CryptoDB
Efficient ASIC Architecture for Low Latency Classic McEliece Decoding
| Authors: |
|
|---|---|
| Download: | |
| Abstract: | Post-quantum cryptography addresses the increasing threat that quantum computing poses to modern communication systems. Among the available “quantum-resistant” systems, the Classic McEliece key encapsulation mechanism (KEM) is positioned as a conservative choice with strong security guarantees. Building upon the code-based Niederreiter cryptosystem, this KEM enables high performance encapsulation and decapsulation and is thus ideally suited for applications such as the acceleration of server workloads. However, until now, no ASIC architecture is available for low latency computation of Classic McEliece operations. Therefore, the present work targets the design, implementation and optimization of a tailored ASIC architecture for low latency Classic McEliece decoding. An efficient ASIC design is proposed, which was implemented and manufactured in a 22 nm FDSOI CMOS technology node. We also introduce a novel inversionless architecture for the computation of error-locator polynomials as well as a systolic array for combined syndrome computation and polynomial evaluation. With these approaches, the associated optimized architecture improves the latency of computing error-locator polynomials by 47% and the overall decoding latency by 27% compared to a state-of-the-art reference, while requiring only 25% of the area. |
BibTeX
@article{tches-2024-34057,
title={Efficient ASIC Architecture for Low Latency Classic McEliece Decoding},
journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
publisher={Ruhr-Universität Bochum},
volume={024 No. 2},
pages={403-425},
url={https://tches.iacr.org/index.php/TCHES/article/view/11434},
doi={10.46586/tches.v2024.i2.403-425},
author={Daniel Fallnich and Christian Lanius and Shutao Zhang and Tobias Gemmeke},
year=2024
}