eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2016/672

Post-Quantum Cryptography on FPGA Based on Isogenies on Elliptic Curves

Brian Koziel, Reza Azarderakhsh, Mehran Mozaffari Kermani, and David Jao


To the best of our knowledge, we present the first hardware implementation of isogeny-based cryptography available in the literature. Particularly, we present the first implementation of the supersingular isogeny Diffie-Hellman (SIDH) key exchange, which features quantum-resistance. We optimize this design for speed by creating a high throughput multiplier unit, taking advantage of parallelization of arithmetic in $\mathbb{F}_{p^{2}}$, and minimizing pipeline stalls with optimal scheduling. Consequently, our results are also faster than software libraries running affine SIDH even on Intel Haswell processors. For our implementation at 85-bit quantum security and 128-bit classical security, we generate ephemeral public keys in 1.655 million cycles for Alice and 1.490 million cycles for Bob. We generate the shared secret in an additional 1.510 million cycles for Alice and 1.312 million cycles for Bob. On a Virtex-7, these results are approximately 1.5 times faster than known software implementations running the same 512-bit SIDH. Our results and observations show that the isogeny-based schemes can be implemented with high efficiency on reconfigurable hardware.

Available format(s)
-- withdrawn --
Publication info
Published elsewhere. Minor revision. IEEE Transactions on Circuits and Systems (TCAS-I)
Post-quantum cryptographyelliptic curve cryptography (ECC)isogeny-based cryptographyField Programmable Gate Array (FPGA)
Contact author(s)
azarderakhsh @ gmail com
2016-11-03: withdrawn
2016-07-06: received
See all versions
Short URL
Creative Commons Attribution
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.