Abstract
When evaluating different cryptosystems, one primary metric is the cost to deploy the scheme in today’s software or hardware platforms. Given the option, hardware acceleration is typically preferred as optimizing a cryptosystem’s computations in logical gates leads to improvements in performance, power, and energy. Here, we survey the progress on acceleration of post-quantum key establishment cryptosystems in hardware. We examine the critical computations in the third round of NIST’s PQC standardization competition, how to efficiently speed these up in hardware, and the state-of-the-art results of these schemes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
P.W. Shor, Algorithms for quantum computation: Discrete logarithms and factoring, in 35th Annual Symposium on Foundations of Computer Science, Santa Fe, New Mexico, 20–22 November 1994 (1994), pp. 124–134. https://doi.org/10.1109/SFCS.1994.365700
L.K. Grover, A fast quantum mechanical algorithm for database search, in STOC ’96: Proceedings of the twenty-eighth annual ACM symposium on Theory of Computing (1996)
L. Chen, S. Jordan, Report on Post-Quantum Cryptography (2016). NIST IR 8105.
V.B. Dang, F. Farahmand, M. Andrzejczak, K. Mohajerani, D.T. Nguyen, K. Gaj, Implementation and benchmarking of round 2 candidates in the NIST post-quantum cryptography standardization process using hardware and software/hardware co-design approaches. Cryptology ePrint Archive, Report 2020/795 (2020). https://eprint.iacr.org/2020/795
D.J. Bernstein, T. Chou, T. Lange, I.V. Maurich, R. Misoczki, R. Niederhagen, E. Persichetti, C. Peters, P. Schwabe, N. Sendrier, J. Szefer, W. Wang, M. Albrecht, C. Cid, K.G. Paterson, C.J. Tjhai, M. Tomlinson, Classic McEliece, NIST Round 3 Submissions (2020)
P. Schwabe, R. Avanzi, J. Bos, L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, J.M. Schanck, G. Seiler, D. Stehle, CRYSTALS - Cryptographic Suite for Algebraic Lattices: Kyber, NIST Round 3 Submissions (2020)
C. Chen, O. Danba, J. Hoffstein, A. Hulsing, J. Rivjneveld, J.M. Schanck, P. Schwabe, W. Whyte, Z. Zhang, NTRU, NIST Round 3 Submissions (2020)
J.-P. D’Anvers, A. Karmakar, S.S. Roy, F. Vercauteren, SABER, NIST Round 3 Submissions (2020)
N. Aragon, P. Barreto, S. Bettaieb, L. Bidoux, O. Blazy, J.-C. Deneuville, P. Gaborit, S. Gueron, T. Guneysu, C.A. Melchor, R. Misoczki, E. Persichetti, N. Sendrier, J.-P. Tillich, G. Zemor, V. Vasseur, S. Ghosh, BIKE - Bit Flipping Key Encapsulation, NIST Round 3 Submissions (2020)
M. Naehrig, E. Alkim, J. Bos, L. Ducas, K. Easterbrook, B. LaMacchia, P. Longa, I. Mironov, V. Nikolaenko, C. Peikert, A. Raghunathan, D. Stebila, FrodoKem, NIST Round 3 Submissions (2020)
C.A. Melchor, N. Aragon, S. Bettaieb, L. Bidoux, O. Blazy, J.-C. Deneuville, P. Gaborit, E. Persichetti, G. Zemor, J. Bos, HQC - Hamming Quasi-Cyclic, NIST Round 3 Submissions (2020)
D.J. Bernstein, C. Chuengsatiansup, T. Lange, C.v. Vredendaal, NTRU Prime, NIST Round 3 Submissions (2020)
D. Jao, R. Azarderakhsh, M. Campagna, C. Costello, L. De Feo, B. Hess, A. Jalali, B. Koziel, B. LaMacchia, P. Longa, M. Naehrig, J. Renes, V. Soukharev, D. Urbanik, G. Pereira, SIKE - Supersingular Isogeny Key Encapsulation, NIST Round 3 Submissions (2020)
E. Fujisaki, T. Okamoto, Secure integration of asymmetric and symmetric encryption schemes, in Advances in Cryptology - CRYPTO ’99, 19th Annual International Cryptology Conference, Santa Barbara, California, August 15–19, 1999, Proceedings (1999), pp. 537–554. https://doi.org/10.1007/3-540-48405-1_34
E. Berlekamp, R. McEliece, H. van Tilborg, On the inherent intractability of certain coding problems (corresp.). IEEE Trans. Inf. Theory 24(3), 384–386 (1978)
W. Wang, J. Szefer, R. Niederhagen, FPGA-based Niederreiter cryptosystem using binary Goppa codes, in Cryptographic Hardware and Embedded Systems—CHES 2017. CHES 2017 01 (2018), pp. 77–98
J. Hu, W. Wang, R.C.C. Cheung, H. Wang, Optimized polynomial multiplier over commutative rings on FPGAs: A case study on bike, in 2019 International Conference on Field-Programmable Technology (ICFPT) (2019), pp. 231–234
