skip to main content
research-article

SIKE in 32-bit ARM Processors Based on Redundant Number System for NIST Level-II

Authors Info & Claims
Published:27 March 2021Publication History
Skip Abstract Section

Abstract

We present an optimized implementation of the post-quantum Supersingular Isogeny Key Encapsulation (SIKE) for 32-bit ARMv7-A processors supporting NEON engine (i.e., SIMD instruction). Unlike previous SIKE implementations, finite field arithmetic is efficiently implemented in a redundant representation, which avoids carry propagation and pipeline stall. Furthermore, we adopted several state-of-the-art engineering techniques as well as hand-crafted assembly implementation for high performance. Optimized implementations are ported to Microsoft SIKE library written in “a non-redundant representation” and evaluated in high-end 32-bit ARMv7-A processors, such as ARM Cortex-A5, A7, and A15. A full key-exchange execution of SIKEp503 is performed in about 109 million cycles on ARM Cortex-A15 processors (i.e., 54.5 ms @2.0 GHz), which is about 1.58× faster than previous state-of-the-art work presented in CHES’18.

References

  1. Reza Azarderakhsh, Matthew Campagna, Craig Costello, Luca De Feo, Basil Hess, Amir Jalali, David Jao, Brian Koziel, Brian LaMacchia, Patrick Longa, Michael Naehrig, Geovandro Pereira, Joost Renes, Vladimir Soukharev, and David Urbanik. 2019. Supersingular Isogeny Key Encapsulation—Submission to the NIST’s Post-Quantum Cryptography Standardization Process, round 2. Retrieved from https://csrc.nist.gov/projects/post-quantum-cryptography/round-2-submissions/SIKE.zip.Google ScholarGoogle Scholar
  2. Daniel J. Bernstein. 2009. Batch binary edwards. In Proceedings of the Annual International Cryptology Conference. Springer, 317--336.Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Daniel J. Bernstein, Chitchanok Chuengsatiansup, and Tanja Lange. 2014. Curve41417: Karatsuba revisited. In Proceedings of the Cryptographic Hardware and Embedded Systems (CHES’14). Springer, 316--334.Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Daniel J. Bernstein and Peter Schwabe. 2012. NEON crypto. In Proceedings of the Cryptographic Hardware and Embedded Systems (CHES’12). Lecture Notes in Computer Science, Vol. 7428, E. Prouff and P. R. Schaumont (Eds.). Springer, 320--339.Google ScholarGoogle Scholar
  5. Joppe W. Bos, Peter L. Montgomery, Daniel Shumow, and Gregory M. Zaverucha. 2013. Montgomery multiplication using vector instructions. In Proceedings of the Selected Areas in Cryptography (SAC’13). Springer, 471--489.Google ScholarGoogle Scholar
  6. Craig Costello, Patrick Longa, and Michael Naehrig. 2016. Efficient algorithms for supersingular isogeny diffie-hellman. In Proceedings of the Advances in Cryptology Conference (CRYPTO’16). Lecture Notes in Computer Science, Vol. 9814. Matthew Robshaw and Jonathan Katz (Eds.). Springer, 572--601.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Craig Costello, Patrick Longa, and Michael Naehrig. 2016--2018. SIDH Library. Retrieved from https://github.com/Microsoft/PQCrypto-SIDH.Google ScholarGoogle Scholar
  8. Steven D. Galbraith, Christophe Petit, Barak Shani, and Yan Bo Ti. 2016. On the security of supersingular isogeny cryptosystems. In Proceedings of Advances in Cryptology: 22nd International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’16). 63--91.Google ScholarGoogle ScholarCross RefCross Ref
  9. Dennis Hofheinz, Kathrin Hövelmanns, and Eike Kiltz. 2017. A modular analysis of the fujisaki-okamoto transformation. In Proceedings of the 15th International Conference on Theory of Cryptography (TCC’17). 341--371.Google ScholarGoogle ScholarCross RefCross Ref
  10. Amir Jalali, Reza Azarderakhsh, and Mehran Mozaffari Kermani. 2018. NEON SIKE: Supersingular isogeny key encapsulation on ARMv7. In Proceedings of the International Conference on Security, Privacy, and Applied Cryptography Engineering. Springer, 37--51.Google ScholarGoogle ScholarCross RefCross Ref
  11. Amir Jalali, Reza Azarderakhsh, Mehran Mozaffari Kermani, and Daivd Jao. 2017. Supersingular isogeny diffie-hellman key exchange on 64-bit ARM. IEEE Trans. Depend. Sec. Comput. 16, 5 (2017), 902--912.Google ScholarGoogle ScholarCross RefCross Ref
  12. David Jao and Luca De Feo. 2011. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In Proceedings of the Post-Quantum Cryptography (PQCrypto’11), Lecture Notes in Computer Science, Vol. 7071. Bo-Yin Yang (Ed.). Springer, 19--34.Google ScholarGoogle Scholar
  13. Philipp Koppermann, Eduard Pop, Johann Heyszl, and Georg Sigl. 2018. 18 Seconds to Key Exchange: Limitations of Supersingular Isogeny Diffie-Hellman on Embedded Devices. Cryptology ePrint Archive, Report 2018/932. Retrieved from https://eprint.iacr.org/2018/932.Google ScholarGoogle Scholar
