Abstract
The Classic McEliece cryptosystem is one of the most trusted quantum-resistant cryptographic schemes. Deploying it in practical applications, however, is challenging due to the size of its public key. In this work, we bridge this gap. We present an implementation of Classic McEliece on an ARM Cortex-M4 processor, optimized to overcome memory constraints. To this end, we present an algorithm to retrieve the public key ad-hoc. This reduces memory and storage requirements and enables the generation of larger key pairs on the device. To further improve the implementation, we perform the public key operation by streaming the key to avoid storing it as a whole. This additionally reduces the risk of denial of service attacks. Finally, we use these results to implement and run TLS on the embedded device.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
This wording avoids calling it generating the public key since the public key is already uniquely defined after the private key is chosen. The term “generate” might be misleading and imply that randomness is introduced into this process.
- 4.
While there are other significant, temporary memory-overheads in the Classic McEliece code, none of them is as big as that for S. Furthermore, for the extended private key generation, temporary buffers can often be placed in the buffer where S is written into at the end of the key generation process. This results in a decreased overall memory consumption.
- 5.
References
Augot, D., et al.: Initial recommendations of long-term secure post-quantum systems (2015)
Baldi, M., Bodrato, M., Chiaraluce, F.: A new analysis of the McEliece cryptosystem based on QC-LDPC codes. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks, pp. 246–262. Springer, Berlin Heidelberg (2008)
Baldi, M., Santini, P., Chiaraluce, F.: Soft McEliece: MDPC code-based McEliece cryptosystems with very compact keys through real-valued intentional errors. In: Proceedings of the IEEE International Symposium on Information Theory (ISIT 2016), pp. 795–799, July 2016. https://doi.org/10.1109/ISIT.2016.7541408
Bernstein, D., et al.: Classic McEliece Supporting Documentation (2019)
Bernstein, D.J., Lange, T.: McTiny: fast high-confidence post-quantum key erasure for tiny network servers. Cryptology ePrint Archive, Report 2019/1395 (2019). https://eprint.iacr.org/2019/1395
Cayrel, P.L., Hoffmann, G., Persichetti, E.: Efficient implementation of a CCA2-secure variant of McEliece using generalized srivastava codes. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) Public Key Cryptography - PKC 2012, pp. 138–155. Springer, Berlin Heidelberg (2012)
Eisenbarth, T., Güneysu, T., Heyse, S., Paar, C.: MicroEliece: McEliece for embedded devices. In: Clavier, C., Gaj, K. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2009, pp. 49–64. Springer, Heidelberg (2009)
Faugère, J.C., Otmani, A., Perret, L., de Portzamparc, F., Tillich, J.P.: Structural cryptanalysis of McEliece schemes with compact keys. Designs Codes Crypt. 79(1), 87–112 (2016). https://doi.org/10.1007/s10623-015-0036-z
Golub, G.H., van Loan, C.F.: Matrix Computations, 4 edn. JHU Press (2013). http://www.cs.cornell.edu/cv/GVL4/golubandvanloan.htm
Heyse, S.: Low-Reiter: Niederreiter encryption scheme for embedded microcontrollers. In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 165–181. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12929-2_13
Heyse, S.: Implementation of McEliece based on quasi-dyadic Goppa codes for embedded devices. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 143–162. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_10
Heyse, S., von Maurich, I., Güneysu, T.: Smaller keys for code-based cryptography: QC-MDPC McEliece implementations on embedded devices. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 273–292. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_16
Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 446–470. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_17
Hülsing, A., et al.: Sphincs+. https://sphincs.org/
van Lint, J.H.: Introduction to Coding Theory, 3rd edn. Springer, Heidelberg (1998). https://doi.org/10.1007/978-3-642-58575-3
McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. Deep Space Network Prog. Rep. 42(44), 114–116 (1978)
Misoczki, R., Barreto, P.S.L.M.: Compact McEliece keys from Goppa codes. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 376–392. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05445-7_24
Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Prob. Control Inf. Theory 15, 159–166 (1986)
Shoup, V.: A proposal for an ISO standard for public key encryption (version 2.1), January 2002. https://www.shoup.net/papers/iso-2_1.pdf
Strenzke, F.: Solutions for the storage problem of McEliece public and private keys on memory-constrained platforms. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 120–135. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33383-5_8
Acknowledgements
This work was partially funded by the German Federal Ministry of Education and Research (BMBF) under the project “QuantumRISC” (ID 16KIS1037 and ID 16KIS1039). Moreover, JK was funded by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – SFB 1119 – 236615297. The authors thank Stathis Deligeorgopoulos for his preliminary work on TLS.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Roth, J., Karatsiolis, E., Krämer, J. (2021). Classic McEliece Implementation with Low Memory Footprint. In: Liardet, PY., Mentens, N. (eds) Smart Card Research and Advanced Applications. CARDIS 2020. Lecture Notes in Computer Science(), vol 12609. Springer, Cham. https://doi.org/10.1007/978-3-030-68487-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-68487-7_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-68486-0
Online ISBN: 978-3-030-68487-7
eBook Packages: Computer ScienceComputer Science (R0)