Showing total 5 results

1. Efficient Hardware Implementations of Legendre Symbol Suitable for MPC Applications.

Author

Taheri, Farhad, Bayat-Sarmadi, Siavash, and Ebrahimi, Shahriar

Subjects

APPLICATION-specific integrated circuits, FIELD programmable gate arrays

Abstract

Multi-party computation (MPC) allows each peer to take part in the execution of a common function with their private share of data without the need to expose it to other participants. The Legendre symbol is a pseudo-random function (PRF) that is suitable for MPC protocols due to their efficient evaluation process compared to other symmetric primitives. Recently, Legendre-based PRFs have also been employed in the construction of a post-quantum signature scheme, namely LegRoast. In this paper, we propose, to the best of our knowledge, the first hardware implementations for the Legendre symbol by three approaches: 1) low-area, 2) high-speed, and 3) high-frequency. The high-speed architecture outperforms state-of-the-art software implementations, which run on Intel’s Core-i5. Our evaluation results on FPGA show that this architecture reduces the Legendre calculation time by $2.56\times $ compared to software implementations on Core-i5. On the other hand, the low-area architecture consumes only 5489 slices on the Artix-7 FPGA and is suitable for resource-constrained devices. Moreover, our ASIC implementation results indicate that the low-area architecture consumes 97.56K gates to implement and requires $4.01~mW$ to operate on 50 MHz. The high-frequency architecture increases the frequency by $1.72\times $ over the high-speed architecture and achieves 200 MHz frequency on FPGA. [ABSTRACT FROM AUTHOR]

Published

2022

2. Quantum Sealed-Bid Auction Without a Trusted Third Party.

Subjects

AUCTIONS, COMMODITY futures, MODERN society, QUANTUM entanglement, QUANTUM computing

Abstract

A sealed-bid auction is an essential tool for trading commodities in modern society. However, the non-winning bidders in previously proposed sealed-bid auction schemes lack privacy protection. In this paper, we define a sealed-bid auction with strong privacy protection, which can protect the privacy of all non-winning bidders. In order to fulfil the task, we first present a quantum secret sharing protocol and a secure quantum summation protocol and then design their corresponding quantum circuits, where the security of the latter is guaranteed by the former, while the former is information-theoretically secure. We further present a quantum seal-bid auction (QSA) scheme with strong privacy protection based on the designed quantum protocols. In our QSA scheme, each bidder first encodes a private vector by his private bid and public agreement information, and then all bidders jointly compute the summations of their respective private vectors without a trusted third party. Finally, we verify the correctness and the feasibility of the proposed QSA scheme by circuit simulations in IBM Qiskit. [ABSTRACT FROM AUTHOR]

Published

2021

3. High-Speed FPGA Implementation of SIKE Based on an Ultra-Low-Latency Modular Multiplier.

Author

Tian, Jing, Wu, Bo, and Wang, Zhongfeng

Subjects

ALGORITHMS, MAGNITUDE (Mathematics), QUANTUM cryptography, ELLIPTIC curve cryptography, FIELD programmable gate arrays, MULTIPLIERS (Mathematical analysis), ARITHMETIC

Abstract

The supersingular isogeny key encapsulation (SIKE) protocol, as one of the post-quantum protocol candidates, is widely regarded as the best alternative for curve-based cryptography. However, the long latency, caused by the serial large-degree isogeny computation which is dominated by modular multiplications, has made it less competitive than most popular post-quantum candidates. In this paper, we propose a high-speed and low-latency architecture for our recently presented optimized SIKE algorithm. Firstly, we design a new field arithmetic logic unit (FALU) with many algorithmic transformations and architectural optimizations. Especially, for the FALU, an extremely low-latency modular multiplier is devised based on a modified algorithm by fully parallelizing and highly optimizing the small-size multipliers and the reduction submodules. Secondly, we develop a compact control logic and update the instructions based on the benchmark provided in the newest SIKE library, fitting well with our design. Thirdly, an efficient memory access method is proposed by scheduling the input and output of the arithmetic logic unit (ALU) in two identical RAMs, which can significantly reduce the latency. Finally, we code the proposed architectures using the Verilog language and integrate them into the SIKE library. The implementation results on a Xilinx Virtex-7 FPGA show that for SIKEp751, our design only costs 9.3 ms with a frequency of 155.8 MHz, about 2× faster than the state-of-the-art, and achieves the best area efficiency among existing works. Particularly, the modular multiplier merely needs 16 clock cycles, reducing the delay by nearly one order of magnitude with a small factor of increase in hardware resource. [ABSTRACT FROM AUTHOR]

