Advances and Challenges of Rank Metric Cryptography Implementations

Recent works on reducing the size of Error Correcting Codes have investigated the usage of rank metric instead of Hamming metric. Numerous proposals for the NIST Post-Quantum Cryptography competition, including four second round candidates, rely on these codes. In this paper, we discuss several non-trivial issues when porting these schemes into real-world systems on different platforms, such as Intel x86, Armv6 and Armv8. We provide insights on how to implement the underlying finite field and polynomial arithmetic, or the generation of errors of a given rank in constant-time, and report execution time of several rank-based cryptosystems, showing that the achieved performance is similar to those of some of the most popular lattice-based cryptosystems.