Postquantum cryptography attracts a lot of attention from the research community recently due to the emergence threat from quantum computer toward the conventional cryptographic schemes. In view of that, NIST had initiated the standardization process in 2017. Bit flipping key encapsulation (BIKE) designed by Aragon et al. is one of the promising code-based schemes among the round-3 candidates. BIKE utilizes a quasi-cyclic medium density parity check (QC-MDPC) code and incorporates a few variants derived from the McEliece, Niederreiter, and Ouroboros schemes. In this article, we present efficient and constant time implementation of BIKEI and BIKE-III in field-programmable gate array (FPGA), which has the best area–time efficiency so far. We proposed modification to the original one-round bit flipping algorithm to achieve more area–time-efficient decoding in hardware, which achieved latency of 464.73 and $556.52~\mu \text{s}$ for BIKE-I and BIKE-III, respectively, in Virtex-7. A pipelined key encapsulation architecture is proposed to speedup the key encapsulation of BIKE-I and BIKE-III, achieving the latency of 146.47 and $153.25~\mu \text{s}$ on the same FPGA platform. Considering the Artix-7 FPGA platform, our combined key generation and encapsulation module for BIKE-I is also three more area–time efficient compared with the state-of-the-art BIKE-I implementation by Aragon et al.

中文翻译：

---

FPGA上基于区域时间高效码的后量子密钥封装机制

由于量子计算机对传统密码方案的威胁，后量子密码学最近引起了研究界的广泛关注。有鉴于此，NIST 于 2017 年启动了标准化进程。 Aragon 设计的比特翻转密钥封装（BIKE）等。是第 3 轮候选中最有前途的基于代码的方案之一。BIKE 使用准循环中密度奇偶校验 (QC-MDPC) 代码并结合了一些源自 McEliece、Niederreiter 和 Ouroboros 方案的变体。在本文中，我们展示了 BIKEI 和 BIKE-III 在现场可编程门阵列 (FPGA) 中的高效和恒定时间实现，这是迄今为止面积-时间效率最高的。我们建议修改原始的一轮位翻转算法，以在硬件中实现更多区域时间效率的解码，从而实现 464.73 的延迟和 $556.52~\mu\text{s}$ 分别用于 Virtex-7 中的 BIKE-I 和 BIKE-III。提出了一种流水线密钥封装架构来加速BIKE-I和BIKE-III的密钥封装，实现146.47和 $153.25~\mu\text{s}$ 在同一个 FPGA 平台上。考虑到 Artix-7 FPGA 平台，与 Aragon 最先进的 BIKE-I 实现相比，我们用于 BIKE-I 的组合密钥生成和封装模块的区域时间效率也提高了三倍等。