Paper 2015/382

High-Performance Ideal Lattice-Based Cryptography on 8-bit ATxmega Microcontrollers

Thomas Pöppelmann, Tobias Oder, and Tim Güneysu

Abstract

Over the last years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. But despite of promising constructions, only few results have been published on implementation issues on very constrained platforms. In this work we therefore study and compare implementations of Ring-LWE encryption and the bimodal lattice signature scheme (BLISS) on an 8-bit Atmel ATxmega128 microcontroller. Since the number theoretic transform (NTT) is one of the core components in implementations of lattice-based cryptosystems, we review the application of the NTT in previous implementations and present an improved approach that significantly lowers the runtime for polynomial multiplication. Our implementation of Ring-LWE encryption takes 27 ms for encryption and 6.7 ms for decryption. To compute a BLISS signature, our software takes 329 ms and 88 ms for verification. These results outperform implementations on similar platforms and underline the feasibility of lattice-based cryptography on constrained devices.

Note: Extended/full version of Latincrypt'15 paper. Results have been updated to match proceedings version.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Major revision. Latincrypt 2015
Keywords
Ideal latticesNTTRLWEBLISSATxmega
Contact author(s)
thomas poeppelmann @ rub de
tobias oder @ rub de
tim gueneysu @ rub de
History
2015-06-19: revised
2015-04-28: received
See all versions
Short URL
https://ia.cr/2015/382
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2015/382,
      author = {Thomas Pöppelmann and Tobias Oder and Tim Güneysu},
      title = {High-Performance Ideal Lattice-Based Cryptography on 8-bit {ATxmega} Microcontrollers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/382},
      year = {2015},
      url = {https://eprint.iacr.org/2015/382}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.