Cryptology ePrint Archive: Report 2018/1225

XMSS and Embedded Systems - XMSS Hardware Accelerators for RISC-V

Wen Wang and Bernhard Jungk and Julian Wälde and Shuwen Deng and Naina Gupta and Jakub Szefer and Ruben Niederhagen

Abstract: We describe a hardware-software co-design for the hash-based post-quantum signature scheme XMSS on a RISC-V embedded processor. We provide software optimizations for the XMSS reference implementation for SHA-256 parameter sets and several hardware accelerators that allow to balance area consumption and performance based on individual needs. By integrating hardware accelerators to the RISC-V processor, the version with the best time-area product for key generation gives a 41.7x speedup in wall-clock time at 5.1x larger resource requirements; the best speedup of 46.6x is achieved at a higher resource cost, compared to the pure software version. Similarly, for signing, we achieve a maximum speedup of over 21x and for verification of 18x. We tested and measured the cycle counts of our implementation on Intel (Altera) and Xilinx FPGAs. The integration of our XMSS accelerators into an embedded RISC-V processor enables post-quantum secure signatures for a large variety of embedded applications.

Category / Keywords: implementation / XMSS, hash-based signatures, post-quantum cryptography, hardware accelerator, FPGA, RISC-V

Date: received 21 Dec 2018, last revised 5 Mar 2019

Contact author: wen wang ww349 at yale edu,ruben@polycephaly org,jakub szefer@yale edu

Available format(s): PDF | BibTeX Citation

Version: 20190305:222928 (All versions of this report)

Short URL: ia.cr/2018/1225


[ Cryptology ePrint archive ]