Cryptology ePrint Archive: Report 2019/1403

No RISC, no Fun: Comparison of Hardware Accelerated Hash Functions for XMSS

Ingo Braun and Fabio Campos and Steffen Reith and Marc Stöttinger

Abstract: We investigate multiple implementations of a hash-based digital signature scheme in software and hardware for a RISC-V processor. For this, different instantiations of XMSS by leveraging SHA-256 and SHA-3 are considered. Moreover, we propose various optimisations for accelerating the signature scheme on resource-constrained FPGAs. Compared to the pure software version, the implemented hardware accelerators for SHA-256 and SHA-3 achieve a significant speedup of 25x and 87x respectively for generating 2^10 key pairs. Signing and verifying with such key pairs achieves a speedup of 17x and 10x in the case of SHA-256 and respectively 55x and 20x for SHA-3. Recently, Wang et al. presented an XMSS-specific software-hardware co-design, resulting in significant speedups. Our general-purpose hardware accelerator for SHA-256 further reduces the calculation cost for signing by 26%, and by 28% for verifying in comparison to results of Wang et al., and achieves as well a better time-area product for signing (3.3x) and verifying (2.5x).

Category / Keywords: implementation / XMSS, RISC-V, hash-based signatures, post-quantum cryptography, FPGA, resource-constrained systems

Date: received 3 Dec 2019, last revised 4 Dec 2019, withdrawn 14 Dec 2019

Contact author: campos at sopmac de

Available format(s): (-- withdrawn --)

Version: 20191214:121144 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]