An Efficient and Unified RTL Accelerator Design for HQC-128, HQC-192, and HQC-256

In the Post-Quantum Standardization (PQC) process held by the National Institute of Standards and Technology (NIST), the final round of evaluation of the asymmetric cryptographic schemes Classic McEliece}, BIKE and HQC will elect the alternative Key Establishment Mechanism (KEM) to the FIPS $203$ standard CRYSTALS-Kyber. In this work we present two configurations of a RTL hardware design of the HQC candidate, either optimized for devices exclusively working with client-server style protocols, or a unified accelerator compatible with all KEM operations, i.e. Key Generation, Encapsulation, and Decapsulation. Our designs are compatible with all the parameter sets defined by the HQC specification, providing security margins equivalent to the ones of AES-128, AES-192, and AES-256 based on a selection made at runtime. We are providing an extensive comparison with the current state-of-the-art RTL hardware designs for Artix-7 FPGAs of the schemes in the PQC process, introducing a new metric to evaluate the area utilization, historically a challenging task for such devices made of heterogeneous resources, and determining that HQC has by far the best figures among the code-based candidates in terms of latency, area occupied and efficiency, and even comparable with the lattice-based CRYSTALS-Kyber when using the parameters with lowest security margin.