A Unified Cryptoprocessor for Lattice-based Signature and Key-exchange

Aikata Aikata, Ahmet Can Mert, Amitabh Das, Donald Matthews, Santosh Ghosh, Sujoy Sinha Roy

Publikation: Beitrag in einer FachzeitschriftArtikel

Abstract

In this paper, we propose a compact, unified and instruction-set cryptoprocessor architecture for performing both lattice-based digital signature and key exchange operations. As a case study, the cryptoprocessor architecture has been optimized targeting the signature scheme ‘Crystals-Dilithium’ and the key encapsulation mechanism ‘Saber’, both finalists in the NIST’s post-quantum cryptography standardization project. The implementation is entirely in hardware and leverages from algorithmic as well as structural synergies in the two schemes to realize a high-speed unified post-quantum key-exchange and digital signature engine within a compact area. The area consumption of the entire cryptoprocessor architecture is 18,040 LUTs, 9,101 flip-flops, 4 DSP units, and 14.5BRAMs on the Xilinx Zynq Ultrascale+ ZCU102 FPGA. The FPGA implementation of the cryptoprocessor achieving 200 MHz clock frequency finishes the CCA-secure key generation, encapsulation, and decapsulation operations for Saber in 54.9, 72.5 and94.7μs, respectively. For Dilithium-II, the key generation, signature generation, and signature verification operations take 78.0,164.8 and 88.5μs, respectively, for the best-case scenario where a valid signature is generated after the first loop iteration. The cryptoprocessor is also synthesized for ASIC with the UMC 65nm library. It achieves 370 MHz clock frequency and consumes 0.301 mm2area (≈200.6 kGE) excluding on-chip memory. The ASIC implementation can perform the key generation, encapsulation, and decapsulation operations for Saber in 29.6, 39.2, and 51.2μs, respectively, while it can perform the key generation, signature generation, and signature verification operations for Dilithium-II in 42.2, 89.1, and 47.8μs, respectively.
Originalspracheenglisch
FachzeitschriftCryptology ePrint Archive
PublikationsstatusEingereicht - 31 Okt 2021

Fingerprint

Untersuchen Sie die Forschungsthemen von „A Unified Cryptoprocessor for Lattice-based Signature and Key-exchange“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren