Advertisement

Shorter Messages and Faster Post-Quantum Encryption with Round5 on Cortex M

  • Markku-Juhani O. SaarinenEmail author
  • Sauvik Bhattacharya
  • Oscar Garcia-Morchon
  • Ronald Rietman
  • Ludo Tolhuizen
  • Zhenfei Zhang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11389)

Abstract

Round5 is a Public Key Encryption and Key Encapsulation Mechanism (KEM) based on General Learning with Rounding (GLWR), a lattice problem. We argue that the ring variant of GLWR is better suited for embedded targets than the more common RLWE (Ring Learning With Errors) due to significantly shorter keys and messages. Round5 incorporates GLWR with error correction, building on design features from NIST Post-Quantum Standardization candidates Round2 and Hila5. The proposal avoids Number Theoretic Transforms (NTT), allowing more flexibility in parameter selection and making it simpler to implement. We discuss implementation techniques of Round5 ring variants and compare them to other NIST PQC candidates on lightweight Cortex M4 platform. We show that the current development version of Round5 offers not only the shortest key and ciphertext sizes among Lattice-based candidates, but also has leading performance and implementation size characteristics.

Keywords

Post-Quantum Cryptography Lattice cryptography GLWR Embedded implementation Cortex M4 

References

  1. 1.
    Alkim, E., et al.: NewHope: algorithm specifcations and supporting documentation. First Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  2. 2.
    Avanzi, R., et al.: CRYSTALS-Kyber: algorithm specifications and supporting documentation. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  3. 3.
    Banerjee, A., Peikert, C., Rosen, A.: Pseudorandom functions and lattices. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 719–737. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_42CrossRefGoogle Scholar
  4. 4.
    Bernstein, D.J., Chuengsatiansup, C., Lange, T., van Vredendaal, C.: Ntru prime 20171130. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  5. 5.
    Bhattacharya, S., et al.: Round5: Compact and fast post-quantum public-key encryption. Submitted for publication, August 2018. https://eprint.iacr.org/2018/725
  6. 6.
    CNSS. Use of public standards for the secure sharing of information among national security systems. Committee on National Security Systems: CNSS Advisory Memorandum, Information Assurance 02–15 July 2015Google Scholar
  7. 7.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003). http://www.shoup.net/papers/cca2.pdfMathSciNetCrossRefGoogle Scholar
  8. 8.
    D’Anvers, J.-P., Karmakar, A., Roy, S.S., Vercauteren, F.: SABER: Mod-LWR based KEM. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  9. 9.
    Dworkin, M.: Recommendation for block cipher modes of operation: Methods and techniques. NIST Special Publication 800–38A, December 2001Google Scholar
  10. 10.
    FIPS. Specification for the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, November 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
  11. 11.
    FIPS. SHA-3 standard: Permutation-based hash and extendable-output functions. Federal Information Processing Standards Publication 202, August 2015Google Scholar
  12. 12.
    Fujii, H., Aranha, D.F.: Curve25519 for the Cortex-M4 and beyond. In: LATINCRYPT 2017 (2017). http://www.cs.haifa.ac.il/~orrd/LC17/paper39.pdf
  13. 13.
    Fujisaki, E., Okamoto, T.: Secure Integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_34CrossRefGoogle Scholar
  14. 14.
    Garcia-Morchon, A.: Round2: KEM and PKE based on GLWE. First Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  15. 15.
    Hofheinz, D., Hövelmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341–371. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70500-2_12CrossRefzbMATHGoogle Scholar
  16. 16.
    Hülsing, A., Rijneveld, J., Schanck, J.M., Schwabe, P.: NTRU-HRSS-KEM: Algorithm specifications and supporting documentation. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  17. 17.
    Jao, D., et al.: Supersingular isogeny key encapsulation. First Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  18. 18.
    Karmakar, A., Mera, J.M.B., Roy, S.S., Verbauwhede, I.: Saber on ARM: CCA-secure module lattice-based key encapsulation on ARM. In: CHES 2018 (2018). https://eprint.iacr.org/2018/682
  19. 19.
    Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19074-2_21CrossRefGoogle Scholar
  20. 20.
    Moody, D.: Post-quantum cryptography: NIST’s plan for the future. Talk given at PQCrypto 2016 Conference, 23–26 February 2016, Fukuoka, Japan, February 2016. https://pqcrypto2016.jp/data/pqc2016_nist_announcement.pdf
  21. 21.
    NIST. Submission requirements and evaluation criteria for the post-quantum cryptography standardization process. Official Call for Proposals, National Institute for Standards and Technology, December 2016. http://csrc.nist.gov/groups/ST/post-quantum-crypto/documents/call-for-proposals-final-dec-2016.pdf
  22. 22.
    NIST. Post-quantum cryptography - round 1 submissions. National Institute for Standards and Technology, December 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions
  23. 23.
    NSA/CSS. Information assurance directorate: Commercial national security algorithm suite and quantum computing FAQ, January 2016. https://apps.nsa.gov/iaarchive/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm
  24. 24.
    Nussbaumer, H.J.: Fast polynomial transform algorithms for digital convolution. IEEE Trans. Acoust. Speech Signal Process. 28, 205–215 (1980)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Proos, J., Zalka, C.: Shor’s discrete logarithm quantum algorithm for elliptic curves. Quantum Inf. Comput. 3(4), 317–344 (2003). arXiv. https://arxiv.org/abs/quant-ph/9508027
  26. 26.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC 2005, pp. 84–93. ACM, May 2005Google Scholar
  27. 27.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 1–34 (2009)MathSciNetCrossRefGoogle Scholar
  28. 28.
    Saarinen, M.-J.O.: Ring-LWE ciphertext compression and error correction: tools for lightweight post-quantum cryptography. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, IoTPTS 2017, pp. 15–22. ACM, April 2017. https://eprint.iacr.org/2016/1058
  29. 29.
    Saarinen, M.-J.O.: HILA5: on reliability, reconciliation, and error correction for Ring-LWE encryption. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 192–212. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-72565-9_10CrossRefGoogle Scholar
  30. 30.
    Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings of the FOCS 1994, pp. 124–134. IEEE (1994). arXiv https://arxiv.org/abs/quant-ph/9508027

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Markku-Juhani O. Saarinen
    • 1
    Email author
  • Sauvik Bhattacharya
    • 2
  • Oscar Garcia-Morchon
    • 2
  • Ronald Rietman
    • 2
  • Ludo Tolhuizen
    • 2
  • Zhenfei Zhang
    • 3
  1. 1.PQShield Ltd.OxfordUK
  2. 2.PhilipsEindhovenThe Netherlands
  3. 3.OnBoard SecurityWilmingtonUSA

Personalised recommendations