Skip to main content

XMSS and Embedded Systems

XMSS Hardware Accelerators for RISC-V

  • Conference paper
  • First Online:
Selected Areas in Cryptography – SAC 2019 (SAC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11959))

Included in the following conference series:

Abstract

We describe a software-hardware co-design for the hash-based post-quantum signature scheme XMSS on a RISC-V embedded processor. We provide software optimizations for the XMSS reference implementation for SHA-256 parameter sets and several hardware accelerators that allow to balance area usage and performance based on individual needs. By integrating our hardware accelerators into the RISC-V processor, the version with the best time-area product generates a key pair (that can be used to generate \(2^{10}\) signatures) in 3.44 s, achieving an over \(54 \times \) speedup in wall-clock time compared to the pure software version. For such a key pair, signature generation takes less than 10 ms and verification takes less than 6 ms, bringing speedups of over \(42 \times \) and \(17 \times \) respectively. We tested and measured the cycle count of our implementation on an Intel Cyclone V SoC FPGA. The integration of our XMSS accelerators into an embedded RISC-V processor shows that it is possible to use hash-based post-quantum signatures for a large variety of embedded applications.

B. Jungk—Independent Researcher.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://riscv.org/.

  2. 2.

    https://keystone-enclave.org/.

  3. 3.

    https://riscv.org/2018/10/risc-v-contest/.

  4. 4.

    https://github.com/SpinalHDL/VexRiscv/.

  5. 5.

    https://spinalhdl.github.io/SpinalDoc/.

  6. 6.

    https://github.com/joostrijneveld/xmss-reference/, commit 06281e057d9f5d.

  7. 7.

    https://tls.mbed.org/.

References

  1. Amiet, D., Curiger, A., Zbinden, P.: FPGA-based accelerator for post-quantum signature scheme SPHINCS-256. Crypt. Hardw. Embed. Syst. (CHES) 2018(1), 18–39 (2018). Open Access

    Google Scholar 

  2. Aumasson, J.P., et al.: SPHINCS+ – submission to the 2nd round of the NIST post-quantum project. Technical report (2019), specification document (part of the submission package). https://sphincs.org/data/sphincs+-round2-specification.pdf

  3. Aysu, A., Schaumont, P.: Precomputation methods for faster and greener post-quantum cryptography on emerging embedded platforms. IACR ePrint Archive, Report 2015/288 (2015)

    Google Scholar 

  4. Bernstein, D.J., Buchmann, J., Dahmen, E. (eds.): Post-Quantum Cryptography. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-540-88702-7

    Book  MATH  Google Scholar 

  5. Bernstein, D., et al.: SPHINCS: practical stateless hash-based signatures. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 368–397. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_15

    Chapter  Google Scholar 

  6. Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117–129. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25405-5_8. second Version, IACR ePrint Archive, Report 2011/484

    Chapter  Google Scholar 

  7. Buchmann, J., Dahmen, E., Schneider, M.: Merkle tree traversal revisited. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 63–78. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88403-3_5

    Chapter  Google Scholar 

  8. García, R., Algredo-Badillo, I., Morales-Sandoval, M., Feregrino-Uribe, C., Cumplido, R.: A compact FPGA-based processor for the secure hash algorithm SHA-256. Comput. Electr. Eng. 40(1), 194–202 (2014)

    Article  Google Scholar 

  9. Ghosh, S., Misoczki, R., Sastry, M.R.: Lightweight post-quantum-secure digital signature approach for IoT motes. IACR ePrint Archive, Report 2019/122 (2019)

    Google Scholar 

  10. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Symposium on the Theory of Computing (STOC), pp. 212–219. ACM (1996)

    Google Scholar 

  11. Higginbotham, S.: The rise of RISC - [opinion]. IEEE Spectr. 55(8), 18 (2018)

    Article  Google Scholar 

  12. Homsirikamol, E., Rogawski, M., Gaj, K.: Throughput vs. area trade-offs in high-speed architectures of five round 3 SHA-3 candidates implemented using Xilinx and altera FPGAs. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 491–506. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_32

    Chapter  MATH  Google Scholar 

  13. Hülsing, A.: W-OTS+ – shorter signatures for hash-based signature schemes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 173–188. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38553-7_10

    Chapter  Google Scholar 

  14. Hülsing, A., Busold, C., Buchmann, J.: Forward secure signatures on smart cards. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 66–80. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35999-6_5

    Chapter  Google Scholar 

  15. Hülsing, A., Butin, D., Gazdag, S., Rijneveld, J., Mohaisen, A.: XMSS: eXtended Merkle signature scheme. RFC 8391, 1–74 (2018)

    Google Scholar 

  16. Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 446–470. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_17

    Chapter  Google Scholar 

  17. Kahri, F., Mestiri, H., Bouallegue, B., Machhout, M.: Efficient FPGA hardware implementation of secure hash function SHA-256/Blake-256. In: Systems, Signals and Devices (SSD), pp. 1–5. IEEE (2015)

    Google Scholar 

  18. McGrew, D., Curcio, M., Fluhrer, S.: Hash-based signatures. cfrg draft-mcgrew-hash-sigs-1, pp. 1–60 (2018)

    Google Scholar 

  19. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21

    Chapter  Google Scholar 

  20. Merritt, R.: Microsoft and Google planning silicon-level security. EE Times Asia, August 2018. https://www.eetasia.com/news/article/18082202-microsoft-and-google-planning-silicon-level-security

  21. NIST: FIPS PUB 180–4: Secure Hash Standard. National Institute of Standards and Technology (2012)

    Google Scholar 

  22. NIST: FIPS PUB 186–4: Digital Signature Standard. National Institute of Standards and Technology (2013)

    Google Scholar 

  23. Padhi, M., Chaudhari, R.: An optimized pipelined architecture of SHA-256 hash function. In: Embedded Computing and System Design (ISED), pp. 1–4. IEEE (2017)

    Google Scholar 

  24. Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Foundations of Computer Science (FOCS), pp. 124–134. IEEE (1994)

    Google Scholar 

  25. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)

    Article  MathSciNet  Google Scholar 

  26. Shoufan, A., Huber, N., Molter, H.G.: A novel cryptoprocessor architecture for chained Merkle signature scheme. Microprocess. Microsyst. 35(1), 34–47 (2011)

    Article  Google Scholar 

  27. Teich, J.: Hardware/software codesign: the past, the present, and predicting the future. Proc. IEEE 100, 1411–1430 (2012)

    Article  Google Scholar 

  28. Wang, W., et al.: XMSS and embedded systems – XMSS hardware accelerators for RISC-V. IACR ePrint Archive, Report 2018/1225 (2018)

    Google Scholar 

Download references

Acknowledgments

This work was supported in part by NSF grant 1716541. Part of the research was performed when the second author was affiliated with Fraunhofer Singapore.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Wen Wang , Jakub Szefer or Ruben Niederhagen .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, W. et al. (2020). XMSS and Embedded Systems. In: Paterson, K., Stebila, D. (eds) Selected Areas in Cryptography – SAC 2019. SAC 2019. Lecture Notes in Computer Science(), vol 11959. Springer, Cham. https://doi.org/10.1007/978-3-030-38471-5_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-38471-5_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-38470-8

  • Online ISBN: 978-3-030-38471-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics