Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography

IF 1.7 4区计算机科学 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Embedded Systems Letters Pub Date : 2024-06-06 DOI:10.1109/LES.2024.3410516

Malik Imran;Safiullah Khan;Ayesha Khalid;Ciara Rafferty;Yasir Ali Shah;Samuel Pagliarini;Muhammad Rashid;Máire O’Neill

{"title":"Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography","authors":"Malik Imran;Safiullah Khan;Ayesha Khalid;Ciara Rafferty;Yasir Ali Shah;Samuel Pagliarini;Muhammad Rashid;Máire O’Neill","doi":"10.1109/LES.2024.3410516","DOIUrl":null,"url":null,"abstract":"Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This letter experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: 1) a forward NTT (FNTT) architecture; 2) an inverse NTT (INTT) architecture; and 3) a unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 field-programmable gate array (FPGA) and 28-nm application-specific integrated circuit (ASIC) platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit \n<inline-formula> <tex-math>$4.66\\times $ </tex-math></inline-formula>\n and \n<inline-formula> <tex-math>$3.75\\times $ </tex-math></inline-formula>\n higher throughput/area and energy/area values, respectively, than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve \n<inline-formula> <tex-math>$1.25\\times $ </tex-math></inline-formula>\n and \n<inline-formula> <tex-math>$1.09\\times $ </tex-math></inline-formula>\n higher throughput/area and energy/area values, respectively, compared to the UNTT design.","PeriodicalId":56143,"journal":{"name":"IEEE Embedded Systems Letters","volume":"16 4","pages":"485-488"},"PeriodicalIF":1.7000,"publicationDate":"2024-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Embedded Systems Letters","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10551382/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This letter experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: 1) a forward NTT (FNTT) architecture; 2) an inverse NTT (INTT) architecture; and 3) a unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 field-programmable gate array (FPGA) and 28-nm application-specific integrated circuit (ASIC) platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit

$4.66\times $

and

$3.75\times $

higher throughput/area and energy/area values, respectively, than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve

$1.25\times $

and

$1.09\times $

higher throughput/area and energy/area values, respectively, compared to the UNTT design.

查看原文本刊更多论文

评估后量子密码学的 NTT/INTT 实现风格

将数论变换（NTT）的正反操作统一到一个硬件模块中是设计后量子加密算法中使用的多项式系数乘法器加速器时的常见做法。这封信实验评估，这种设计统一并不总是有利的。在此背景下，我们提出了三种NTT硬件架构：1)前向NTT （FNTT）架构；2)逆NTT （INTT）架构；3)统一的NTT （UNTT）架构，用于在单个设计上计算FNTT和INTT计算。我们在Xilinx Virtex-7现场可编程门阵列（FPGA）和28nm专用集成电路（ASIC）平台上对吞吐量/面积和能量/面积进行基准评估。独立的FNTT和INTT设计在FPGA上的平均吞吐量/面积和能量/面积值分别比UNTT设计高4.66倍和3.75倍。同样，单个FNTT和INTT设计在ASIC上的平均吞吐量/面积和能量/面积值分别比UNTT设计高1.25倍和1.09倍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Embedded Systems Letters Engineering-Control and Systems Engineering

CiteScore

3.30

自引率

0.00%

发文量

期刊介绍： The IEEE Embedded Systems Letters (ESL), provides a forum for rapid dissemination of latest technical advances in embedded systems and related areas in embedded software. The emphasis is on models, methods, and tools that ensure secure, correct, efficient and robust design of embedded systems and their applications.