Back to Search
Start Over
LWRpro: An Energy-Efficient Configurable Crypto-Processor for Module-LWR
- Source :
- IEEE Transactions on Circuits and Systems I: Regular Papers. 68:1146-1159
- Publication Year :
- 2021
- Publisher :
- Institute of Electrical and Electronics Engineers (IEEE), 2021.
-
Abstract
- Saber, the only module-learning with rounding-based algorithm in NIST’s third round of post-quantum cryptography (PQC) standardization process, is characterized by simplicity and flexibility. However, energy-efficient implementation of Saber is still under investigation since the commonly used number theoretic transform can not be utilized directly. In this manuscript, an energy-efficient configurable crypto-processor supporting multi-security-level key encapsulation mechanism of Saber, is proposed. First, an 8-level hierarchical Karatsuba framework is utilized to reduce degree-256 polynomial multiplication to the coefficient-wise multiplication. Second, a hardware-efficient Karatsuba scheduling strategy and an optimized pre-/post-processing structure is designed to reduce the area overheads of scheduling strategy. Third, a task-rescheduling-based pipeline strategy and truncated multipliers are proposed to enable fine-grained processing. Moreover, multiple parameter sets are supported in LWRpro to enable configurability among various security scenarios. Enabled by these optimizations, LWRpro requires 1066, 1456 and 1701 clock cycles for key generation, encapsulation, and decapsulation of Saber768. The post-layout version of LWRpro is implemented with TSMC 40 nm CMOS process within 0.38 mm2. The throughput for Saber768 is up to 275k encapsulation operations per second and the energy efficiency is 0.15 uJ/encapsulation while operating at 400 MHz, achieving nearly $50\times $ improvement and $31\times $ improvement, respectively compared with current PQC hardware solutions.
- Subjects :
- Key generation
business.industry
Computer science
Pipeline (computing)
020208 electrical & electronic engineering
Karatsuba algorithm
02 engineering and technology
Encapsulation (networking)
Embedded system
0202 electrical engineering, electronic engineering, information engineering
Multiplication
Key encapsulation
Electrical and Electronic Engineering
business
Field-programmable gate array
Throughput (business)
Subjects
Details
- ISSN :
- 15580806 and 15498328
- Volume :
- 68
- Database :
- OpenAIRE
- Journal :
- IEEE Transactions on Circuits and Systems I: Regular Papers
- Accession number :
- edsair.doi...........07a2eb0c3e72c4b4ccbceb46c6f1e47b