Efficient and Flexible Low-Power NTT for Lattice-Based Cryptography

Tim Fritzmann, Martha Johanna Sepúlveda
{"title":"Efficient and Flexible Low-Power NTT for Lattice-Based Cryptography","authors":"Tim Fritzmann, Martha Johanna Sepúlveda","doi":"10.1109/HST.2019.8741027","DOIUrl":null,"url":null,"abstract":"Secure communication is being threatened by the foreseeable breakthrough of quantum computers. When a larger quantum computer is developed, traditional public key cryptography will be broken. Lattice-based cryptography appears as an alternative to protect the communications in the era of quantum computers. However, empowering current electronic devices with these new algorithms poses a challenging problem due to tight performance requirements as well as area and power constraints. Polynomial multiplication is the basic and most computationally intensive operation in lattice-based cryptosystems. The Number Theoretic Transform (NTT) is an attractive technique to perform polynomial multiplication efficiently. So far, previous works have focused on developing fast and compact forward and inverse NTT implementations. However, efficient and low-power NTT design has not been considered before although a low power consumption is crucial for many systems, such as battery-powered Internet of Things (IoT) devices. In this paper, we present the first low-power, fast and secure NTT ASIC design for lattice-based cryptography able to support different NTT parameters. The contribution of this work is three-fold. First, the implementation of a fast NTT through three optimization techniques. Second, utilization of methods for ASIC power minimization in the NTT design. Third, review of previously proposed side-channel attacks and discussion about countermeasures for our design. Our proposed architecture requires only n log(n) clock cycles for the forward and inverse NTT and can be implemented using a cheap single port RAM. The results of our work show that it is possible to decrease the power dissipation by more than 30% at nearly no cost.","PeriodicalId":146928,"journal":{"name":"2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"35","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2019.8741027","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 35

Abstract

Secure communication is being threatened by the foreseeable breakthrough of quantum computers. When a larger quantum computer is developed, traditional public key cryptography will be broken. Lattice-based cryptography appears as an alternative to protect the communications in the era of quantum computers. However, empowering current electronic devices with these new algorithms poses a challenging problem due to tight performance requirements as well as area and power constraints. Polynomial multiplication is the basic and most computationally intensive operation in lattice-based cryptosystems. The Number Theoretic Transform (NTT) is an attractive technique to perform polynomial multiplication efficiently. So far, previous works have focused on developing fast and compact forward and inverse NTT implementations. However, efficient and low-power NTT design has not been considered before although a low power consumption is crucial for many systems, such as battery-powered Internet of Things (IoT) devices. In this paper, we present the first low-power, fast and secure NTT ASIC design for lattice-based cryptography able to support different NTT parameters. The contribution of this work is three-fold. First, the implementation of a fast NTT through three optimization techniques. Second, utilization of methods for ASIC power minimization in the NTT design. Third, review of previously proposed side-channel attacks and discussion about countermeasures for our design. Our proposed architecture requires only n log(n) clock cycles for the forward and inverse NTT and can be implemented using a cheap single port RAM. The results of our work show that it is possible to decrease the power dissipation by more than 30% at nearly no cost.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
基于点阵密码的高效灵活低功耗NTT
量子计算机的可预见的突破正威胁着安全通信。当更大的量子计算机被开发出来时,传统的公钥加密将被打破。在量子计算机时代,基于格子的加密技术作为一种保护通信的替代方案而出现。然而,由于严格的性能要求以及面积和功率限制,用这些新算法赋予当前的电子设备带来了一个具有挑战性的问题。多项式乘法是基于格的密码系统中最基本、计算量最大的运算。数论变换(NTT)是一种有吸引力的高效多项式乘法处理技术。到目前为止,以前的工作主要集中在开发快速紧凑的正向和反向NTT实现上。然而,尽管低功耗对于许多系统(如电池供电的物联网(IoT)设备)至关重要,但以前从未考虑过高效和低功耗的NTT设计。在本文中,我们提出了第一个低功耗,快速和安全的NTT ASIC设计,用于能够支持不同NTT参数的基于格的密码。这项工作的贡献有三方面。首先,通过三种优化技术实现快速NTT。第二,在NTT设计中使用ASIC功耗最小化的方法。第三,回顾先前提出的侧信道攻击并讨论我们设计的对策。我们提出的架构只需要n log(n)个时钟周期用于正向和反向NTT,并且可以使用便宜的单端口RAM实现。我们的工作结果表明,有可能在几乎没有成本的情况下将功耗降低30%以上。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Securing AES against Localized EM Attacks through Spatial Randomization of Dataflow A Statistical Fault Analysis Methodology for the Ascon Authenticated Cipher High Capability and Low-Complexity: Novel Fault Detection Scheme for Finite Field Multipliers over GF(2m) based on MSPB RATAFIA: Ransomware Analysis using Time And Frequency Informed Autoencoders Detecting Recycled SoCs by Exploiting Aging Induced Biases in Memory Cells
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1