Area-Time Efficient Hardware Implementation for Binary Ring-LWE Based Post-Quantum Cryptography

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Emerging Topics in Computing Pub Date : 2024-10-23 DOI:10.1109/TETC.2024.3482324

Shao-I Chu;Syuan-An Ke

{"title":"Area-Time Efficient Hardware Implementation for Binary Ring-LWE Based Post-Quantum Cryptography","authors":"Shao-I Chu;Syuan-An Ke","doi":"10.1109/TETC.2024.3482324","DOIUrl":null,"url":null,"abstract":"Post-quantum cryptography (PQC) has recently gained intensive attention as the existing public-key cryptosystems are vulnerable to quantum attacks. The ring-learning-with-errors (RLWE)-based PQC is one promising type of the lattice-based schemes. A light variant, called binary RLWE (BRLWE), was developed with applications to Internet-of-Things (IoT) and edge computing. However, deploying the number theoretic transform (NTT) is not beneficial to the parameter settings of the BRLWE-based scheme. This article presents three high-speed architectures of decryption for the BRLWE-based scheme with low area-time complexity. The first one is modified and corrected from the low-latency design of the previous work. The second and third ones utilize the multiplexer-based design for multiplication and innovatively exploit the property of the skew-circulant matrix to reduce the computational latency. Moreover, the third one applies the Karatsuba algorithm to reduce the number of multiplications. However, the results demonstrate that it is not in favor of the design since the multiplication is involved in an integer and a binary number, not both integers. Let the lengths of the secret and public keys be <inline-formula><tex-math>$n$</tex-math></inline-formula> and <inline-formula><tex-math>$n\\log _{2}q$</tex-math></inline-formula> bits. The synthesized results reveal that the second and third architectures are superior to the lookup table (LUT)-based and linear-feedback shift register (LFSR)-based designs in the previous works in terms of area-time complexity. The FPGA implementation results indicate the second design outperforms the Karatsuba and Toeplitz matrix vector product (TMVP)-initiated accelerators in the literatures by reductions of 62.4% and 51.7% in area-time complexity for the case of <inline-formula><tex-math>$(n, q) = (256, 256)$</tex-math></inline-formula>. As <inline-formula><tex-math>$(n,q)=(512,256)$</tex-math></inline-formula>, the improvements are 44.3% and 28.3%. The third architecture is also superior to these high-speed designs. The proposed implementations are efficient in area-time complexity and are suitable for high-performance applications.","PeriodicalId":13156,"journal":{"name":"IEEE Transactions on Emerging Topics in Computing","volume":"13 3","pages":"724-738"},"PeriodicalIF":5.4000,"publicationDate":"2024-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Emerging Topics in Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10733832/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Post-quantum cryptography (PQC) has recently gained intensive attention as the existing public-key cryptosystems are vulnerable to quantum attacks. The ring-learning-with-errors (RLWE)-based PQC is one promising type of the lattice-based schemes. A light variant, called binary RLWE (BRLWE), was developed with applications to Internet-of-Things (IoT) and edge computing. However, deploying the number theoretic transform (NTT) is not beneficial to the parameter settings of the BRLWE-based scheme. This article presents three high-speed architectures of decryption for the BRLWE-based scheme with low area-time complexity. The first one is modified and corrected from the low-latency design of the previous work. The second and third ones utilize the multiplexer-based design for multiplication and innovatively exploit the property of the skew-circulant matrix to reduce the computational latency. Moreover, the third one applies the Karatsuba algorithm to reduce the number of multiplications. However, the results demonstrate that it is not in favor of the design since the multiplication is involved in an integer and a binary number, not both integers. Let the lengths of the secret and public keys be

$n$

and

$n\log _{2}q$

bits. The synthesized results reveal that the second and third architectures are superior to the lookup table (LUT)-based and linear-feedback shift register (LFSR)-based designs in the previous works in terms of area-time complexity. The FPGA implementation results indicate the second design outperforms the Karatsuba and Toeplitz matrix vector product (TMVP)-initiated accelerators in the literatures by reductions of 62.4% and 51.7% in area-time complexity for the case of

$(n, q) = (256, 256)$

. As

$(n,q)=(512,256)$

, the improvements are 44.3% and 28.3%. The third architecture is also superior to these high-speed designs. The proposed implementations are efficient in area-time complexity and are suitable for high-performance applications.

查看原文本刊更多论文

基于二进制环lwe的后量子密码的区域时间高效硬件实现

由于现有的公钥密码系统容易受到量子攻击，后量子密码术（PQC）近年来受到了广泛关注。基于误差环学习（RLWE）的PQC是一种很有前途的基于格的PQC方案。一种被称为二进制RLWE （BRLWE）的轻型变体被开发用于物联网（IoT）和边缘计算。然而，部署数论变换（NTT）不利于基于brlwe的方案的参数设置。本文提出了基于brlwe方案的三种具有低区域时间复杂度的高速解密体系结构。第一个是对之前工作的低延迟设计进行修改和修正。第二和第三种方法利用基于乘法器的乘法设计，并创新性地利用斜循环矩阵的特性来降低计算延迟。此外，第三种方法采用Karatsuba算法来减少乘法次数。然而，结果表明，这是不赞成的设计，因为乘法涉及到一个整数和一个二进制数，而不是两个整数。设秘钥和公钥的长度分别为$n$和$n\ log_ {2}q$ bits。综合结果表明，第二种和第三种结构在面积-时间复杂度方面优于先前基于查找表（LUT）和线性反馈移位寄存器（LFSR）的设计。FPGA实现结果表明，在$(n, q) =(256,256)$的情况下，第二种设计比文献中Karatsuba和Toeplitz矩阵向量积（TMVP）启动的加速器的面积时间复杂度分别降低了62.4%和51.7%。当$(n,q)=(512,256)$时，改进率分别为44.3%和28.3%。第三种架构也优于这些高速设计。所提出的实现在区域时间复杂度上是有效的，适合于高性能应用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Emerging Topics in Computing Computer Science-Computer Science (miscellaneous)

CiteScore

12.10

自引率

5.10%

发文量

113

期刊介绍： IEEE Transactions on Emerging Topics in Computing publishes papers on emerging aspects of computer science, computing technology, and computing applications not currently covered by other IEEE Computer Society Transactions. Some examples of emerging topics in computing include: IT for Green, Synthetic and organic computing structures and systems, Advanced analytics, Social/occupational computing, Location-based/client computer systems, Morphic computer design, Electronic game systems, & Health-care IT.