Paper 2018/1225

XMSS and Embedded Systems - XMSS Hardware Accelerators for RISC-V

Wen Wang and Bernhard Jungk and Julian Wälde and Shuwen Deng and Naina Gupta and Jakub Szefer and Ruben Niederhagen

Abstract

We describe a hardware-software co-design for the hash-based post-quantum signature scheme XMSS on a RISC-V embedded processor. We provide software optimizations for the XMSS reference implementation for SHA-256 parameter sets and several hardware accelerators that allow to balance area consumption and performance based on individual needs. The version with the best time-area product for key generation gives a 47x speedup in wall-clock time at 5.1x larger resource requirements; the best speedup of 52x is achieved at a higher resource cost. For signing, we achieve a maximum speedup of over 23x and for verification of over 18x. We tested and measured the cycle counts of our implementation on Intel (Altera) and Xilinx FPGAs. The integration of our XMSS accelerators into an embedded RISC-V processor enables post-quantum secure signatures for a large variety of embedded applications.