A. Reinders, R. Misoczki, S. Ghosh, M. Sastry, Efficient bike hardware design with constant-time decoder, Cryptology ePrint Archive, Report 2020/117 (2020). https://eprint.iacr.org/2020/117
S. Gao, T. Mateer, Additive fast Fourier transforms over finite fields. IEEE Trans. Inf. Theory 56(12), 6265–6272 (2010)
E.R. Berlekamp, Algebraic Coding Theory (World Scientific, Singapore, 2015). https://www.worldscientific.com/doi/abs/10.1142/9407
L.L. Joiner, J.J. Komo, Decoding binary bch codes, in Proceedings IEEE Southeastcon ’95. Visualize the Future (1995), pp. 67–73
N. Drucker, S. Gueron, D. Kostic, QC-MDPC decoders with several shades of gray, in Post-Quantum Cryptography, ed. by J. Ding, J.-P. Tillich (Springer International Publishing, Cham, 2020), pp. 35–50
V.B. Dang, F. Farahmand, M. Andrzejczak, K. Gaj, Implementing and benchmarking three lattice-based post-quantum cryptography algorithms using software/hardware codesign, in 2019 International Conference on Field-Programmable Technology (ICFPT) (2019), pp. 206–214
J.M.B. Mera, F. Turan, A. Karmakar, S.S. Roy, I. Verbauwhede, Compact domain-specific co-processor for accelerating module lattice-based key encapsulation mechanism. Cryptology ePrint Archive, Report 2020/321 (2020). https://eprint.iacr.org/2020/321
S.S. Roy, A. Basso, High-speed instruction-set coprocessor for lattice-based key encapsulation mechanism: Saber in hardware. Cryptology ePrint Archive, Report 2020/434 (2020). https://eprint.iacr.org/2020/434
F. Farahmand, M.U. Sharif, K. Briggs, K. Gaj, A high-speed constant-time hardware implementation of NTRUEncrypt SVES.’ Cryptology ePrint Archive, Report 2019/322 (2019). https://eprint.iacr.org/2019/322
J. Howe, T. Oder, M. Krausz, T. Güneysu, Standard lattice-based key encapsulation on embedded devices. IACR Trans. Cryptograp. Hardware Embed. Syst. 2018(3), 372–393 (2018). https://tches.iacr.org/index.php/TCHES/article/view/7279
T. Fritzmann, G. Sigl, J. Sepúlveda, RISQ-V: Tightly coupled RISC-V accelerators for post-quantum cryptography. Cryptology ePrint Archive, Report 2020/446 (2020). https://eprint.iacr.org/2020/446
E. Alkim, H. Evkan, N. Lahr, R. Niederhagen, R. Petri, ISA extensions for finite field arithmetic - accelerating Kyber and NewHope on RISC-V. Cryptology ePrint Archive, Report 2020/049 (2020). https://eprint.iacr.org/2020/049
G. Xin, J. Han, T. Yin, Y. Zhou, J. Yang, X. Cheng, X. Zeng, VPQC: A domain-specific vector processor for post-quantum cryptography based on RISC-V architecture. IEEE Trans. Circ. Syst. I Regular Papers 67(8), 2672–2684 (2020)
U. Banerjee, T.S. Ukyab, A.P. Chandrakasan, Sapphire: a configurable crypto-processor for post-quantum lattice-based protocols. IACR Trans. Cryptograph. Hardware Embed. Syst. 2019(4), 17–61 (2019). https://tches.iacr.org/index.php/TCHES/article/view/8344
D.T. Nguyen, V.B. Dang, K. Gaj, High-level synthesis in implementing and benchmarking number theoretic transform in lattice-based post-quantum cryptography using software/hardware codesign, in Applied Reconfigurable Computing. Architectures, Tools, and Applications, ed. by F. Rincón, J. Barba, H.K.H. So, P. Diniz, J. Caba (Springer International Publishing, Cham, 2020), pp. 247–257
J. Cooley, J.W. Tukey, An algorithm for the machine calculation of complex Fourier series. Math. Comput. 19, 297–301 (1965)
W.M. Gentleman, G. Sande, Fast Fourier transforms: For fun and profit, in Proceedings of the November 7–10, 1966, Fall Joint Computer Conference, Ser. AFIPS ’66 (Fall) (Association for Computing Machinery, New York, 1966), pp. 563–578. https://doi.org/10.1145/1464291.1464352
B. Koziel, R. Azarderakhsh, M.M. Kermani, D. Jao, Post-quantum cryptography on FPGA based on isogenies on elliptic curves. IEEE Trans. Circ. Syst. 64-I(1), 86–99 (2017). https://doi.org/10.1109/TCSI.2016.2611561
B. Koziel, R. Azarderakhsh, M.M. Kermani, Fast hardware architectures for supersingular isogeny Diffie-Hellman key exchange on FPGA, in Progress in Cryptology - INDOCRYPT 2016 - 17th International Conference on Cryptology in India, Kolkata, December 11–14, 2016, Proceedings (2016), pp. 191–206. https://doi.org/10.1007/978-3-319-49890-4_11
