This work addresses the limited error-correction capability of existing Reed–Solomon (RS) soft-decision decoding in HQC decryption, which supports only erasure decoding and hinders effective reduction of key and codeword lengths. To overcome this limitation, the study introduces generalized minimum distance (GMD) soft-decision decoding into HQC decryption for the first time, fully exploiting channel soft information to enhance error-correction performance. The authors extend the Agrawal–Vardy bound to suit the HQC setting and propose an efficient hardware architecture tailored for short, low-rate RS codes. Under the HQC-128 parameters, the RS codeword length is reduced from 46 to 36, achieving a 20% decrease in decryption latency and a 15% reduction in hardware area.

Hamming Quasi-Cyclic (HQC) was chosen for the latest post-quantum cryptography standardization. A concatenated Reed-Muller (RM) and Reed-Solomon (RS) code is decoded during the HQC decryption. Soft-decision RS decoders achieve better error-correcting performance than hard-decision decoders and accordingly shorten the required codeword and key lengths. However, the only soft-decision decoder for HQC in prior works is an erasure-only decoder, which has limited coding gain. This paper analyzes other hardware-friendly soft-decision RS decoders and discovers that the generalized minimum-distance (GMD) decoder can better utilize the soft information available in HQC. Extending the Agrawal-Vardy bound for the scenario of HQC, it was found that the RS codeword length for HQC-128 can be reduced from 46 to 36. This paper also proposes efficient GMD decoder hardware architectures optimized for the short and low-rate RS codes used in HQC. The HQC-128 decryption utilizing the proposed GMD decoder achieves 20% and 15% reductions on the latency and area, respectively, compared to the decryption with hard-decision decoders.