skip to main content
10.1145/3327958.3329544acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

Rank-metric Encryption on Arm-Cortex M0: Porting code-based cryptography to lightweight devices

Published: 02 July 2019 Publication History

Abstract

Since its invention by McEliece in 1978, cryptography based on Error Correcting Codes (ECC) has suffered from the reputation of not being suitable for constrained devices. Indeed, McEliece's scheme and its variants have large public keys and relatively long ciphertexts. Recent works on these downsides explored the possible use of ECC based on rank metric instead of Hamming metric. These codes were introduced in the late 80's to eliminate errors with repeating patterns, regardless of their Hamming weight. Numerous proposals for the NIST Post-Quantum Cryptography (PQC) competition rely on these codes. It has been proven that lattice-based cryptography and even hash-based signatures can run on lightweight devices, but the question remains for code-based cryptography. In this work, we demonstrate that this is actually possible for rank metric: we have implemented the encryption operation of 5 schemes based on ECC in rank metric and made them run on an Arm Cortex-M0 processor, the smallest Arm processor available. We describe the technical difficulties of porting rank-based cryptography to a resource-constrained device while maintaining decent performance and a suitable level of security against side-channel attacks, especially timing attacks.

References

[1]
A Al Abdouli, Mohamed Al Ali, Emanuele Bellini, Florian Caullery, Alexandros Hasikos, Marc Manzano, and Victor Mateu. 2018. DRANKULA, a McEliece-like rank metric based cryptosystem implementation. In Proceedings of SECRYPT .
[2]
ARM. 2009. Cortex-M0 - Technical Reference Manual. (2009). https://static.docs.arm.com/ddi0432/c/DDI0432C_cortex_m0_r0p0_trm.pdf?_ga=2.65362413.2132650085.1547543449--853925946.1539837347
[3]
ARM. 2017. ARMv6-M Architecture, Reference Manual. (2017). https://static.docs.arm.com/ddi0419/d/DDI0419D_armv6m_arm.pdf
[4]
Jean-Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian Winnerlein. 2013. BLAKE2. (2013). https://blake2.net/blake2.pdf
[5]
Jean-Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian Winnerlein. 2016. BLAKE2X. (2016). https://blake2.net/blake2x.pdf
[6]
Alessandro De Piccoli, Andrea Visconti, and Ottavio Rizzo. 2018. Polynomial multiplication over binary finite fields: new upper bounds. (03 2018). https://eprint.iacr.org/2018/091.pdf
[7]
Jean-Christophe Deneuville, Philippe Gaborit, and Gilles Zémor. 2017. Ouroboros: A simple, secure and efficient key exchange protocol based on coding theory. In International Workshop on Post-Quantum Cryptography. Springer, 18--34.
[8]
M. H. Devoret and R. J. Schoelkopf. 2013. Superconducting Circuits for Quantum Information: An Outlook. Science, Vol. 339, 6124 (2013), 1169--1174.
[9]
Cédric Faure and Pierre Loidreau. 2006. A New Public-Key Cryptosystem Based on the Problem of Reconstructing p-Polynomials. Vol. 3969. 304--315.
[10]
Ernest Mukhamedovich Gabidulin. 1985. Theory of codes with maximum rank distance. Problemy Peredachi Informatsii, Vol. 21, 1 (1985), 3--16.
[11]
E. M. Gabidulin, A. V. Paramonov, and O. V. Tretjakov. 1991. Ideals over a Non-Commutative Ring and their Application in Cryptology. 482--489.
[12]
Philippe Gaborit, Gaétan Murat, Olivier Ruatta, and Gilles Zémor. 2013. Low Rank Parity Check codes and their application to cryptography. In Proceedings of the Workshop on Coding and Cryptography WCC-2013, Bergen, Norway .
[13]
Philippe Gaborit, Ayoub Otmani, and Hervé Talé Kalachi. 2018. Polynomial-time key recovery attack on the Faure--Loidreau scheme based on Gabidulin codes. Designs, Codes and Cryptography, Vol. 86, 7 (01 Jul 2018), 1391--1403.
[14]
Marcel Golay. 1949. Notes on Digital Coding. Proc.I.R.E., IEEE (1949).
[15]
Valerii Denisovich Goppa. 1970. A new class of linear correcting codes. Problemy Peredachi Informatsii, Vol. 6, 3 (1970), 24--30.
[16]
Qian Guo, Thomas Johansson, and Paul Stankovski Wagner. 2018. A Key Recovery Reaction Attack on QC-MDPC. IEEE Transactions on Information Theory (22 10 2018).
[17]
Darrel Hankerson, Alfred J Menezes, and Scott Vanstone. 2006. Guide to elliptic curve cryptography .Springer Science & Business Media.
[18]
Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. 1998. NTRU: A Ring-Based Public Key Cryptosystem. In Lecture Notes in Computer Science. Springer-Verlag, 267--288.
[19]
Ghazal Kachigar and Jean-Pierre Tillich. 2017. Quantum Information Set Decoding Algorithms. In Post-Quantum Cryptography, Tanja Lange and Tsuyoshi Takagi (Eds.). Springer International Publishing, Cham, 69--89.
[20]
In Lee and Kyoochun Lee. 2015. The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Business Horizons, Vol. 58, 4 (2015), 431--440.
[21]
Pierre Loidreau. 2017. A New Rank Metric Codes Based Encryption Scheme. 3--17.
[22]
F.J. MacWilliams and N.J.A. Sloane. 1978. The Theory of Error-Correcting Codes .
[23]
R. J. McEliece. 1978. A Public-Key Cryptosystem Based On Algebraic Coding Theory. Deep Space Network Progress Report, Vol. 44 (1978), 114--116.
[24]
Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Loïc Bidoux, Olivier Blazy, Jean-Christophe Deneuville, Philippe Gaborit, Adrien Hauteville, Olivier Ruatta, Jean-Pierre Tillich, and Gilles Zémor. 2018. ROLLO - Rank-Ouroboros, LAKE & LOCKER. (2018). http://pqc-rollo.org/doc/rollo-specification_2018--11--30.pdf
[25]
Carlos Aguilar Melchor, Nicolas Aragon, Slim Bettaieb, Loïc Bidoux, Olivier Blazy, Jean-Christophe Deneuville, Philippe Gaborit, and Gilles Zémor. 2017. Rank Quasi-Cyclic (RQC). (2017). https://pqc-rqc.org/doc/rqc-specification_2017--11--30.pdf
[26]
R. Misoczki, J. P. Tillich, N. Sendrier, and P. S. L. M. Barreto. 2013. MDPC-McEliece: New McEliece variants from Moderate Density Parity-Check codes. In 2013 IEEE International Symposium on Information Theory. 2069--2073.
[27]
NIST. 2018. PQC Call for Proposals. (2018). Available at https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Post-Quantum-Cryptography-Standardization/Call-for-Proposals.
[28]
NIST. 2019. Lightweight Cryptography Call for Proposals. (2019). Available at https://csrc.nist.gov/projects/lightweight-cryptography.
[29]
NXP. 2019. OM13032: Arm mbed LPC11U24 Board. (2019). https://www.nxp.com/support/developer-resources/software-development-tools/lpc-developer-resources-/lpc-partner-evaluation-and-development-boards/arm-mbed-lpc11u24-board:OM13032
[30]
Raphael Overbeck. 2005. A New Structural Attack for GPT and Variants. 50--63.
[31]
R Overbeck. 2008. Structural attacks for public-key cryptosystems based on gabidulin codes. Journal of Cryptology, Vol. 21, 2 (2008), 280--301.
[32]
Irving S Reed and Gustave Solomon. 1960. Polynomial codes over certain finite fields. Journal of the society for industrial and applied mathematics, Vol. 8, 2 (1960), 300--304.
[33]
R. L. Rivest, A. Shamir, and L. Adleman. 1978. A Method for Obtaining Digital Signatures and Public-key Cryptosystems. Commun. ACM, Vol. 21, 2 (Feb. 1978), 120--126.
[34]
Tsunekazu Saito, Keita Xagawa, and Takashi Yamakawa. 2018. Tightly-Secure Key-Encapsulation Mechanism in the Quantum Random Oracle Model. In Advances in Cryptology -- EUROCRYPT 2018, Jesper Buus Nielsen and Vincent Rijmen (Eds.). Springer International Publishing, Cham, 520--551.
[35]
C. E. Shannon. 1948. A Mathematical Theory of Communication. The Bell System Technical Journal (1948).
[36]
Peter W. Shor. 1997. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM J. Comput., Vol. 26, 5 (1997), 1484--1509.
[37]
Rui Xu, Chi Cheng, Yue Qin, and Tao Jiang. 2018. Lighting the Way to a Smart World: Lattice-Based Cryptography for Internet of Things. CoRR, Vol. abs/1805.04880 (2018).

