https://www.shoup.net/papers/iso-2_1.pdf

  20. Strenzke, F.: Solutions for the storage problem of McEliece public and private keys on memory-constrained platforms. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 120–135. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33383-5_8

    Chapter  Google Scholar 

Download references

Acknowledgements

This work was partially funded by the German Federal Ministry of Education and Research (BMBF) under the project “QuantumRISC” (ID 16KIS1037 and ID 16KIS1039). Moreover, JK was funded by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – SFB 1119 – 236615297. The authors thank Stathis Deligeorgopoulos for his preliminary work on TLS.

Author information

Authors and Affiliations

  1. MTG AG, Darmstadt, Germany

    Johannes Roth & Evangelos Karatsiolis

  2. Technische Universität Darmstadt, Darmstadt, Germany

    Juliane Krämer

Authors
  1. Johannes Roth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Evangelos Karatsiolis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Juliane Krämer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Johannes Roth .

Editor information

Editors and Affiliations

  1. eShard, Pessac, France

    Pierre-Yvan Liardet

  2. Leiden University and KU Leuven, Leiden, The Netherlands

    Nele Mentens

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Roth, J., Karatsiolis, E., Krämer, J. (2021). Classic McEliece Implementation with Low Memory Footprint. In: Liardet, PY., Mentens, N. (eds) Smart Card Research and Advanced Applications. CARDIS 2020. Lecture Notes in Computer Science(), vol 12609. Springer, Cham. https://doi.org/10.1007/978-3-030-68487-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68487-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68486-0

  • Online ISBN: 978-3-030-68487-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation