Skip to main content
SpringerLink
Log in

Shorter Messages and Faster Post-Quantum Encryption with Round5 on Cortex M

  • Conference paper
  • First Online:
Smart Card Research and Advanced Applications (CARDIS 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11389))

Abstract

Round5 is a Public Key Encryption and Key Encapsulation Mechanism (KEM) based on General Learning with Rounding (GLWR), a lattice problem. We argue that the ring variant of GLWR is better suited for embedded targets than the more common RLWE (Ring Learning With Errors) due to significantly shorter keys and messages. Round5 incorporates GLWR with error correction, building on design features from NIST Post-Quantum Standardization candidates Round2 and Hila5. The proposal avoids Number Theoretic Transforms (NTT), allowing more flexibility in parameter selection and making it simpler to implement. We discuss implementation techniques of Round5 ring variants and compare them to other NIST PQC candidates on lightweight Cortex M4 platform. We show that the current development version of Round5 offers not only the shortest key and ciphertext sizes among Lattice-based candidates, but also has leading performance and implementation size characteristics.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Originally only one ring was used. As pointed out by Mike Hamburg, use of two rings yields better error analysis, and works much better with error correction.

  2. 2.

    http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dai0321a.

  3. 3.

    Teensy 3.2 is an inexpensive (under $20) miniature (\(18 \times 36\) mm or \(0.7 \times 1.4\)”) Cortex-M4 development board: https://www.pjrc.com/store/teensy32.html.

  4. 4.

    PQM4 source code and results are available at https://github.com/mupq/pqm4.

References

  1. Alkim, E., et al.: NewHope: algorithm specifcations and supporting documentation. First Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  2. Avanzi, R., et al.: CRYSTALS-Kyber: algorithm specifications and supporting documentation. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  3. Banerjee, A., Peikert, C., Rosen, A.: Pseudorandom functions and lattices. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 719–737. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_42

    Chapter  Google Scholar 

  4. Bernstein, D.J., Chuengsatiansup, C., Lange, T., van Vredendaal, C.: Ntru prime 20171130. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  5. Bhattacharya, S., et al.: Round5: Compact and fast post-quantum public-key encryption. Submitted for publication, August 2018. https://eprint.iacr.org/2018/725

  6. CNSS. Use of public standards for the secure sharing of information among national security systems. Committee on National Security Systems: CNSS Advisory Memorandum, Information Assurance 02–15 July 2015

    Google Scholar 

  7. Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003). http://www.shoup.net/papers/cca2.pdf

    Article  MathSciNet  Google Scholar 

  8. D’Anvers, J.-P., Karmakar, A., Roy, S.S., Vercauteren, F.: SABER: Mod-LWR based KEM. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  9. Dworkin, M.: Recommendation for block cipher modes of operation: Methods and techniques. NIST Special Publication 800–38A, December 2001

    Google Scholar 

  10. FIPS. Specification for the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, November 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  11. FIPS. SHA-3 standard: Permutation-based hash and extendable-output functions. Federal Information Processing Standards Publication 202, August 2015

    Google Scholar 

  12. Fujii, H., Aranha, D.F.: Curve25519 for the Cortex-M4 and beyond. In: LATINCRYPT 2017 (2017). http://www.cs.haifa.ac.il/~orrd/LC17/paper39.pdf

  13. Fujisaki, E., Okamoto, T.: Secure Integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_34

    Chapter  Google Scholar 

  14. Garcia-Morchon, A.: Round2: KEM and PKE based on GLWE. First Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  15. Hofheinz, D., Hövelmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341–371. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70500-2_12

    Chapter  MATH  Google Scholar 

  16. Hülsing, A., Rijneveld, J., Schanck, J.M., Schwabe, P.: NTRU-HRSS-KEM: Algorithm specifications and supporting documentation. Fist Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  17. Jao, D., et al.: Supersingular isogeny key encapsulation. First Round NIST PQC Project Submission Document, November 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  18. Karmakar, A., Mera, J.M.B., Roy, S.S., Verbauwhede, I.: Saber on ARM: CCA-secure module lattice-based key encapsulation on ARM. In: CHES 2018 (2018). https://eprint.iacr.org/2018/682

