Paper 2021/532
Rainbow on Cortex-M4
Tung Chou, Matthias J. Kannwischer, and Bo-Yin Yang
Abstract
We present the first Cortex-M4 implementation of the NISTPQC signature finalist Rainbow. We target the Giant Gecko EFM32GG11B which comes with 512 kB of RAM which can easily accommodate the keys of RainbowI. We present fast constant-time bitsliced F_16 multiplication allowing multiplication of 32 field elements in 32 clock cycles. Additionally, we introduce a new way of computing the public map P in the verification procedure allowing vastly faster signature verification. Both the signing and verification procedures of our implementation are by far the fastest among the NISTPQC signature finalists. Signing of rainbowIclassic requires roughly 957 000 clock cycles which is 4× faster than the state of the art Dilithium2 implementation and 45× faster than Falcon-512. Verification needs about 239 000 cycles which is 5× and 2× faster respectively. The cost of signing can be further decreased by 20% when storing the secret key in a bitsliced representation.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Published by the IACR in TCHES 2021
- DOI
- 10.46586/tches.v2021.i4.650-675
- Keywords
- RainbowNISTPQCCortex-M4MQ signaturesfinite field arithmetic
- Contact author(s)
-
blueprint @ crypto tw
matthias @ kannwischer eu
by @ crypto tw - History
- 2021-08-30: revised
- 2021-04-23: received
- See all versions
- Short URL
- https://ia.cr/2021/532
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/532,
author = {Tung Chou and Matthias J. Kannwischer and Bo-Yin Yang},
title = {Rainbow on Cortex-M4},
howpublished = {Cryptology ePrint Archive, Paper 2021/532},
year = {2021},
doi = {10.46586/tches.v2021.i4.650-675},
note = {\url{https://eprint.iacr.org/2021/532}},
url = {https://eprint.iacr.org/2021/532}
}
