Generating a Random String with a Fixed Weight
- 568 Downloads
Generating, uniformly at random, a binary or a ternary string with a fixed length \(L\) and a prescribed weight W, is a step in several quantum safe cryptosystems (e. g., BIKE, NTRUEncrypt, NTRU LPrime, Lizard, McEliece).
This fixed weight vector selection generation is often implemented via a shuffling method or a rejection method, but not always in “constant time” side channel protected flow. A recently suggested constant time algorithm for this problem, uses Network Sorting and turns out to be quite efficient. This paper proposes a new method for this computation, with a side channel protected implementation. We compare it to the other methods for different combinations of \(L\) and W values. Our method turns out to be the fastest approach for the cases where \(L\) is (relatively) short and \(0.1 < W/L\le 0.5\). For example, this range falls within the parameters of NTRU LPrime, where our method achieves a \(3\times \) speedup in the string generation. This leads to an overall \(1.14 \times \) speedup for the NTRU LPrime key generation.
KeywordsSoftware optimization Combinatorics Post Quantum Cryptography Coding
We thank an anonymous reviewer for the comment that led to Algorithm 6. This research was supported by: The Israel Science Foundation (grant No. 1018/ 16); The BIU Center for Research in Applied Cryptography and Cyber Security, in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office; the Center for Cyber Law & Policy at the University of Haifa in conjunction with the Israel National Cyber Directorate in the Prime Minister’s Office.
- 1.Intel architecture instruction set extensions programming reference October 2017. https://software.intel.com/sites/default/files/managed/c5/15/architecture-instruction-set-extensions-programming-reference.pdf
- 2.NIST Post Quantum Cryptography - Round 1 Submissions (2018). https://csrc.nist.gov/projects/post-quantum-cryptography/round-1-submissions
- 3.Alagic, G., et al.: Status report on the first round of the NIST post-quantum cryptography standardization process. Technical report (2019). https://doi.org/10.6028/NIST.IR.8240
- 4.Aragon, N., et al.: BIKE: bit flipping key encapsulation (2017), https://bikesuite.org/files/BIKE.pdf
- 5.Bernstein, D.J.: djbsort (2018). https://sorting.cr.yp.to/index.html
- 7.Bernstein, D.J., Lange, T.: eBACS: ECRYPT Benchmarking of Cryptographic Systems, December 2018. https://bench.cr.yp.to/
- 8.Drucker, N., Gueron, S.: A toolbox for software optimization of QC-MDPC code-based cryptosystems. Cryptology ePrint Archive, Report 2017/1251 (2017). https://eprint.iacr.org/2017/1251
- 9.Drucker, N., Gueron, S., Krasnov, V.: Making AES great again: the forthcoming vectorized AES instruction. Cryptology ePrint Archive, Report 2018/392 (2018). https://eprint.iacr.org/2018/392
- 11.Fisher, R.A., Yates, F., et al.: Statistical tables for biological, agricultural and medical research. In: Statistical Tables for Biological, Agricultural and Medical Research, 3 edn. (1949)Google Scholar
- 12.Hoffstein, J., Howgrave-Graham, N., Pipher, J., Whyte, W.: Practical lattice-based cryptography: NTRUEncrypt and NTRUSign. In: Nguyen, P., Vallée, B. (eds.) The LLL Algorithm. Information Security and Cryptography, pp. 349–390. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02295-1_11CrossRefGoogle Scholar