Abstract
Considering code-based cryptography, quasi-cyclic low-density parity-check (QC-LDPC) codes are foreseen as one of the few solutions to design post-quantum cryptosystems. The bit-flipping algorithm is at the core of the decoding procedure of such codes when used to design cryptosystems. An effective design must account for the computational complexity of the decoding and the code size required to ensure the security margin against attacks led by quantum computers. To this end, it is of paramount importance to deliver efficient and flexible hardware implementations to support quantum-resistant public-key cryptosystems, since available software solutions cannot cope with the required performance. This manuscript proposes an efficient and scalable architecture for the implementation of the bit-flipping procedure targeting large QC-LDPC codes for post-quantum cryptography. To demonstrate the effectiveness of our solution, we employed the nine configurations of the LEDAcrypt cryptosystem as representative use cases for QC-LDPC codes suitable for post-quantum cryptography. For each configuration, our template architecture can deliver a performance-optimized decoder implementation for all the FPGAs of the Xilinx Artix-7 mid-range family. The experimental results demonstrate that our optimized architecture allows the implementation of large QC-LDPC codes even on the smallest FPGA of the Xilinx Artix-7 family. Considering the implementation of our decoder on the Xilinx Artix-7 200 FPGA, the experimental results show an average performance speedup of 5 times across all the LEDAcrypt configurations, compared to the official optimized software implementation of the decoder that employs the Intel AVX2 extension.
Highlights
The recent advances in quantum computing pose a serious threat to traditional public-key cryptography, whose security relies on the hardness of factoring large integers and of computing discrete logarithms in a cyclic group
The maximum allowed dimension of the dense vectors that store the syndrome, the error and the unsatisfied parity-checks (UPC) is not a function of the available amount of flip-flops, that become the scarcest resources on small FPGAs, but it is instead a function of the available block RAMs (BRAMs) storage capacity
The use of BRAM resources dominates each design on both the Xilinx Artix-7 12 and Artix-7 200 minimizing the use of flip-flops, which are never the scarcest resource or a major showstopper
Summary
The recent advances in quantum computing pose a serious threat to traditional public-key cryptography, whose security relies on the hardness of factoring large integers and of computing discrete logarithms in a cyclic group. Shor’s algorithm [1] can compute the integer factorization and the discrete logarithm operations in polynomial time on a quantum computer, dramatically reducing the security margin of the current public-key cryptography primitives. To cope with this risk, the National Institute of Standards and Technology (NIST) is in the process of evaluating and standardizing novel quantum-resistant cryptosystems. The best solvers for this problem still offer exponential complexity even when implemented on quantum computers [4] To this end, the syndrome decoding problem is widely assumed to have no polynomial-time solutions even on quantum computers.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
