In: Tatra Mountains Mathematical Publications, vol. 73, no. 1
Peter Špaček - Pavol Zajac
Year, pages: 2019, 179 - 193
code-based cryptography, BIKE, MDPC, backdoor, kleptography.
Article type: scientific article/mathematics
Document type: pdf
BIKE suite of algorithms is one of the candidates in NIST call for public-key post-quantum cryptographic algorithms. It is a key-encapsulation mechanism based on QC-MDPC codes with purely ephemeral keys. The security device implementing such an algorithm therefore needs to generate multiple key pairs in its lifetime very efficiently. In our paper we explore the situation where BigBrother-type adversary can subtly corrupt the vendor(s) of the security devices (e.g., by altering the standard algorithms). In our model, BigBrother cannot preload the keys or synchronize the key generator by a covert channel, but is able to learn the secrets of security devices by observing the public execution of the KEM protocols. BigBrother typically obtains the secret through the usage of (masked) weak keys. However, we can also imagine other covert channels embedded into the ephemeral public keys by some unknown algorithm. To prevent these classes of attacks, we propose that the standard should explicitly specify a verifiable algorithm to transform the required key randomness into a set of keys.
How to cite:
Špaček, P., Zajac, P. 2019. Preventing potential backdoors in BIKE algorithm. In Tatra Mountains Mathematical Publications, vol. 73, no.1, pp. 179-193. 1210-3195. DOI: https://doi.org/10.2478/tmmp-2019-0013
Špaček, P., Zajac, P. (2019). Preventing potential backdoors in BIKE algorithm. Tatra Mountains Mathematical Publications, 73(1), 179-193. 1210-3195. DOI: https://doi.org/10.2478/tmmp-2019-0013
Publisher: Mathematical Institute, Slovak Academy of Sciences, Bratislava
Published: 15. 8. 2019
© 2019 Mathematical Institute, Slovak Academy of Sciences. Licensed under the Creative Commons Attribution-NC-ND 4.0 International Public License.