SoK: On Efficacy of the BGF Decoder for QC-MDPC-based Quantum-Safe Cryptosystems
- Publisher:
- ASSOC COMPUTING MACHINERY
- Publication Type:
- Conference Proceeding
- Citation:
- Proceedings of the 10th ACM Asia Public-Key Cryptography Workshop, 2023, pp. 2-9
- Issue Date:
- 2023-07-10
Closed Access
| Filename | Description | Size | |||
|---|---|---|---|---|---|
| 3591866.3593070.pdf | Published version | 671.54 kB |
Copyright Clearance Process
- Recently Added
- In Progress
- Closed Access
This item is closed access and not available.
Bit Flipping Key Encapsulation (BIKE), a shortlisted scheme that proceeded to the fourth round of NIST's standardization project for post-quantum cryptosystems, is conducive to implementation on embedded devices due to its small key size. However, prior research has indicated the possibility of reaction attacks on this scheme with the potential of compromising private keys through decoder failures. To ensure protection against such reaction attacks, the Decoder Failure Rate (DFR) needs to be sufficiently low. Since these attacks belong to a category of chosen-ciphertext attacks (CCA), a low DFR is essential for ensuring IND-CCA security. The Black Gray Flip (BGF) decoder adopted in the BIKE offers sufficient security. However, the size of the keys needed for the required security level may still be precarious for resource-constrained devices. Therefore, in this work, we formulate and analyze the potential variants of the BGF decoder and compare their performance with the original BGF decoder. To accomplish this, we generate a large set of ciphertexts, and utilize them to compute the DFR of the various variants of the BGF decoder. Our analysis confirms that the BGF decoder with parameters adopted in the original BIKE submission to NIST performs optimally with larger block sizes, which are essential for ensuring higher security levels.
Please use this identifier to cite or link to this item: