research-article

KINA: Karatsuba Initiated Novel Accelerator for Ring-Binary-LWE (RBLWE)-Based Post-Quantum Cryptography

Authors:

H. S. JacintoAuthors Info & Claims

IEEE Transactions on Very Large Scale Integration (VLSI) Systems, Volume 31, Issue 10

Pages 1551 - 1564

https://doi.org/10.1109/TVLSI.2023.3302289

Published: 01 October 2023 Publication History

Abstract

Along with the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) standardization process, lightweight PQC-related research, and development have also gained substantial attention from the research community. Ring-binary-learning-with-errors (RBLWE), a ring variant of binary-LWE (BLWE), has been used to build a promising lightweight PQC scheme for emerging Internet-of-Things (IoT) and edge computing applications, namely the RBLWE-based encryption scheme (RBLWE-ENC). The parameter settings of RBLWE-ENC, however, are not in favor of deploying typical fast algorithms like number theoretic transform (NTT). Following this direction, in this work, we propose a Karatsuba initiated novel accelerator (KINA) for efficient implementation of RBLWE-ENC. Overall, we have made several coherent interdependent stages of efforts to carry out the proposed work: 1) we have innovatively used the Karatsuba algorithm (KA) to derive the major arithmetic operation of RBLWE-ENC into a new form for high-performance operation; 2) we have then effectively mapped the proposed algorithm into an efficient hardware accelerator with the help of a number of optimization techniques; and 3) we have also provided detailed complexity analysis and implementation comparison to demonstrate the superior performance of the proposed KINA, e.g., the proposed design with <inline-formula> <tex-math notation="LaTeX">$u=2$ </tex-math></inline-formula> involves 64.71% higher throughput and 15.37% less area-delay product (ADP) than the state-of-the-art design for <inline-formula> <tex-math notation="LaTeX">$n=512$ </tex-math></inline-formula> (Virtex-7). The proposed KINA offers flexible processing speed and is suitable for high-performance applications like IoT servers. This work is expected to be useful for lightweight PQC development.

References

[1]

D. J. Bernstein, “Introduction to post-quantum cryptography,” in Post-Quantum Cryptography. Berlin, Germany: Springer, 2009, pp. 1–14.

[2]

W. Shor, “Algorithms for quantum computation: Discrete logarithms and factoring,” in Proc. Annu. Symp. Found. Comput. Sci., 1994, pp. 124–134.

[3]

D. J. Bernstein and L. Tanja, “Post-quantum cryptography,” Nature, vol. 549, no. 7671, pp. 188–194, 2017.

[4]

D. Micciancio and O. Regev, “Lattice-based cryptography,” in Post-Quantum Cryptography. Berlin, Germany: Springer, 2009, pp. 147–191.

[5]

Post-Quantum Cryptography. Accessed: 2016. [Online]. Available: https://csrc.nist.gov/Projects/post-quantum-cryptography

[6]

PQC Standardization Process: Announcing Four Candidates to be Standardized, Plus Fourth Round Candidates. Accessed: 2022. [Online]. Available: https://csrc.nist.gov/News/2022/pqc-candidates-to-be-standardized-and-round-4

[7]

O. Regev, “On lattices, learning with errors, random linear codes, and cryptography,” J. ACM, vol. 56, no. 6, pp. 1–40, Sep. 2009.

Digital Library

[8]

V. Lyubashevsky, C. Peikert, and O. Regev, “On ideal lattices and learning with errors over rings,” in Proc. Int. Conf. Theory Appl. Cryptograph. Techn., 2010, pp. 1–23.

[9]

D. D. Chenet al., “High-speed polynomial multiplication architecture for ring-LWE and SHE cryptosystems,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 62, no. 1, pp. 157–166, Jan. 2015.

[10]

D. Liu, C. Zhang, H. Lin, Y. Chen, and M. Zhang, “A resource-efficient and side-channel secure hardware implementation of ring-LWE cryptographic processor,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 66, no. 4, pp. 1474–1483, Apr. 2019.

[11]

J. Howe, C. Moore, M. O’Neill, F. Regazzoni, T. Güneysu, and K. Beeden, “Lattice-based encryption over standard lattices in hardware,” in Proc. 53rd ACM/EDAC/IEEE Design Autom. Conf. (DAC), Jun. 2016, pp. 1–6.

