McBits: fast constant-time code-based cryptography

D.J. Bernstein, T. Chou, P. Schwabe

Research output: Book/ReportReportAcademic


This paper presents extremely fast algorithms for code-based public-key cryptography, including full protection against timing attacks. For example, at a 2^128 security level, this paper achieves a reciprocal decryption throughput of just 60493 cycles (plus cipher cost etc.) on a single Ivy Bridge core. These algorithms rely on an additive FFT for fast root computation, a transposed additive FFT for fast syndrome computation, and a sorting network to avoid cache-timing attacks. Keywords: McEliece, Niederreiter, CFS, bitslicing, software implementation
Original languageEnglish
Number of pages26
Publication statusPublished - 2015

Publication series

NameCryptology ePrint Archive


Dive into the research topics of 'McBits: fast constant-time code-based cryptography'. Together they form a unique fingerprint.

Cite this