IND-CCA Secure Hybrid Encryption from QC-MDPC Niederreiter

Ingo von Maurich, Lukas Heberle, Tim Güneysu

In: Tsuyoshi Takagi (Hrsg.). Post-Quantum Cryptography - 7th International Workshop. International Conference on Post-Quantum Cryptography (PQCrypto-2016) February 24-26 Fukuoka Japan Seiten 1-17 Lecture Notes in Computer Science (LNCS) 9606 ISBN 978-3-319-29359-2 Springer 2016.


QC-MDPC McEliece attracted significant attention as promising alternative public-key encryption scheme believed to be resistant against quantum computing attacks. Compared to binary Goppa codes, it achieves practical key sizes and was shown to perform well on constrained platforms such as embedded microcontrollers and FPGAs. However, so far none of the published QC-MDPC McEliece/Niederreiter implementations provide indistinguishability under chosen plaintext or chosen ciphertext attacks. Common ways for the McEliece and Niederreiter encryption schemes to achieve IND-CPA/IND-CCA security are surrounding constructions that convert them into secured schemes. In this work we take a slightly different approach presenting (1) an efficient implementation of QC-MDPC Niederreiter for ARM Cortex-M4 microcontrollers and (2) the first implementation of Persichetti’s IND-CCA hybrid encryption scheme from PQCrypto’13 instantiated with QC-MDPC Niederreiter for key encapsulation and AES-CBC/AES-CMAC for data encapsulation. Both implementations achieve practical performance for embedded microcontrollers, at 80-bit security hybrid encryption takes 16.5 ms, decryption 111 ms and key-generation 386.4 ms.

Deutsches Forschungszentrum für Künstliche Intelligenz
German Research Center for Artificial Intelligence