[12]

T. Pöppelmann and T. Güneysu, “Towards practical lattice-based public-key encryption on reconfigurable hardware,” in Proc. Int. Conf. Sel. Areas Cryptogr., 2013, pp. 68–85.

[13]

A. Aysu, C. Patterson, and P. Schaumont, “Low-cost and area-efficient FPGA implementations of lattice-based cryptography,” in Proc. IEEE Int. Symp. Hardw.-Oriented Secur. Trust (HOST), Jun. 2013, pp. 81–86.

[14]

S. Roy, F. Vercauteren, N. Mentens, D. Chen, and I. Verbauwhede, “Compact ring-LWE cryptoprocessor,” in Proc. Int. Workshop Cryptograph. Hardw. Embedded Syst., 2014, pp. 371–391.

[15]

J. Howe, T. Oder, M. Krausz, and T. Güneysu, “Standard lattice-based key encapsulation on embedded devices,” IACR Trans. Cryptograph. Hardw. Embedded Syst., pp. 372–393, Aug. 2018.

[16]

S. Bian, M. Hiromoto, and T. Sato, “Filianore: Better multiplier architectures for LWE-based post-quantum key exchange,” in Proc. 56th ACM/IEEE Design Autom. Conf. (DAC), Jun. 2019, pp. 1–6.

[17]

T. Fritzmann and J. Sepúlveda, “Efficient and flexible low-power NTT for lattice-based cryptography,” in Proc. IEEE Int. Symp. Hardw. Oriented Secur. Trust (HOST), May 2019, pp. 141–150.

[18]

(2022). National Science Foundation (NSF) 2022 Secure and Trustworthy Cyberspace Principal Investigators’ Meeting (SaTC PI Meeting’22) Break Out Group Reports/Slides: Security in a Post-Quantum World, Slides Page 4. [Online]. Available: https://cps-vo.org/group/satc-pimtg22/breakouts

[19]

D. Micciancio and C. Peikert, “Hardness of SIS and LWE with small parameters,” in Proc. Annu. Cryptol. Conf., 2013, pp. 21–39.

[20]

J. Buchmann, F. Gopfert, R. Player, and T. Wunderer, “On the hardness of LWE with binary error: Revisiting the hybrid lattice-reduction and meet-in-the-middle attack,” in Proc. Int. Conf. Cryptol. Afr., 2016, pp. 24–43.

[21]

M. Liu and P. Nguyen, “Solving BDD by enumeration: An update,” in Topics in Cryptology—CT-RSA 2013, vol. 7779, E. Dawson, Ed. Berlin, Germany: Springer, 2013, pp. 293–309.

[22]

F. Gopfert, C. Vredendaal, and T. Wunderer, “A hybrid lattice basis reduction and quantum search attack on LWE,” in Proc. Int. Workshop Post-Quantum Cryptogr. Cham, Switzerland: Springer, 2017, pp. 184–202.

[23]

D. Micciancio, “On the hardness of learning with errors with binary secrets,” Theory Comput., vol. 14, no. 1, pp. 1–17, 2018.

[24]

J. Buchmann, F. Göpfert, T. Göneysu, T. Oder, and T. Pöppelmann, “High-performance and lightweight lattice-based public-key encryption,” in Proc. 2nd ACM Int. Workshop IoT Privacy, Trust, Secur., May 2016, pp. 1–8.

[25]

A. Aysu, M. Orshansky, and M. Tiwari, “Binary ring-LWE hardware with power side-channel countermeasures,” in Proc. Design, Autom. Test Eur. Conf. Exhib. (DATE), Mar. 2018, pp. 1253–1258.

[26]

S. Ebrahimi, S. Bayat-Sarmadi, and H. Mosanaei-Boorani, “Post-quantum cryptoprocessors optimized for edge and resource-constrained devices in IoT,” IEEE Internet Things J., vol. 6, no. 3, pp. 5500–5507, Jun. 2019.

[27]

J. Xie, K. Basu, K. Gaj, and U. Guin, “Special session: The recent advance in hardware implementation of post-quantum cryptography,” in Proc. IEEE 38th VLSI Test Symp. (VTS), Apr. 2020, pp. 1–10.

[28]

P. He, U. Guin, and J. Xie, “Novel low-complexity polynomial multiplication over hybrid fields for efficient implementation of binary ring-LWE post-quantum cryptography,” IEEE J. Emerg. Sel. Topics Circuits Syst., vol. 11, no. 2, pp. 383–394, Jun. 2021.

