Cryptology ePrint Archive: Report 2017/690

High Performance Post-Quantum Key Exchange on FPGAs

Po-Chun Kuo and Wen-Ding Li and Yu-Wei Chen and Yuan-Che Hsu and Bo-Yuan Peng and Chen-Mou Cheng and Bo-Yin Yang

Abstract: Lattice-based cryptography is a highly potential candidate that protects against the threat of quantum attack. At Usenix Security 2016, Alkim, Ducas, Pöpplemann, and Schwabe proposed a post-quantum key exchange scheme called NewHope, based on a variant of lattice problem, the ring-learning-with-errors (RLWE) problem. In this work, we propose a high performance hardware architecture for NewHope. Our implementation requires 6,680 slices, 9,412 FFs, 18,756 LUTs, 8 DSPs and 14 BRAMs on Xilinx Zynq-7000 equipped with 28mm Artix-7 7020 FPGA. In our hardware design of NewHope key exchange, the three phases of key exchange costs 51.9, 78.6 and 21.1microseconds, respectively. It achieves more than 4.8 times better in terms of area-time product comparing to previous results of hardware implementation of NewHope-Simple from Oder and Güneysu at Latincrypt 2017.

Category / Keywords: Post-quantum cryptography, lattice-based cryptography, LWE, RLWE, key exchange, FPGA implementation

Date: received 12 Jul 2017, last revised 6 Feb 2018

Contact author: kbj at crypto tw

Available format(s): PDF | BibTeX Citation

Version: 20180207:020505 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]