Highly Efficient Parallel Row-Layered Min-Sum MDPC Decoder for McEliece Cryptosystem

TL;DR

This paper introduces a highly efficient parallel row-layered Min-Sum MDPC decoder for the McEliece cryptosystem, significantly reducing memory and latency while maintaining performance, enabling practical post-quantum cryptography implementations.

Contribution

It presents a novel row-layered scheduling scheme, a low-complexity performance mitigation method, and a new matrix division scheme for highly parallel decoding with minimal performance impact.

Findings

26% less memory requirement for 2-parallel decoder

70% latency reduction compared to prior decoders

Reduced decoding iterations by a factor of L

Abstract

The medium-density parity-check (MDPC) code-based McEliece cryptosystem remains a finalist of the post-quantum cryptography standard. The Min-sum decoding algorithm achieves better performance-complexity tradeoff than other algorithms for MDPC codes. However, the prior Min-sum MDPC decoder requires large memories, whose complexity dominates the overall complexity. Besides, its actual achievable parallelism is limited. This paper has four contributions: For the first time, the row-layered scheduling scheme is exploited to substantially reduce the memory requirement of MDPC decoders; A low-complexity scheme is developed to mitigate the performance loss caused by finite precision representation of the messages and high column weights of MDPC codes in row-layered decoding; Constraints are added to the parity check matrix construction to enable effective parallel processing with negligible impacts on the decoder performance and resilience towards attacks; A novel parity check matrix division scheme for highly efficient parallel processing is proposed and the corresponding parallel row-layered decoder architecture is designed. The number of clock cycles for each decoding iteration is reduced by a factor of L using the proposed L-parallel decoder with very small memory overhead. For an example 2-parallel decoder, the proposed design leads to 26% less memory requirement and 70% latency reduction compared to the prior decoder.