[Resource Topic] 2017/595: FPGA-based Key Generator for the Niederreiter Cryptosystem using Binary Goppa Codes

Welcome to the resource topic for 2017/595

FPGA-based Key Generator for the Niederreiter Cryptosystem using Binary Goppa Codes

Authors: Wen Wang, Jakub Szefer, Ruben Niederhagen


This paper presents a post-quantum secure, efficient, and tunable FPGA implementation of the key-generation algorithm for the Niederreiter cryptosystem using binary Goppa codes. Our key-generator implementation requires as few as 896,052 cycles to produce both public and private portions of a key, and can achieve an estimated frequency Fmax of over 240 MHz when synthesized for Stratix V FPGAs. To the best of our knowledge, this work is the first hardware-based implementation that works with parameters equivalent to, or exceeding, the recommended 128-bit ``post-quantum security’’ level. The key generator can produce a key pair for parameters m=13, t=119, and n=6960 in only 3.7 ms when no systemization failure occurs, and in 3.5 \cdot 3.7 ms on average. To achieve such performance, we implemented an optimized and parameterized Gaussian systemizer for matrix systemization, which works for any large-sized matrix over any binary field GF$(2^m)$. Our work also presents an FPGA-based implementation of the Gao-Mateer additive FFT, which only takes about 1000 clock cycles to finish the evaluation of a degree-119 polynomial at 2^{13} data points. The Verilog HDL code of our key generator is parameterized and partly code-generated using Python and Sage. It can be synthesized for different parameters, not just the ones shown in this paper. We tested the design using a Sage reference implementation, iVerilog simulation, and on real FPGA hardware.

ePrint: https://eprint.iacr.org/2017/595

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .