Abstract
SABER is one of the four finalists in the third round of the ongoing NIST post-quantum cryptography standardization process. It is one of the three finalists that are based on lattice problems. This article intends to show the results of an analysis of SABER as reported by DÁnvers (in: CPA-secure encryption and CCA-secure KEM, eprint.iacr.org, 2020) performance in x64 and ARM architectures. SABER was tested following a scenario where, first, a pair of public and private keys were generated. Then, data representing a session key was encrypted using the generated public key and decrypted using the generated private key. Algorithm performance was evaluated by running these steps in each architecture proposed. Based on the data collected, it was checked if SABER is suitable or not for mobile devices. Bottlenecks were found while executing SABER code.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig6_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig7_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig8_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig9_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig10_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig11_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig12_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig13_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig14_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig15_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig16_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig17_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00337-x/MediaObjects/13389_2023_337_Fig18_HTML.png)
Similar content being viewed by others
Availability of data and materials
All data were collected by ourselves and can be available to public evaluation.
Notes
“Performance in hardware has typically played a major role in differentiating among leading candidates in cryptographic standardization efforts. Winners of two past NIST cryptographic contests (Rijndael in case of AES and Keccak in case of SHA-3) were ranked consistently among the two fastest candidates when implemented using FPGAs and ASICs. (...) identifying some candidates as either inherently slow or costly in hardware helped to eliminate a subset of candidates, saving countless hours of cryptanalysis."
References
DÁnvers, J.-P. and Karmakar, A. and Sinha Roy, S. and Vercauteren, F.: Saber: module-LWR based key exchange, CPA-secure encryption and CCA-secure KEM, eprint.iacr.org, 2020
Saarinen, M.J.O.: Mobile energy requirements of the upcoming NIST post-quantum cryptography standards. arxiv.org, (2019)
Xu, R., Cheng, C., Qin, Y. and Jiang, T.: Lighting the way to a smart world: lattice-based cryptography for Internet of Things. CoRR, abs/1805.04880, (2018)
Saber Reference, SABER: Mod-LWR based KEM( Round 3 Submission). Available online: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/files/saberspecround3.pdf (accessed on 1 May 2023)
Howe, J. and Prest, T. and Apon, D.: SoK: How (not) to Design and Implement Post-Quantum. Cryptology ePrint Archive, Report 2021/462, (2019)
Basso, A. and Roy, S.S.: Optimized polynomial multiplier architectures for post-quantum KEM Saber. Cryptology ePrint Archive, Paper 2020/1482, (2020)
Carter, E., He, P. and Xie, J.: High-performance polynomial multiplication hardware accelerators for KEM Saber and NTRU. Cryptology ePrint Archive, Paper 2022/628, (2022)
Saber, Performance. Available online: https://www.esat.kuleuven.be/cosic/pqcrypto/saber/performance.html (accessed on 1 Feb 2021)
Roy, S.S.: SaberX4: High-throughput Software Implementationof Saber Key Encapsulation Mechanism. Paper 2019/1309, (2019)
Dang, V.B., Farahmand, F., Andrzejczak, M., Mohajerani, K., Nguyen, D.T. and Gaj, K.: Implementation and Benchmarking of Round 2 Candidates in the NIST Post-Quantum Cryptography Standardization Process Using Hardware and Software/Hardware Co-design Approaches. Cryptology ePrint Archive, Paper 2020/795, (2020)
Ortiz, J.N., Rodrigues, F.C., Gazzoni Filho, D., Teixeira, C., Lopez, J. and Dahab, R.: Evaluation of CRYSTALS-Kyber and Saber on the ARMv8 architecture. Anais do XXII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, SBC, 372–377, (2022)
Saber Post-Quantum Key Encapsulation Mechanism (KEM): Evaluating Performance in Mobile Devices and Suggesting Some Improvements Third NIST Conference, Leonardo A D S Ribeiro. Available online: https://csrc.nist.gov/Events/2021/third-pqc-standardization-conference (accessed on 31 Aug 2021)
Acknowledgements
Part of the results presented in this work was obtained through the “Secure Sharing” project, funded by Samsung Eletrônica da Amazônia Ltda., under the Brazilian Informatics Law 8.248/91.
Funding
No funding.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
No conflicts of any kind.
Ethics approval
There is no ethical problems with research.
Consent to participate
Our researchers consented to participate on research.
Consent for publication
All researchers consented to make article publishable.
Code availability
Code used is private of researchers and can be available as soon as it is approved by all researchers.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ribeiro, L.A.D.S., da Silva Lima, J.P., de Queiroz, R.J.G.B. et al. SABER post-quantum key encapsulation mechanism (KEM): evaluating performance in ARM and x64 architectures. J Cryptogr Eng 14, 35–41 (2024). https://doi.org/10.1007/s13389-023-00337-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-023-00337-x