Paper 2022/110
Revisiting Higher-Order Masked Comparison for Lattice-Based Cryptography: Algorithms and Bit-sliced Implementations
Jan-Pieter D'Anvers, Michiel Van Beirendonck, and Ingrid Verbauwhede
Abstract
Masked comparison is one of the most expensive operations in side-channel secure implementations of lattice-based post-quantum cryptography, especially for higher masking orders. First, we introduce two new masked comparison algorithms, which improve the arithmetic comparison of D'Anvers et al. and the hybrid comparison method of Coron et al. respectively. We then look into implementation-specific optimizations, and show that small specific adaptations can have a significant impact on the overall performance. Finally, we implement various state-of-the-art comparison algorithms and benchmark them on the same platform (ARM-Cortex M4) to allow a fair comparison between them. We improve on the arithmetic comparison of D'Anvers et al. with a factor $\approx 20\%$ by using Galois Field multiplications and the hybrid comparison of Coron et al. with a factor $\approx 25\%$ by streamlining the design. Our implementation-specific improvements allow a speedup of a straightforward comparison implementation of $\approx 33\%$. We discuss the differences between the various algorithms and provide the implementations and a testing framework to ease future research.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Lattice-Based CryptographySide-Channel ProtectionMaskingFujisaki-Okamoto transform
- Contact author(s)
-
janpieter danvers @ esat kuleuven be
michiel vanbeirendonck @ esat kuleuven be - History
- 2022-04-14: revised
- 2022-01-31: received
- See all versions
- Short URL
- https://ia.cr/2022/110
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/110, author = {Jan-Pieter D'Anvers and Michiel Van Beirendonck and Ingrid Verbauwhede}, title = {Revisiting Higher-Order Masked Comparison for Lattice-Based Cryptography: Algorithms and Bit-sliced Implementations}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/110}, year = {2022}, url = {https://eprint.iacr.org/2022/110} }