[29]

J. Xie, P. He, and W. Wen, “Efficient implementation of finite field arithmetic for binary ring-LWE post-quantum cryptography through a novel lookup-table-like method,” in Proc. 58th ACM/IEEE Design Autom. Conf. (DAC), Dec. 2021, pp. 1279–1284.

[30]

K. Shahbazi and S.-B. Ko, “Area and power efficient post-quantum cryptosystem for IoT resource-constrained devices,” Microprocessors Microsyst., vol. 84, Jul. 2021, Art. no.

[31]

J. Xie, P. He, X. Wang, and J. L. Imaña, “Efficient hardware implementation of finite field arithmetic AB+CAB+C for binary ring-LWE based post-quantum cryptography,” IEEE Trans. Emerg. Topics Comput., vol. 10, no. 2, pp. 1222–1228, Apr. 2022.

[32]

B. J. Lucaset al., “Lightweight hardware implementation of binary ring-LWE PQC accelerator,” IEEE Comput. Archit. Lett., vol. 21, no. 1, pp. 17–20, Jan. 2022.

Digital Library

[33]

J. L. Imaña, P. He, T. Bao, Y. Tu, and J. Xie, “Efficient hardware arithmetic for inverted binary ring-LWE based post-quantum cryptography,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 69, no. 8, pp. 3297–3307, Aug. 2022.

[34]

D. Xu, X. Wang, Y. Hao, Z. Zhang, Q. Hao, and Z. Zhou, “A more accurate and robust binary ring-LWE decryption scheme and its hardware implementation for IoT devices,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 30, no. 8, pp. 1007–1019, Aug. 2022.

[35]

P. He, T. Bao, J. Xie, and M. Amin, “FPGA implementation of compact hardware accelerators for ring-binary-LWE based post-quantum cryptography,” ACM Trans. Reconfigurable Technol. Syst., vol. 16, no. 3, pp. 1–23, 2023.

Digital Library

[36]

A. Sarker, M. M. Kermani, and R. Azarderakhsh, “Fault detection architectures for inverted binary ring-LWE construction benchmarked on FPGA,” IEEE Trans. Circuits Syst. II, Exp. Briefs, vol. 68, no. 4, pp. 1403–1407, Apr. 2021.

[37]

J. M. Pollard, “The fast Fourier transform in a finite field,” Math. Comput., vol. 25, no. 114, pp. 365–374, 1971.

[38]

A. Karatsuba and Y. Ofman, “Multiplication of multidigit numbers on automata,” Sov. Phys. Doklady, vol. 7, no. 7, pp. 595–596, Jan. 1963.

[39]

J. Xie, P. Meher, X. Zhou, and C. Lee, “Low register-complexity systolic digit-serial multiplier over GF(2^m),” IEEE Trans. Multi-Scale Comput. Syst., vol. 4, no. 4, pp. 773–783, Oct. 2018.

[40]

J.-S. Pan, C.-Y. Lee, and P. K. Meher, “Low-latency digit-serial and digit-parallel systolic multipliers for large binary extension fields,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 60, no. 12, pp. 3195–3204, Dec. 2013.

[41]

P. L. Montgomery, “Five, six, and seven-term Karatsuba-like formulae,” IEEE Trans. Comput., vol. 54, no. 3, pp. 362–369, Mar. 2005.

Digital Library

[42]

C.-Y. Lee and J. Xie, “Digit-serial versatile multiplier based on a novel block recombination of the modified overlap-free Karatsuba algorithm,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 66, no. 1, pp. 203–214, Jan. 2019.

[43]

D.-E.-S. Kundi, A. Khalid, S. Bian, C. Wang, M. O’Neill, and W. Liu, “AxRLWE: A multilevel approximate ring-LWE co-processor for lightweight IoT applications,” IEEE Internet Things J., vol. 9, no. 13, pp. 10492–10501, Jul. 2022.

[44]

N. Zhang, B. Yang, C. Chen, S. Yin, S. Wei, and L. Liu, “Highly efficient architecture of NewHope-NIST on FPGA using low-complexity NTT/INTT,” IACR Trans. Cryptograph. Hardw. Embedded Syst., pp. 49–72, Mar. 2020.

[45]

Y. Xing and S. Li, “A compact hardware implementation of CCA-secure key exchange mechanism CRYSTALS-KYBER on FPGA,” IACR Trans. Cryptograph. Hardw. Embedded Syst., pp. 328–356, Feb. 2021.

