Cryptology ePrint Archive: Report 2018/723
Shorter Messages and Faster Post-Quantum Encryption with Round5 on Cortex M
Markku-Juhani O. Saarinen and Sauvik Bhattacharya and Oscar Garcia-Morchon and Ronald Rietman and Ludo Tolhuizen and Zhenfei Zhang
Abstract: Round5 is a Public Key Encryption and Key Encapsulation Mechanism (KEM)
based on General Learning with Rounding (GLWR), a lattice problem.
We argue that the ring variant of GLWR is better suited for embedded
targets than the more common RLWE (Ring Learning With Errors) due to
significantly shorter keys and messages. Round5 incorporates GLWR with
error correction, building on design features from NIST Post-Quantum
Standardization candidates Round2 and Hila5. The proposal avoids
Number Theoretic Transforms (NTT), allowing more flexibility in
parameter selection and making it simpler to implement. We discuss
implementation techniques of Round5 ring variants and compare
them to other NIST PQC candidates on lightweight Cortex M4 platform. We
show that the current development version of Round5 offers not only
the shortest key and ciphertext sizes among Lattice-based candidates, but
also has leading performance and implementation size characteristics.
Category / Keywords: implementation / Post-Quantum Cryptography, Lattice Cryptography, GLWR, Embedded Implementation, Cortex M4
Original Publication (with minor differences): CARDIS 2018 Pre-Proceedings Version
Date: received 3 Aug 2018, last revised 31 Oct 2018
Contact author: mjos at iki fi
Available format(s): PDF | BibTeX Citation
Note: Text is being revised for publication in CARDIS '18.
Version: 20181031:101401 (All versions of this report)
Short URL: ia.cr/2018/723
[ Cryptology ePrint archive ]