Efficient Microcontroller Implementation of BIKE

Mario Bischof, Tobias Oder, Tim Güneysu

Innovative Security Solutions for Information Technology and Communications - 12th International Conference, SecITC 2019, Bucharest, Romania, November 14-15, 2019, to appear.


In the digital world, public-key cryptography is ubiquitous. Current public-key crypto schemes like RSA or Diffie-Hellmann are in widespread use and they represent an indispensable asset of our technological toolbox. However, the discovery of Shor’s algorithm and the rapid progression in the field of quantum computers became a painful reminder of our alerting dependency on such technologies. At the same time, this realization started a demand for new cryptographic algorithms withstanding the power of quantum computers. The National Institute of Standards and Technology (NIST) aimed to satisfy this urge by initiating a standardization process in 2017 with a call for proposals of post-quantum key exchange mechanisms and signature algorithms. One of the submissions that made it to the second round is the key encapsulation mechanism BIKE. This work investigates various techniques to achieve an efficient and secure implementation of BIKE on embedded devices. We show that it is possible for BIKE to run on a Cortex-M4 microcontroller using reduced data representation and adequate decoding algorithms. Our implementation achieves a performance of 6 million cycles for key generation, 7 million cycles for encapsulation, and 89 million cycles for decapsulation for BIKE-1.

[portable code] [embedded code] [pdf]

tags: BIKE, code-based cryptography, Cortex-M4, KEM, microcontroller, post-quantum cryptography, timing attacks