Paper 2021/1648
A Scalable SIMD RISC-V based Processor with Customized Vector Extensions for CRYSTALS-Kyber
Huimin Li and Nele Mentens and Stjepan Picek
Abstract
This paper uses RISC-V vector extensions to speed up lattice-based operations in architectures based on HW/SW co-design. We analyze the structure of the number-theoretic transform (NTT), inverse NTT (INTT), and coefficient-wise multiplication (CWM) in CRYSTALS-Kyber, a lattice-based key encapsulation mechanism. We propose 12 vector extensions for CRYSTALS-Kyber multiplication and four for finite field operations in combination with two optimizations of the HW/SW interface. This results in a speed-up of 141.7, 168.7, and 245.5 times for NTT, INTT, and CWM, respectively, compared with the baseline implementation, and a speed-up of over four times compared with the state-of-the-art HW/SW co-design using RV32IMC.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Preprint. MINOR revision.
- Keywords
- Lattice-based CryptographyPolynomial OperationVector InstructionSIMD ProcessorRISC-VISA Extension
- Contact author(s)
-
H Li-7 @ tudelft nl
nele mentens @ kuleuven be
s picek @ tudelft nl - History
- 2022-09-28: last of 4 revisions
- 2021-12-17: received
- See all versions
- Short URL
- https://ia.cr/2021/1648
- License
-
CC BY