Paper 2025/441

High-Order Masking of BIKE

Matthias Trannoy, University of Luxembourg
Abstract

Every cryptographic implementation on embedded device is vulnerable to side-channel attacks. To prevent these attacks, the main countermeasure consists in splitting each sensitive variable in shares and processing them independently. With the upcoming of new algorithms designed to resist quantum computers and the complexity of their operations, this protection represents a real challenge. In this article, we present an attack on an earlier attempt to protect the decoder of BIKE cryptosystem against first-order attack. Additionally, we introduce a new procedure for the high-order masking of the decoder, up-to-date with its latest improvement. We also present the first fully masked implementation of the whole cryptosystem, including the key generation and the encapsulation. Eventually, to assess the correctness of our countermeasures and initiate further comparison, we implemented our countermeasures in C and provide benchmarks of their performance.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
BIKEPost-Quantum CryptographyError-Correcting CodesKey-Establishment MechanismHigh-Order Masking
Contact author(s)
matthias trannoy @ outlook fr
History
2025-03-10: approved
2025-03-07: received
See all versions
Short URL
https://ia.cr/2025/441
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/441,
      author = {Matthias Trannoy},
      title = {High-Order Masking of {BIKE}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/441},
      year = {2025},
      url = {https://eprint.iacr.org/2025/441}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.