Paper 2022/1243

Hybrid scalar/vector implementations of Keccak and SPHINCS+ on AArch64

Hanno Becker, Arm Limited
Matthias J. Kannwischer, Academia Sinica
Abstract

This paper presents two new techniques for the fast implementation of the Keccak permutation on the A-profile of the Arm architecture: First, the elimination of explicit rotations in the Keccak permutation through Barrel shifting, applicable to scalar AArch64 implementations of Keccak-f1600. Second, the construction of hybrid implementations concurrently leveraging both the scalar and the Neon instruction sets of AArch64. The resulting performance improvements are demonstrated in the example of the hash-based signature scheme SPHINCS+, one of the recently announced winners of the NIST post-quantum cryptography project: We achieve up to 1.89× performance improvements compared to the state of the art. Our implementations target the Arm Cortex-{A55,A510,A78,A710,X1,X2} processors common in client devices such as mobile phones.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Indocrypt 2022
Keywords
Arm AArch64 Armv8-A Keccak SIMD Neon Post-Quantum Cryptography SPHINCS+
Contact author(s)
hanno becker @ arm com
matthias @ kannwischer eu
History
2022-10-27: revised
2022-09-19: received
See all versions
Short URL
https://ia.cr/2022/1243
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/1243,
      author = {Hanno Becker and Matthias J. Kannwischer},
      title = {Hybrid scalar/vector implementations of Keccak and {SPHINCS}+ on {AArch64}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/1243},
      year = {2022},
      url = {https://eprint.iacr.org/2022/1243}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.