B. Koziel, R. Azarderakhsh, D. Jao, Side-channel attacks on quantum-resistant supersingular isogeny Diffie-Hellman, in Selected Areas in Cryptography - SAC 2017 - 24th International Conference, Ottawa, August 16–18, 2017, Revised Selected Papers (2017), pp. 64–81. https://doi.org/10.1007/978-3-319-72565-9_4
B. Koziel, R. Azarderakhsh, M. Mozaffari-Kermani, A high-performance and scalable hardware architecture for isogeny-based cryptography. IEEE Trans. Comput. Special Sect. Cryptograph. Eng. Post-Quantum World PP(99), 1–1 (2018)
B. Koziel, A. Ackie, R. El Khatib, R. Azarderakhsh, M.M. Kermani, Sike’d up: Fast hardware architectures for supersingular isogeny key encapsulation. IEEE Trans. Circ. Syst. I Regular Papers PP, 1–13 (2020)
R. Elkhatib, R. Azarderakhsh, M. Mozaffari-Kermani, Efficient and fast hardware architectures for sike round 2 on FPGA. Cryptology ePrint Archive, Report 2020/611 (2020). https://eprint.iacr.org/2020/611
P.M.C. Massolino, P. Longa, J. Renes, L. Batina, A compact and scalable hardware/software co-design of sike. IACR Trans. Cryptogr. Hardware Embed. Syst. 2020(2), 245–271 (2020). https://tches.iacr.org/index.php/TCHES/article/view/8551
P.L. Montgomery, Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)
P.L. Montgomery, Speeding the pollard and elliptic curve methods of factorization. Math. Comput. 48, 243–264 (1987)
C. Costello, H. Hisil, A simple and compact algorithm for SIDH with arbitrary degree isogenies, in Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, December 3–7, 2017, Proceedings, Part II (2017), pp. 303–329. https://doi.org/10.1007/978-3-319-70697-9_11
A. Faz-Hernández, J. López, E. Ochoa-Jiménez, F. Rodríguez-Henríquez, A faster software implementation of the supersingular isogeny Diffie-Hellman key exchange protocol. IEEE Trans. Comput. PP(99), 1–1 (2017)
L.D. Feo, D. Jao, J. Plût, Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209–247 (2014)
R. Azarderakhsh, D. Jao, K. Kalach, B. Koziel, C. Leonardi, Key compression for isogeny-based cryptosystems, in Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, AsiaPKC@AsiaCCS, Xi’an, May 30–June 03, 2016 (2016), pp. 1–10. http://doi.acm.org/10.1145/2898420.2898421
C. Costello, D. Jao, P. Longa, M. Naehrig, J. Renes, D. Urbanik, Efficient compression of SIDH public keys, in Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30–May 4, 2017, Proceedings, Part I (2017), pp. 679–706. https://doi.org/10.1007/978-3-319-56620-7_24
G. Zanon, M.A. Simplicio Jr., G.C.C.F. Pereira, J. Doliskani, P.S.L.M. Barreto, Faster isogeny-based compressed key agreement, in Post-Quantum Cryptography - 9th International Conference, PQCrypto 2018, Fort Lauderdale, FL, April 9–11, 2018, Proceedings (2018), pp. 248–268. https://doi.org/10.1007/978-3-319-79063-3_12
M. Naehrig, J. Renes, Dual isogenies and their application to public-key compression for isogeny-based cryptography, in Advances in Cryptology – ASIACRYPT 2019, ed. by S.D. Galbraith, S. Moriai (Springer International Publishing, Cham, 2019), pp. 243–272
G.C.C.F. Pereira, J. Doliskani, D. Jao, X-only point addition formula and faster torsion basis generation in compressed sike. Cryptology ePrint Archive, Report 2020/431 (2020). https://eprint.iacr.org/2020/431
U. Banerjee, T.S. Ukyab, A.P. Chandrakasan, Sapphire: A configurable crypto-processor for post-quantum lattice-based protocols (extended version). Cryptology ePrint Archive, Report 2019/1140 (2019). https://eprint.iacr.org/2019/1140
J. Howe, M. Martinoli, E. Oswald, F. Regazzoni, Optimised lattice-based key encapsulation in hardware, in Second NIST Post-Quantum Cryptography Standardization Conference 2019 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Koziel, B., Kermani, M.M., Azarderakhsh, R. (2021). Post-Quantum Cryptographic Hardware and Embedded Systems. In: Tehranipoor, M. (eds) Emerging Topics in Hardware Security . Springer, Cham. https://doi.org/10.1007/978-3-030-64448-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-64448-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64447-5
Online ISBN: 978-3-030-64448-2
eBook Packages: EngineeringEngineering (R0)