Cited By

View all
  • (2022)The Rank-Based Cryptography LibraryCode-Based Cryptography10.1007/978-3-030-98365-9_2(22-41)Online publication date: 13-Mar-2022
  • (2021)Constant Time Algorithms for ROLLO-I-128SN Computer Science10.1007/s42979-021-00761-y2:5Online publication date: 18-Jul-2021
  • (2019)Advances and Challenges of Rank Metric Cryptography Implementations2019 IEEE 37th International Conference on Computer Design (ICCD)10.1109/ICCD46524.2019.00051(325-328)Online publication date: Nov-2019

Index Terms

  1. Rank-metric Encryption on Arm-Cortex M0: Porting code-based cryptography to lightweight devices

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    APKC '19: Proceedings of the 6th on ASIA Public-Key Cryptography Workshop
    July 2019
    31 pages
    ISBN:9781450367844
    DOI:10.1145/3327958
    • Program Chairs:
    • Keita Emura,
    • Takaaki Mizuki
    Publication rights licensed to ACM. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 02 July 2019

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. code-based cryptography
    2. lightweight cryptography
    3. post-quantum cryptography
    4. rank metric

    Qualifiers

    • Research-article

    Conference

    Asia CCS '19
    Sponsor:

    Acceptance Rates

    APKC '19 Paper Acceptance Rate 3 of 9 submissions, 33%;
    Overall Acceptance Rate 36 of 103 submissions, 35%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)9
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2022)The Rank-Based Cryptography LibraryCode-Based Cryptography10.1007/978-3-030-98365-9_2(22-41)Online publication date: 13-Mar-2022
    • (2021)Constant Time Algorithms for ROLLO-I-128SN Computer Science10.1007/s42979-021-00761-y2:5Online publication date: 18-Jul-2021
    • (2019)Advances and Challenges of Rank Metric Cryptography Implementations2019 IEEE 37th International Conference on Computer Design (ICCD)10.1109/ICCD46524.2019.00051(325-328)Online publication date: Nov-2019

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media