Fast polynomial inversion for post quantum QC-MDPC cryptography
2020
The NIST PQC standardization project evaluates multiple new designs for post-quantum Key Encapsulation Mechanisms (KEMs). Some of them present challenging tradeoffs between communication band-width and computational overheads. An interesting case is the set of QC-MDPC based KEMs. Here, schemes that use the Niederreiter framework require only half the communication bandwidth compared to schemes that use the McEliece framework. However, this requires costly polynomial inversion during the key generation, which is prohibitive when ephemeral keys are used. One example is BIKE, where the BIKE-1 variant uses McEliece and the BIKE-2 variant uses Niederreiter. This pa-per shows an optimized constant-time polynomial inversion method that makes the computation costs of BIKE-2 key generation tolerable. We re-port a speedup of 11.8×over the commonly used NTL library, and 55.5×over OpenSSL. We achieve additional speedups by leveraging the latest Intel’s Vector-PCLMULQDQ instructions on a laptop machine, 14.3× over NTL and 96.8× over OpenSSL. With this, BIKE-2 becomes a competitive variant of BIKE.
Research areas