Paper 2020/1216

Polynomial Multiplication in NTRU Prime: Comparison of Optimization Strategies on Cortex-M4

Erdem Alkim, Dean Yun-Li Cheng, Chi-Ming Marvin Chung, Hülya Evkan, Leo Wei-Lun Huang, Vincent Hwang, Ching-Lin Trista Li, Ruben Niederhagen, Cheng-Jhih Shih, Julian Wälde, and Bo-Yin Yang

Abstract

This paper proposes two different methods to perform NTT-based polynomial multiplication in polynomial rings that do not naturally support such a multiplication. We demonstrate these methods on the NTRU Prime key-encapsulation mechanism (KEM) proposed by Bernstein, Chuengsatiansup, Lange, and Vredendaal, which uses a polynomial ring that is, by design, not amenable to use with NTT. One of our approaches is using Good's trick and focuses on speed and supporting more than one parameter set with a single implementation. The other approach is using a mixed-radix NTT and focuses on the use of smaller multipliers and less memory. On an ARM Cortex-M4 microcontroller, we show that our three NTT-based implementations, one based on Good's trick and two mixed-radix NTTs, provide between 32% and 17% faster polynomial multiplication. For the parameter-set ntrulpr761, this results in between 16% and 9% faster total operations (sum of key generation, encapsulation, and decapsulation) and requires between 15% and 39% less memory than the current state-of-the-art NTRU Prime implementation on this platform, which is using Toom-Cook-based polynomial multiplication.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
A minor revision of an IACR publication in TCHES 2021
Keywords
NTTPolynomial multiplicationCortex-M4NTRU PrimePQC
Contact author(s)
erdemalkim @ gmail com
ruben @ polycephaly org
by @ crypto tw
History
2020-10-26: last of 3 revisions
2020-10-06: received
See all versions
Short URL
https://ia.cr/2020/1216
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/1216,
      author = {Erdem Alkim and Dean Yun-Li Cheng and Chi-Ming Marvin Chung and Hülya Evkan and Leo Wei-Lun Huang and Vincent Hwang and Ching-Lin Trista Li and Ruben Niederhagen and Cheng-Jhih Shih and Julian Wälde and Bo-Yin Yang},
      title = {Polynomial Multiplication in NTRU Prime: Comparison of Optimization Strategies on Cortex-M4},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1216},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1216}},
      url = {https://eprint.iacr.org/2020/1216}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.