Paper 2017/690

High Performance Post-Quantum Key Exchange on FPGAs

Po-Chun Kuo, Wen-Ding Li, Yu-Wei Chen, Yuan-Che Hsu, Bo-Yuan Peng, Chen-Mou Cheng, and Bo-Yin Yang


Lattice-based cryptography is a highly potential candidate that protects against the threat of quantum attack. At Usenix Security 2016, Alkim, Ducas, Pöpplemann, and Schwabe proposed a post-quantum key exchange scheme called NewHope, based on a variant of lattice problem, the ring-learning-with-errors (RLWE) problem. In this work, we propose a high performance hardware architecture for NewHope. Our implementation requires 6,680 slices, 9,412 FFs, 18,756 LUTs, 8 DSPs and 14 BRAMs on Xilinx Zynq-7000 equipped with 28mm Artix-7 7020 FPGA. In our hardware design of NewHope key exchange, the three phases of key exchange costs 51.9, 78.6 and 21.1 microseconds, respectively. It achieves more than 4.8 times better in terms of area-time product comparing to previous results of hardware implementation of NewHope-Simple from Oder and Güneysu at Latincrypt 2017.

Available format(s)
Publication info
Preprint. MINOR revision.
Post-quantum cryptographylattice-based cryptographyLWERLWEkey exchangeFPGA implementation
Contact author(s)
kbj @ crypto tw
2018-02-07: revised
2017-07-19: received
See all versions
Short URL
Creative Commons Attribution


      author = {Po-Chun Kuo and Wen-Ding Li and Yu-Wei Chen and Yuan-Che Hsu and Bo-Yuan Peng and Chen-Mou Cheng and Bo-Yin Yang},
      title = {High Performance Post-Quantum Key Exchange on FPGAs},
      howpublished = {Cryptology ePrint Archive, Paper 2017/690},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.