Cryptology ePrint Archive: Report 2021/1511

Compressed SIKE Round 3 on ARM Cortex-M4

Mila Anastasova and Mojtaba Bisheh-Niasar and Reza Azarderakhsh and Mehran Mozaffari Kermani

Abstract: In 2016, the National Institute of Standards and Technology (NIST) initiated a standardization process among the post-quantum secure algorithms. Forming part of the alternate group of candidates after Round 2 of the process is the Supersingular Isogeny Key Encapsulation (SIKE) mechanism which attracts with the smallest key sizes offering post-quantum security in scenarios of limited bandwidth and memory resources. Even further reduction of the exchanged information is offered by the compression mechanism, proposed by Azarderakhsh et al., which, however, introduces a significant time overhead and increases the memory requirements of the protocol, making it challenging to integrate it into an embedded system. In this paper, we propose the first compressed SIKE implementation for a resource-constrained device, where we targeted the NIST recommended platform STM32F407VG featuring ARM Cortex-M4 processor. We integrate the isogeny-based implementation strategies described previously in the literature into the compressed version of SIKE. Additionally, we propose a new assembly design for the finite field operations particular for the compressed SIKE, and observe a speedup of up to 16% and up to 25% compared to the last best-reported assembly implementations for p434, p503, and p610.

Category / Keywords: implementation / Compressed Supersingular Isogeny Key Encapsulation (SIKE), Post-Quantum Cryptography (PQC), ARM Cortex-M4

Date: received 15 Nov 2021

Contact author: razarderakhsh at fau edu, manastasova2017 at fau edu, mbishehniasa2019 at fau edu

Available format(s): PDF | BibTeX Citation

Version: 20211120:224650 (All versions of this report)

Short URL: ia.cr/2021/1511


[ Cryptology ePrint archive ]