  14. Brian Koziel, A-Bon Ackie, Rami El Khatib, Reza Azarderakhsh, and Mehran Mozaffari Kermani. 2020. SIKE’d Up: Fast hardware architectures for supersingular isogeny key encapsulation. IEEE Trans. Circ. Syst. I: Regul. Pap. 67, 12 (2020), 4842--4854.Google ScholarGoogle ScholarCross RefCross Ref
  15. Brian Koziel, Amir Jalali, Reza Azarderakhsh, David Jao, and Mehran Mozaffari-Kermani. 2016. NEON-SIDH: Efficient implementation of supersingular isogeny diffie-hellman key exchange protocol on ARM. In Proceedings of the International Conference on Cryptology and Network Security (CANS’16). Springer, 88--103.Google ScholarGoogle ScholarCross RefCross Ref
  16. Weiqiang Liu, Jian Ni, Zhe Liu, Chunyang Liu, and Máire O’Neill. 2019a. Optimized modular multiplication for supersingular isogeny diffie-hellman. IEEE Trans. Comput. 68, 8 (2019), 1249--1255.Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Weiqiang Liu, Ziying Ni, Jian Ni, Ciara Rafferty, and Máire O’Neill. 2019b. High performance modular multiplication for SIDH. IEEE Trans. Comput.-Aid. Des. Integr. Circ. Syst. 39, 10 (2019), 3118--3122.Google ScholarGoogle ScholarCross RefCross Ref
  18. Patrick Longa. 2016. Four NEON: Faster elliptic curve scalar multiplications on ARM processors. In Proceedings of the International Conference on Selected Areas in Cryptography. Springer, 501--519.Google ScholarGoogle Scholar
  19. Paulo Martins and Leonel Sousa. 2014. On the evaluation of multi-core systems with SIMD engines for public-key cryptography. In Proceedings of the Symposium on Computer Architecture and High Performance Computing Workshop (SBAC-PADW’14). IEEE, 48--53.Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Paulo Martins and Leonel Sousa. 2015. Stretching the limits of programmable embedded devices for public-key cryptography. In Proceedings of the Workshop on Cryptography and Security in Computing Systems. ACM, 19.Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Peter L. Montgomery. 1985. Modular multiplication without trial division. Math. Comp. 44, 170 (1985), 519--521.Google ScholarGoogle ScholarCross RefCross Ref
  22. NIST. 2017--2019. Post-Quantum Cryptography Standardization. Retrieved from https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization.Google ScholarGoogle Scholar
  23. Krishna Chaitanya Pabbuleti, Deepak Hanamant Mane, Avinash Desai, Curt Albert, and Patrick Schaumont. 2013. SIMD acceleration of modular arithmetic on contemporary embedded platforms. In Proceedings of the IEEE High Performance Extreme Computing Conference (HPEC’13). IEEE, 1--6.Google ScholarGoogle ScholarCross RefCross Ref
  24. Hwajeong Seo, Mila Anastasova, Amir Jalali, and Reza Azarderakhsh. 2020. Supersingular isogeny key encapsulation (SIKE) round 2 on ARM Cortex-M4.IACR Cryptol. IEEE Transactions on Computers. Early Access.Google ScholarGoogle ScholarCross RefCross Ref
  25. Hwajeong Seo, Amir Jalali, and Reza Azarderakhsh. 2019b. Optimized SIKE round 2 on 64-bit ARM. In Proceedings of the World Conference on Information Security Applications (WISA’19). Springer.Google ScholarGoogle Scholar
  26. Hwajeong Seo, Amir Jalali, and Reza Azarderakhsh. 2019a. SIKE round 2 speed record on ARM Cortex-M4. In Proceedings of the International Conference on Cryptology and Network Security. Springer, 39--60.Google ScholarGoogle ScholarCross RefCross Ref
  27. Hwajeong Seo, Zhe Liu, Johann Großschädl, Jongseok Choi, and Howon Kim. 2014. Montgomery modular multiplication on ARM-NEON revisited. In Proceedings of the International Conference on Information Security and Cryptology. Springer, 328--342.Google ScholarGoogle Scholar
  28. Hwajeong Seo, Zhe Liu, Johann Großschädl, and Howon Kim. 2016. Efficient arithmetic on ARM-NEON and its application for high-speed RSA implementation. Secur. Commun. Netw. 9, 18 (2016), 5401--5411.Google ScholarGoogle ScholarCross RefCross Ref
  29. Hwajeong Seo, Zhe Liu, Patrick Longa, and Zhi Hu. 2018. SIDH on ARM: Faster modular multiplications for faster post-quantum supersingular isogeny key exchange. IACR Trans. Cryptogr. Hardw. Embed. Syst. 1, 3 (2018), 1--20.Google ScholarGoogle Scholar
  30. Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Taehwan Park, Jongseok Choi, Lu Zhou, and Howon Kim. 2015. Faster ECC over (feat. NEON). In Proceedings of the Annual International Conference on Information Security and Cryptology (ICISC’15). Springer, 169--181.Google ScholarGoogle Scholar
  31. Peter W. Shor. 1994. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the 35th Annual Symposium on Foundations of Computer Science. IEEE, 124--134.Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. SIKE in 32-bit ARM Processors Based on Redundant Number System for NIST Level-II

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!