Paper 2024/002

Fast polynomial multiplication using matrix multiplication accelerators with applications to NTRU on Apple M1/M3 SoCs

Décio Luiz Gazzoni Filho, Instituto de Computação, Universidade Estadual de Campinas (UNICAMP), Department of Electrical Engineering, State University of Londrina
Guilherme Brandão
Julio López, Instituto de Computação, Universidade Estadual de Campinas (UNICAMP)
Abstract

Efficient polynomial multiplication routines are critical to the performance of lattice-based post-quantum cryptography (PQC). As PQC standards only recently started to emerge, CPUs still lack specialized instructions to accelerate such routines. Meanwhile, deep learning has grown immeasurably in importance. Its workloads call for teraflops-level of processing power for linear algebra operations, mainly matrix multiplication. Computer architects have responded by introducing ISA extensions, coprocessors and special-purpose cores to accelerate such operations. In particular, Apple ships an undocumented matrix-multiplication coprocessor, AMX, in hundreds of millions of mobile phones, tablets and personal computers. Our work repurposes AMX to implement polynomial multiplication and applies it to the NTRU cryptosystem, setting new speed records on the Apple M1 and M3 systems-on-chip (SoCs): polynomial multiplication, key generation, encapsulation and decapsulation are sped up by -, -, - and -, respectively, over the previous state-of-the-art.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. IACR Communications in Cryptology
DOI
10.62056/a3txommol
Keywords
PQCNTRUApple SiliconAccelerators
Contact author(s)
decio gazzoni @ ic unicamp br
brandaogbs @ gmail com
jlopez @ ic unicamp br
History
2024-04-09: last of 2 revisions
2024-01-01: received
See all versions
Short URL
https://ia.cr/2024/002
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/002,
      author = {Décio Luiz Gazzoni Filho and Guilherme Brandão and Julio López},
      title = {Fast polynomial multiplication using matrix multiplication accelerators with applications to {NTRU} on Apple M1/M3 {SoCs}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/002},
      year = {2024},
      doi = {10.62056/a3txommol},
      url = {https://eprint.iacr.org/2024/002}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.