Abstract
Public-key cryptography based on the lattice problem is efficient and believed to be secure in a post-quantum era. In this paper, we introduce carefully-optimized implementations of Kyber encryption schemes for 64-bit ARM Cortex-A processors. Our research contribution includes optimizations for Number Theoretic Transform (NTT), noise sampling, and AES accelerator based symmetric function implementations. The proposed Kyber512 implementation on ARM64 improved previous works by 1.79\(\times \), 1.96\(\times \), and 2.44\(\times \) for key generation, encapsulation, and decapsulation, respectively. Moreover, by using AES accelerator in the proposed Kyber512-90s implementation, it is improved by 8.57\(\times \), 6.94\(\times \), and 8.26\(\times \) for key generation, encapsulation, and decapsulation, respectively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Recent ARM architecture even supports SHA-3, SHA-512, SM3, and SM4 functions.
References
Alkim, E., Alper Bilgin, Y., Cenk, M., Gérard, F.: Cortex-M4 optimizations for \(\{R,M\}\) LWE schemes. IACR Trans. Crypt. Hardware Embed. Syst. 2020(3), 336–357 (2020). https://doi.org/10.13154/tches.v2020.i3.336-357, https://tches.iacr.org/index.php/TCHES/article/view/8593
Alkim, E., Evkan, H., Lahr, N., Niederhagen, R., Petri, R.: ISA extensions for finite field arithmetic: accelerating Kyber and NewHope on RISC-V. IACR Trans. Crypt. Hardware Embed. Syst. 2020(3), 219–242 (2020). https://doi.org/10.13154/tches.v2020.i3.219-242, https://tches.iacr.org/index.php/TCHES/article/view/8589
ARM: ARM architecture reference manual ARMv8, for ARMv8-A architecture profile. https://developer.arm.com/documentation/ddi0487/fc/. Accessed 15 Jan 2021
Bisheh-Niasar, M., Azarderakhsh, R., Mozaffari-Kermani, M.: High-speed NTT-based polynomial multiplication accelerator for CRYSTALS-kyber post-quantum cryptography. Cryptology ePrint Archive, Report 2021/563 (2021). https://eprint.iacr.org/2021/563
Bos, J., et al.: CRYSTALS - Kyber: a CCA-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 353–367. IEEE (2018). https://doi.org/10.1109/EuroSP.2018.00032
Bos, J., et al.: Kyber project. https://github.com/pq-crystals/kyber. Accessed 12 Dec 2020
Botros, L., Kannwischer, M.J., Schwabe, P.: Memory-efficient high-speed implementation of Kyber on Cortex-M4. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2019. LNCS, vol. 11627, pp. 209–228. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23696-0_11
Chen, Z., Ma, Y., Chen, T., Lin, J., Jing, J.: Towards efficient Kyber on FPGAs: a processor for vector of polynomials. In: 2020 25th Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 247–252 (2020). https://doi.org/10.1109/ASP-DAC47756.2020.9045459
Gouvêa, C.P.L., López, J.: Implementing GCM on ARMv8. In: Nyberg, K. (ed.) Topics in Cryptology — CT-RSA 2015. LNCS, vol. 9048, pp. 167–180. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16715-2_9
Greconici, D.: Kyber on RISC-V. Master’s Thesis (2020). https://www.ru.nl/publish/pages/769526/denisa_greconici.pdf
Gupta, N., Jati, A., Chauhan, A.K., Chattopadhyay, A.: PQC acceleration using GPUs: FrodoKEM, NewHope, and Kyber. IEEE Trans. Parallel Distrib. Syst. 32(3), 575–586 (2021). https://doi.org/10.1109/TPDS.2020.3025691
Huang, Y., Huang, M., Lei, Z., Wu, J.: A pure hardware implementation of CRYSTALS-KYBER PQC algorithm through resource reuse. IEICE Electron. Exp. 17(17), 20200234 (2020). https://doi.org/10.1587/elex.17.20200234
Kannwischer, M., Rijneveld, J., Schwabe, P., Stebila, D., Wiggers, T.: The PQClean project. https://github.com/PQClean/PQClean. Accessed 10 Dec 2020
Karabulut, E., Aysu, A.: RANTT: a RISC-V architecture extension for the number theoretic transform. In: 2020 30th International Conference on Field-Programmable Logic and Applications (FPL), pp. 26–32 (2020). https://doi.org/10.1109/FPL50879.2020.00016
Kölbl, S.: Putting wings on SPHINCS. In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 205–226. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-79063-3_10
Longa, P., Naehrig, M.: Speeding up the number theoretic transform for faster ideal lattice-based cryptography. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 124–139. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48965-0_8
Microsoft: PQCrypto-SIDH project. https://github.com/microsoft/PQCrypto-SIDH. Accessed 13 Dec 2020
Ono, T., Bian, S., Sato, T.: Automatic parallelism tuning for module learning with errors based post-quantum key exchanges on GPUs. In: 2021 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–5 (2021). https://doi.org/10.1109/ISCAS51556.2021.9401575
Schwabe, P., et al.: CRYSTALS-KYBER algorithm specifications and supporting documentation. Technical report, National Institute of Standards and Technology (2020). https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions
Seiler, G.: Faster AVX2 optimized NTT multiplication for ring-LWE lattice cryptography. Cryptology ePrint Archive, Report 2018/039 (2018). https://eprint.iacr.org/2018/039
Shor, P.: Algorithms for quantum computation: discrete logarithms and factoring. In: Proceedings 35th Annual Symposium on Foundations of Computer Science, pp. 124–134. IEEE (1994). https://doi.org/10.1109/SFCS.1994.365700
Xing, Y., Li, S.: A compact hardware implementation of CCA-secure key exchange mechanism CRYSTALS-KYBER on FPGA. IACR Trans. Cryptogr. Hardware Embed. Syst. 2021(2), 328–356 (2021). https://doi.org/10.46586/tches.v2021.i2.328-356, https://tches.iacr.org/index.php/TCHES/article/view/8797
Yaman, F., Mert, A.C., Ö-ztürk, E., Savaş, E.: A hardware accelerator for polynomial multiplication operation of CRYSTALS-KYBER. PQC scheme. Cryptology ePrint Archive, Report 2021/485 (2021). https://eprint.iacr.org/2021/485
Acknowledgment
The authors would like to thank the reviewers for their comments. This work is supported in parts by a grant from NSF-2101085.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Sanal, P., Karagoz, E., Seo, H., Azarderakhsh, R., Mozaffari-Kermani, M. (2021). Kyber on ARM64: Compact Implementations of Kyber on 64-Bit ARM Cortex-A Processors. In: Garcia-Alfaro, J., Li, S., Poovendran, R., Debar, H., Yung, M. (eds) Security and Privacy in Communication Networks. SecureComm 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 399. Springer, Cham. https://doi.org/10.1007/978-3-030-90022-9_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-90022-9_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90021-2
Online ISBN: 978-3-030-90022-9
eBook Packages: Computer ScienceComputer Science (R0)