Cryptology ePrint Archive: Report 2020/054

Parameterized Hardware Accelerators for Lattice-Based Cryptography and Their Application to the HW/SW Co-Design of qTESLA

Wen Wang and Shanquan Tian and Bernhard Jungk and Nina Bindel and Patrick Longa and Jakub Szefer

Abstract: This paper presents a set of efficient and parameterized hardware accelerators that target post-quantum lattice-based cryptographic schemes, including a versatile cSHAKE core, a binary-search CDT-based Gaussian sampler, and a pipelined NTT-based polynomial multiplier, among others. Unlike much of prior work, the accelerators are fully open-sourced, are designed to be constant-time, and are parameterized at compile-time to support different parameters without the need for re-writing the hardware implementation. These flexible, to-be publicly-available accelerators are used to demonstrate the first hardware-software co-design using RISC-V of the post-quantum lattice-based signature scheme qTESLA with provably secure parameters. In particular, we demonstrate that the NIST's Round 2 level 1 and level 3 qTESLA variants achieve over a 40-100x speedup for key generation, about a 10x speedup for signing, and about a 16x speedup for verification, compared to the baseline RISC-V software-only implementation. For instance, this corresponds to execution in 7.7, 34.4, and 7.8 milliseconds for key generation, signing, and verification, respectively, for qTESLA's level 1 parameter set on an Artix-7 FPGA, demonstrating the feasibility of the scheme for embedded applications.

Category / Keywords: implementation / Lattice-based cryptography, Post-quantum cryptography, qTESLA, Hardware accelerators, Hardware-software co-design, FPGA, RISC-V

Date: received 17 Jan 2020

Contact author: wen wang ww349 at yale edu,shanquan tian@yale edu,jakub szefer@yale edu,bernhard@projectstarfire de,nlbindel@uwaterloo ca,plonga@microsoft com

Available format(s): PDF | BibTeX Citation

Version: 20200120:192839 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]