  19. Lindner, R., Peikert, C.: Better key sizes (and attacks) for LWE-based encryption. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 319–339. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_21

    Chapter  Google Scholar 

  20. Moody, D.: Post-quantum cryptography: NIST’s plan for the future. Talk given at PQCrypto 2016 Conference, 23–26 February 2016, Fukuoka, Japan, February 2016. https://pqcrypto2016.jp/data/pqc2016_nist_announcement.pdf

  21. NIST. Submission requirements and evaluation criteria for the post-quantum cryptography standardization process. Official Call for Proposals, National Institute for Standards and Technology, December 2016. http://csrc.nist.gov/groups/ST/post-quantum-crypto/documents/call-for-proposals-final-dec-2016.pdf

  22. NIST. Post-quantum cryptography - round 1 submissions. National Institute for Standards and Technology, December 2017. https://csrc.nist.gov/Projects/Post-Quantum-Cryptography/Round-1-Submissions

  23. NSA/CSS. Information assurance directorate: Commercial national security algorithm suite and quantum computing FAQ, January 2016. https://apps.nsa.gov/iaarchive/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/cnsa-suite-and-quantum-computing-faq.cfm

  24. Nussbaumer, H.J.: Fast polynomial transform algorithms for digital convolution. IEEE Trans. Acoust. Speech Signal Process. 28, 205–215 (1980)

    Article  MathSciNet  Google Scholar 

  25. Proos, J., Zalka, C.: Shor’s discrete logarithm quantum algorithm for elliptic curves. Quantum Inf. Comput. 3(4), 317–344 (2003). arXiv. https://arxiv.org/abs/quant-ph/9508027

  26. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC 2005, pp. 84–93. ACM, May 2005

    Google Scholar 

  27. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 1–34 (2009)

    Article  MathSciNet  Google Scholar 

  28. Saarinen, M.-J.O.: Ring-LWE ciphertext compression and error correction: tools for lightweight post-quantum cryptography. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, IoTPTS 2017, pp. 15–22. ACM, April 2017. https://eprint.iacr.org/2016/1058

  29. Saarinen, M.-J.O.: HILA5: on reliability, reconciliation, and error correction for Ring-LWE encryption. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 192–212. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_10

    Chapter  Google Scholar 

  30. Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings of the FOCS 1994, pp. 124–134. IEEE (1994). arXiv https://arxiv.org/abs/quant-ph/9508027

Download references

Author information

Authors and Affiliations

  1. PQShield Ltd., Oxford, UK

    Markku-Juhani O. Saarinen

  2. Philips, Eindhoven, The Netherlands

    Sauvik Bhattacharya, Oscar Garcia-Morchon, Ronald Rietman & Ludo Tolhuizen

  3. OnBoard Security, Wilmington, USA

    Zhenfei Zhang

Authors
  1. Markku-Juhani O. Saarinen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sauvik Bhattacharya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Oscar Garcia-Morchon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ronald Rietman
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ludo Tolhuizen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Zhenfei Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Markku-Juhani O. Saarinen .

Editor information

Editors and Affiliations

  1. Rambus - Cryptography Research, Rotterdam, Zuid-Holland, The Netherlands

    Begül Bilgin

  2. Nagravision, Cheseaux-sur-Lausanne, Vaud, Switzerland

    Jean-Bernard Fischer

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Saarinen, MJ.O., Bhattacharya, S., Garcia-Morchon, O., Rietman, R., Tolhuizen, L., Zhang, Z. (2019). Shorter Messages and Faster Post-Quantum Encryption with Round5 on Cortex M. In: Bilgin, B., Fischer, JB. (eds) Smart Card Research and Advanced Applications. CARDIS 2018. Lecture Notes in Computer Science(), vol 11389. Springer, Cham. https://doi.org/10.1007/978-3-030-15462-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-15462-2_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-15461-5

  • Online ISBN: 978-3-030-15462-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation