Abstract
This paper presents a set of efficient and parameterized hardware accelerators that target post-quantum lattice-based cryptographic schemes, including a versatile cSHAKE core, a binary-search CDT-based Gaussian sampler, and a pipelined NTT-based polynomial multiplier, among others. Unlike much of prior work, the accelerators are fully open-sourced, are designed to be constant-time, and can be parameterized at compile-time to support different parameters without the need for re-writing the hardware implementation. These flexible, publicly-available accelerators are leveraged to demonstrate the first hardware-software co-design using RISC-V of the post-quantum lattice-based signature scheme qTESLA with provably secure parameters. In particular, this work demonstrates that the NIST’s Round 2 level 1 and level 3 qTESLA variants achieve over a 40-100x speedup for key generation, about a 10x speedup for signing, and about a 16x speedup for verification, compared to the baseline RISC-V software-only implementation. For instance, this corresponds to execution in 7.7, 34.4, and 7.8 milliseconds for key generation, signing, and verification, respectively, for qTESLA’s level 1 parameter set on an Artix-7 FPGA, demonstrating the feasibility of the scheme for embedded applications.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 269-306 |
| Number of pages | 38 |
| Journal | IACR Transactions on Cryptographic Hardware and Embedded Systems |
| Volume | 2020 |
| Issue number | 3 |
| DOIs | |
| State | Published - 2020 |
Keywords
- FPGA
- Hardware accelerators
- Hardware-software co-design
- Lattice-based cryptography
- Post-quantum cryptography
- QTESLA
- RISC-V
ASJC Scopus subject areas
- Software
- Signal Processing
- Hardware and Architecture
- Computer Networks and Communications
- Computer Graphics and Computer-Aided Design
- Artificial Intelligence