Weak-Key Analysis for BIKE Post-Quantum Key Encapsulation Mechanism

by   Mohammad Reza Nosouhi, et al.

The evolution of quantum computers poses a serious threat to contemporary public-key encryption (PKE) schemes. To address this impending issue, the National Institute of Standards and Technology (NIST) is currently undertaking the Post-Quantum Cryptography (PQC) standardization project intending to evaluate and subsequently standardize the suitable PQC scheme(s). One such attractive approach, called Bit Flipping Key Encapsulation (BIKE), has made to the final round of the competition. Despite having some attractive features, the IND-CCA security of the BIKE depends on the average decoder failure rate (DFR), a higher value of which can facilitate a particular type of side-channel attack. Although the BIKE adopts a Black-Grey-Flip (BGF) decoder that offers a negligible DFR, the effect of weak-keys on the average DFR has not been fully investigated. Therefore, in this paper, we first perform an implementation of the BIKE scheme, and then through extensive experiments show that the weak-keys can be a potential threat to IND-CCA security of the BIKE scheme and thus need attention from the research community prior to standardization. We also propose a key-check algorithm that can potentially supplement the BIKE mechanism and prevent users from generating and adopting weak keys to address this issue.


page 1

page 2

page 3

page 4


Efficient Quantum Public-Key Encryption From Learning With Errors

Our main result is a quantum public-key encryption scheme based on the E...

A survey on NIST PQ signatures

Shor's shockingly fast quantum algorithm for solving the period-finding ...

A voting scheme with post-quantum security based on physical laws

Traditional cryptography is under huge threat along of the evolution of ...

Removable Weak Keys for Discrete Logarithm Based Cryptography

We describe a novel type of weak cryptographic private key that can exis...

On recovering block cipher secret keys in the cold boot attack setting

This paper presents a general strategy to recover a block cipher secret ...

Smaller public keys for MinRank-based schemes

MinRank is an NP-complete problem in linear algebra whose characteristic...

Please sign up or login with your details

Forgot password? Click here to reset