Paper 2024/069

SDitH in Hardware

Sanjay Deshpande, Yale University, SandboxAQ
James Howe, SandboxAQ
Jakub Szefer, Yale University
Dongze Yue, SandboxAQ

This work presents the first hardware realisation of the Syndrome-Decoding-in-the-Head (SDitH) signature scheme, which is a candidate in the NIST PQC process for standardising post-quantum secure digital signature schemes. SDitH's hardness is based on conservative code-based assumptions, and it uses the Multi-Party-Computation-in-the-Head (MPCitH) construction. This is the first hardware design of a code-based signature scheme based on traditional decoding problems and only the second for MPCitH constructions, after Picnic. This work presents optimised designs to achieve the best area efficiency, which we evaluate using the Time-Area Product (TAP) metric. This work also proposes a novel hardware architecture by dividing the signature generation algorithm into two phases, namely offline and online phases for optimising the overall clock cycle count. The hardware designs for key generation, signature generation, and signature verification are parameterised for all SDitH parameters, including the NIST security levels, both syndrome decoding base fields (GF256 and GF251), and thus conforms to the SDitH specifications. The hardware design further supports secret share splitting, and the hypercube optimisation which can be applied in this and multiple other NIST PQC candidates. The results of this work result in a hardware design with a drastic reducing in clock cycles compared to the optimised AVX2 software implementation, in the range of 2-4x for most operations. Our key generation outperforms software drastically, giving a 11-17x reduction in runtime, despite the significantly faster clock speed. On Artix 7 FPGAs we can perform key generation in 55.1 Kcycles, signature generation in 6.7 Mcycles, and signature verification in 8.6 Mcycles for NIST L1 parameters, which increase for GF251, and for L3 and L5 parameters.

Available format(s)
Publication info
Published by the IACR in TCHES 2024
Hardware SecurityNIST PQCFPGAPost-Quantum cryptographySDitHPost-Quantum Digital Signatures
Contact author(s)
sanjay deshpande @ yale edu
james howe @ sandboxaq com
jakub szefer @ yale edu
steven yue @ sandboxquantum com
2024-01-17: approved
2024-01-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sanjay Deshpande and James Howe and Jakub Szefer and Dongze Yue},
      title = {SDitH in Hardware},
      howpublished = {Cryptology ePrint Archive, Paper 2024/069},
      year = {2024},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.