Paper 2020/1303

Post-Quantum Cryptography with Contemporary Co-Processors: Beyond Kronecker, Schönhage-Strassen & Nussbaumer

Joppe W. Bos, Joost Renes, and Christine van Vredendaal

Abstract

There are currently over 30 billion IoT (Internet of Things) devices installed worldwide. To secure these devices from various threats one often relies on public-key cryptographic primitives whose operations can be costly to compute on resource-constrained IoT devices. To support such operations these devices often include a dedicated co-processor for cryptographic procedures, typically in the form of a big integer arithmetic unit. Such existing arithmetic co-processors do not offer the functionality that is expected by upcoming post-quantum cryptographic primitives. Regardless, contemporary systems may exist in the field for many years to come. In this paper we propose the Kronecker+ algorithm for polynomial multiplication in rings of the form Z[X]/(X^n+1): the arithmetic foundation of many lattice-based cryptographic schemes. We discuss how Kronecker+ allows for re-use of existing co-processors for post-quantum cryptography, and in particular directly applies to the various finalists in the post-quantum standardization effort led by NIST. We demonstrate the effectiveness of our algorithm in practice by integrating Kronecker+ into Saber: one of the finalists in the ongoing NIST standardization effort. On our target platform, a RV32IMC with access to a dedicated arithmetic co-processor designed to accelerate RSA and ECC, Kronecker+ performs the matrix multiplication 2.8 times faster than regular Kronecker substitution and 1.7 times faster than Harvey's negated-evaluation-points method.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. USENIX Security Symposium '22
Keywords
Polynomial multiplicationKronecker substitutionSchönhage-StrassenNussbaumerCo-processors
Contact author(s)
joost renes @ nxp com
joppe bos @ nxp com
christine van vredendaal @ nxp com
History
2021-07-16: last of 3 revisions
2020-10-19: received
See all versions
Short URL
https://ia.cr/2020/1303
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1303,
      author = {Joppe W.  Bos and Joost Renes and Christine van Vredendaal},
      title = {Post-Quantum Cryptography with Contemporary Co-Processors: Beyond Kronecker, Schönhage-Strassen & Nussbaumer},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1303},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1303}},
      url = {https://eprint.iacr.org/2020/1303}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.