skip to main content
research-article
Open Access

Synthesis of Flexible Accelerators for Early Adoption of Ring-LWE Post-quantum Cryptography

Published:11 March 2020Publication History
Skip Abstract Section

Abstract

The advent of the quantum computer makes current public-key infrastructure insecure. Cryptography community is addressing this problem by designing, efficiently implementing, and evaluating novel public-key algorithms capable of withstanding quantum computational power. Governmental agencies, such as NIST, are promoting standardization of quantum-resistant algorithms that is expected to run for 7 years. Several modern applications must maintain permanent data secrecy; therefore, they ultimately require the use of quantum-resistant algorithms. Because algorithms are still under scrutiny for eventual standardization, the deployment of the hardware implementation of quantum-resistant algorithms is still in early stages.

In this article, we propose a methodology to design programmable hardware accelerators for lattice-based algorithms, and we use the proposed methodology to implement flexible and energy efficient post-quantum cache-based accelerators for NewHope, Kyber, Dilithium, Key Consensus from Lattice (KCL), and R.EMBLEM submissions to the NIST standardization contest.

To the best of our knowledge, we propose the first efficient domain-specific, programmable cache-based accelerators for lattice-based algorithms. We design a single accelerator for a common kernel among various schemes with different kernel sizes, i.e., loop count, and data types. This is in contrast to the traditional approach of designing one special purpose accelerators for each scheme.

We validate our methodology by integrating our accelerators into an HLS-based SoC infrastructure based on the X86 processor and evaluate overall performance. Our experiments demonstrate the suitability of the approach and allow us to collect insightful information about the performance bottlenecks and the energy efficiency of the explored algorithms. Our results provide guidelines for hardware designers, highlighting the optimization points to address for achieving the highest energy minimization and performance increase. At the same time, our proposed design allows us to specify and execute new variants of lattice-based schemes with superior energy efficiency compared to the main application processor without changing the hardware acceleration platform. For example, we manage to reduce the energy consumption up to 2.1× and energy-delay product (EDP) up to 5.2× and improve the speedup up to 2.5×.

