TY - GEN
T1 - Efficient Modular Polynomial Multiplier for NTT Accelerator of Crystals-Kyber
AU - Itabashi, Yuma
AU - Ueno, Rei
AU - Homma, Naofumi
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - This paper presents a hardware design that efficiently performs the number theoretic transform (NTT) for lattice-based cryptography. First, we propose an efficient modular multiplication method for lattice-based cryptography defined over Proth numbers. The proposed method is based on a K-RED technique specific to Proth numbers. In particular, we divide the intermediate result into the sign bit and the other absolute value bits and handle them separately to significantly reduce implementation costs. Then, we show a butterfly unit datapath of NTT and inverse INTT equipped with the proposed modular multiplier. We apply the proposed NTT accelerator to Crystals-Kyber, which is lattice-based cryptography, and evaluate its performance on Xilinx Artix-7. The results show that the proposed NTT accelerators achieve up-to 3% and 33% higher area-time efficiency in terms of LUTs and FFs, respectively, than conventional best methods. In addition, the low-latency version of the proposed NTT accelerators achieves a 18% lower-latency with an area-time efficiency (in terms of LUTs, FFs, and DSPs) than the existing fastest method.
AB - This paper presents a hardware design that efficiently performs the number theoretic transform (NTT) for lattice-based cryptography. First, we propose an efficient modular multiplication method for lattice-based cryptography defined over Proth numbers. The proposed method is based on a K-RED technique specific to Proth numbers. In particular, we divide the intermediate result into the sign bit and the other absolute value bits and handle them separately to significantly reduce implementation costs. Then, we show a butterfly unit datapath of NTT and inverse INTT equipped with the proposed modular multiplier. We apply the proposed NTT accelerator to Crystals-Kyber, which is lattice-based cryptography, and evaluate its performance on Xilinx Artix-7. The results show that the proposed NTT accelerators achieve up-to 3% and 33% higher area-time efficiency in terms of LUTs and FFs, respectively, than conventional best methods. In addition, the low-latency version of the proposed NTT accelerators achieves a 18% lower-latency with an area-time efficiency (in terms of LUTs, FFs, and DSPs) than the existing fastest method.
KW - accelerator
KW - k-reduction
KW - lattice-based cryptography
KW - number theoretic transform
KW - post-quantum cryptography
UR - http://www.scopus.com/inward/record.url?scp=85146700878&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85146700878&partnerID=8YFLogxK
U2 - 10.1109/DSD57027.2022.00076
DO - 10.1109/DSD57027.2022.00076
M3 - Conference contribution
AN - SCOPUS:85146700878
T3 - Proceedings - 2022 25th Euromicro Conference on Digital System Design, DSD 2022
SP - 528
EP - 533
BT - Proceedings - 2022 25th Euromicro Conference on Digital System Design, DSD 2022
A2 - Fabelo, Himar
A2 - Ortega, Samuel
A2 - Skavhaug, Amund
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 25th Euromicro Conference on Digital System Design, DSD 2022
Y2 - 31 August 2022 through 2 September 2022
ER -