Published

2021

4. A High-Performance Domain-Specific Processor With Matrix Extension of RISC-V for Module-LWE Applications.

Author

Zhao, Yifan, Xie, Ruiqi, Xin, Guozhu, and Han, Jun

Subjects

PARALLEL processing, COMMUNICATION infrastructure, EDGE computing, CRYPTOGRAPHY, MATRICES (Mathematics)

Abstract

The 5G edge computing infrastructure should be empowered with quantum attack resistance by implementing post-quantum cryptography (PQC). Among various PQC schemes, lattice-based cryptography (LBC) based on learning with error (LWE) has attracted much attention because of its performance efficiency and security guarantee. In LWE-based LBCs, the Module-LWE-based schemes gain advantage over the others benefiting from the unique polynomial matrix and vector structure. To provide a high-performance implementation of Module-LWE applications for the edge computing paradigm, we propose a domain-specific processor based on a matrix extension of RISC-V architecture. This custom extension encapsulates the matrix-based ring operations with a high-level functional abstraction. A 2-D systolic array with configurable functionality is proposed to perform matrix-based number theoretic transform (NTT) and other arithmetic operations, achieving high data-level parallelism with support for the variable-sized polynomial matrix and vector structure. As this structure of Module-LWE involves no data dependency between different inner elements, an out-of-order mechanism is further developed to exploit the instruction-level parallelism. We implement the proposed architecture under TSMC 28nm technology. The evaluation results show that our implementation can achieve up to $3.5\times $ and $3.3\times $ improvement in cycle count respectively in Kyber and Dilithium, compared to the state-of-the-art crypto-processor counterparts. [ABSTRACT FROM AUTHOR]

Published

2022

5. Fast Strategies for the Implementation of SIKE Round 3 on ARM Cortex-M4.

Author

Anastasova, Mila, Azarderakhsh, Reza, and Kermani, Mehran Mozaffari

Subjects

*MODULAR arithmetic, *FINITE fields, *ENERGY consumption, *CONSUMPTION (Economics), *ELLIPTIC curves

Abstract

The Supersingular Isogeny Key Encapsulation mechanism (SIKE) is the only post-quantum key encapsulation protocol based on elliptic curves and isogeny maps between them. Despite the quantum security of the protocol, SIKE requires a greater number of clock cycles and hence does not provide competitive timing and energy consumption results. However, it is more attractive offering the smallest public key as well as ciphertext sizes, which considering the impact of the communication costs and storage of the keys could become a good fit for resource-constrained devices. In this work, we present the fastest practical implementation of SIKE, targeting the platform Cortex-M4 based on the ARMv7-M architecture. We performed our measurements on the STM32F407VG microcontroller for benchmarking the clock cycles and on Nucleo-F411RE attached to X-NUCLEO-LPM01A (Power Shield) for measuring the energy consumption of the protocol. The low-level finite field arithmetic operations play main role in determining the efficiency of SIKE. Therefore, we mainly focus on their optimization and apply them to all NIST-required security levels. Our SIKEp434 implementation for NIST security level 1 is about 22.97% faster than the counterparts appeared in Seo et al. (2020), where for the SIKEp503, SIKEp610 and SIKEp751 the speedup reaches 21.10%, 19.21% and 19.08%. Finally, we benchmark energy consumption and report optimization of up to 11.9% depending on the NIST security level implementation. [ABSTRACT FROM AUTHOR]

Published

2021