References

  1. M. R. Albrecht et al. 2018. Implementing RLWE-based Schemes Using an RSA Co-Processor. Cryptology ePrint Archive, Report 2018/425. Retrieved from https://eprint.iacr.org/2018/425.Google ScholarGoogle Scholar
  2. E. Alkim et al. 2016. NewHope Without Reconciliation. Cryptology ePrint Archive, Report 2016/1157.Google ScholarGoogle Scholar
  3. S. A. Ansarmohammadi et al. 2015. Fast and area efficient implementation for chaotic image encryption algorithms. In Proceedings of the 2015 18th CSI International Symposium on Computer Architecture and Digital Systems (CADS’15).Google ScholarGoogle ScholarCross RefCross Ref
  4. R. Avanzi et al. 2017. CRYSTALS-KYBER. Technical Report. NIST.Google ScholarGoogle Scholar
  5. T. Bai et al. 2014. Analysis and acceleration of NTRU lattice-based cryptographic system. In Proceedings of the IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD’14).Google ScholarGoogle ScholarCross RefCross Ref
  6. U. Banerjee et al. 2019. Sapphire: A configurable crypto-processor for Post-QuantumLattice-based protocols. IACR Trans. Cryptogr. Hardw. Embed. Syst. (2019).Google ScholarGoogle Scholar
  7. K. Basu et al. 2019. NIST Post-Quantum Cryptography- A Hardware Evaluation Study. Cryptology ePrint Archive, Report 2019/047.Google ScholarGoogle Scholar
  8. G. Bertoni et al. 2011. The Keccak reference.Google ScholarGoogle Scholar
  9. N. Binkert et al. 2011. The Gem5 simulator. SIGARCH (2011).Google ScholarGoogle Scholar
  10. J. Cooley et al. 1965. An algorithm for the machine calculation of complex fourier series. Math. Comp. (1965).Google ScholarGoogle Scholar
  11. M. R. Doomun et al. 2007. Energy consumption and computational analysis of rijndael-AES. In Proceedings of the International Conference in Central Asia on Internet.Google ScholarGoogle Scholar
  12. L. Ducas et al. 2017. CRYSTALS-Dilithium. Technical Report. National Institute of Standards and Technology.Google ScholarGoogle Scholar
  13. M. Dworkin. 2015. SHA-3 Standard: Permutation-based Hash and Extendable-output Functions. Technical Report.Google ScholarGoogle Scholar
  14. R. P. Feynman. 1982. Simulating physics with computers. Int. J. Theor. Phys. (1982).Google ScholarGoogle ScholarCross RefCross Ref
  15. E. Fujisaki et al. 2013. Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. (2013).Google ScholarGoogle Scholar
  16. W. M. Gentleman et al. 1966. Fast fourier transforms: For fun and profit. In Proceedings of the Annual Confernece of the American Federation of Information Processing Societies (AFIPS’66).Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. T. Guneysu et al. 2017. Towards lightweight identity-based encryption for the post-quantum-secure Internet of Things. In Proceedings of the International Symposium on Quality Electronic Design (ISQED’17).Google ScholarGoogle ScholarCross RefCross Ref
  18. P. Kuo et al. 2017. High Performance Post-Quantum Key Exchange on FPGAs. Cryptology ePrint Archive, Report 2017/690. Retrieved from https://eprint.iacr.org/2017/690.Google ScholarGoogle Scholar
  19. A. Langlois et al. 2012. Worst-Case to Average-Case Reductions for Module Lattices. Cryptology ePrint Archive.Google ScholarGoogle Scholar
  20. V. Lyubashevsky. 2009. Fiat-Shamir with aborts: Applications to lattice and factoring-based signatures. In Proceedings of the Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’09).Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. V. Lyubashevsky et al. 2010. On Ideal Lattices and Learning with Errors over Rings. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’10).Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. M. Naehrig et al. 2017. FrodoKEM. Technical Report. National Institute of Standards and Technology.Google ScholarGoogle Scholar
  23. H. Nejatollahi et al. 2017. Trends, challenges and needs for lattice-based cryptography implementations: Special session. In Proceedings of the (CODES’17).Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. H. Nejatollahi et al. 2018. Domain-specific Accelerators for Ideal Lattice-based Public Key Protocols. Cryptology ePrint Archive, Report 2018/608.Google ScholarGoogle Scholar
  25. H. Nejatollahi et al. 2019. Exploring Energy Efficient Quantum-resistant Signal Processing Using Array Processors. Cryptology ePrint Archive.Google ScholarGoogle Scholar
  26. H. Nejatollahi et al. 2019. Flexible NTT accelerators for RLWE lattice-based cryptography. Proceedings of the IEEE International Conference on Computer Design (ICCD’19).Google ScholarGoogle ScholarCross RefCross Ref
  27. H. Nejatollahi et al. 2019. Post-quantum lattice-based cryptography implementations: A survey. ACM Comput. Surv. (2019).Google ScholarGoogle Scholar
  28. NTTCorporation. 2008. PSEC-KEM Specification.Google ScholarGoogle Scholar
  29. J. Olson et al. 2017. Quantum information and computation for chemistry. arXiv preprint arXiv:1706.05413 (2017).Google ScholarGoogle Scholar
  30. T. Poppelmann et al. 2017. NewHope. Technical Report. NIST.Google ScholarGoogle Scholar
  31. O. Regev. 2005. On lattices, learning with errors, random linear codes, and cryptography. (2005).Google ScholarGoogle Scholar
  32. M. Seo et al. 2017. EMBLEM and R.EMBLEM. Technical Report. National Institute of Standards and Technology.Google ScholarGoogle Scholar
  33. S. Shao et al. 2016. Co-designing accelerators and soc interfaces using gem5-aladdin. In Proceedings of the IEEE/ACM International Symposium on Microarchitecture (MICRO’16).Google ScholarGoogle ScholarCross RefCross Ref
  34. P. Shor. 1997. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. Proceedings of the Annual International SICOMP Conference (SICOMP’97).Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. E. E. Targhi et al. 2016. Post-quantum security of the Fujisaki-Okamoto and OAEP transforms. In Theory of Cryptography.Google ScholarGoogle Scholar
  36. J. Toldinas et al. 2011. Energy efficiency comparison with cipher strength of AES and Rijndael cryptographic algorithms in mobile devices. (2011).Google ScholarGoogle Scholar
  37. A. S. Wander et al. 2005. Energy analysis of public-key cryptography for wireless sensor networks. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications.Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Y. Zhao et al. 2017. A Modular and Systematic Approach to Key Establishment and Public-Key Encryption Based on LWE and Its Variants. Technical Report. National Institute of Standards and Technology. Retrieved from https://csrc.nist.gov/projects/post-quantum-cryptography/round-1-submissions.Google ScholarGoogle Scholar

Index Terms

  1. Synthesis of Flexible Accelerators for Early Adoption of Ring-LWE Post-quantum Cryptography

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!