Optimized and secure implementation of ROLLO-I. (English) Zbl 1459.94134

Baldi, Marco (ed.) et al., Code-based cryptography. 8th international workshop, CBC 2020, Zagreb, Croatia, May 9–10, 2020. Revised selected papers. Cham: Springer. Lect. Notes Comput. Sci. 12087, 117-137 (2020).
Summary: This paper presents our contribution regarding two implementations of the ROLLO-I algorithm, a code-based candidate for the NIST PQC project. The first part focuses on the implementations, and the second part analyzes a side-channel attack and the associated countermeasures. The first implementation uses existing hardware with a crypto co-processor to speed-up operations in \({\mathbb F}_{2^m}\). The second one is a full software implementation (not using the crypto co-processor), running on the same hardware. Finally, the side-channel attack allows us to recover the secret key with only 79 ciphertexts for ROLLO-I-128. We propose countermeasures in order to protect future implementations.
For the entire collection see [Zbl 1452.94001].


94A60 Cryptography
81P94 Quantum cryptography (quantum-theoretic aspects)


McEliece; ROLLO-I
Full Text: DOI