[46]

Y. Zhuet al., “LWRpro: An energy-efficient configurable crypto-processor for module-LWR,” IEEE Trans. Circuits Syst. I, Reg. Papers, vol. 68, no. 3, pp. 1146–1159, Mar. 2021.

[47]

Benchmark: A Microbenchmark Support Library Google. Accessed: 2022. [Online]. Available: https://google.github.io/benchmark/random_interleaving.html

[48]

Y. A. Birgani, S. Timarchi, and A. Khalid, “Area-time-efficient scalable schoolbook polynomial multiplier for lattice-based cryptography,” IEEE Trans. Circuits Syst. II, Exp. Briefs, vol. 69, no. 12, pp. 5079–5083, Dec. 2022.

[49]

(2020). Kyber. [Online]. Available: https://pq-crystals.org/kyber/

[50]

(2019). Saber. [Online]. Available: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/

[51]

(2021). Falcon. [Online]. Available: https://falcon-sign.info/

[52]

(2022). Dilithium. [Online]. Available: https://pq-crystals.org/dilithium/resources.shtml

[53]

T. Schneider, A. Moradi, and T. Guneysy, “ParTI–towards combined hardware countermeasures against side-channel and fault-injection attacks,” in Proc. Annu. Cryptol. Conf., 2016, pp. 302–332.

Cited By

Bao THe PXie JJacinto H(2024)AEKA: FPGA Implementation of Area-Efficient Karatsuba Accelerator for Ring-Binary-LWE-Based Lightweight PQCACM Transactions on Reconfigurable Technology and Systems10.1145/363721517:2(1-23)Online publication date: 30-Apr-2024
https://dl.acm.org/doi/10.1145/3637215
Bao THe PBai SXie J(2023)TINA: TMVP-Initiated Novel Accelerator for Lightweight Ring-LWE-Based PQCIEEE Transactions on Very Large Scale Integration (VLSI) Systems10.1109/TVLSI.2023.334103732:5(870-882)Online publication date: 14-Dec-2023
https://dl.acm.org/doi/10.1109/TVLSI.2023.3341037

Recommendations

FPGA Implementation of Compact Hardware Accelerators for Ring-Binary-LWE-based Post-quantum Cryptography
Post-quantum cryptography (PQC) has recently drawn substantial attention from various communities owing to the proven vulnerability of existing public-key cryptosystems against the attacks launched from well-established quantum computers. The Ring-Binary-...
AEKA: FPGA Implementation of Area-Efficient Karatsuba Accelerator for Ring-Binary-LWE-Based Lightweight PQC
Lightweight PQC-related research and development have gradually gained attention from the research community recently. Ring-Binary-Learning-with-Errors (RBLWE)-based encryption scheme (RBLWE-ENC), a promising lightweight PQC based on small parameter sets ...
Post-Quantum Lattice-Based Cryptography Implementations: A Survey

The advent of quantum computing threatens to break many classical cryptographic schemes, leading to innovations in public key cryptography that focus on post-quantum cryptography primitives and protocols resistant to quantum computing threats. Lattice-...

Comments

Information & Contributors

Information

Published In

cover image IEEE Transactions on Very Large Scale Integration (VLSI) Systems

IEEE Transactions on Very Large Scale Integration (VLSI) Systems Volume 31, Issue 10

Oct. 2023

180 pages

ISSN:1063-8210

Issue’s Table of Contents

This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/.

Publisher

IEEE Educational Activities Department

United States

Publication History

Published: 01 October 2023

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bao THe PXie JJacinto H(2024)AEKA: FPGA Implementation of Area-Efficient Karatsuba Accelerator for Ring-Binary-LWE-Based Lightweight PQCACM Transactions on Reconfigurable Technology and Systems10.1145/363721517:2(1-23)Online publication date: 30-Apr-2024
https://dl.acm.org/doi/10.1145/3637215
Bao THe PBai SXie J(2023)TINA: TMVP-Initiated Novel Accelerator for Lightweight Ring-LWE-Based PQCIEEE Transactions on Very Large Scale Integration (VLSI) Systems10.1109/TVLSI.2023.334103732:5(870-882)Online publication date: 14-Dec-2023
https://dl.acm.org/doi/10.1109/TVLSI.2023.3341037

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents