The confidentiality provided by widely employed asymmetric cryptosystems relying on the hardness of factoring large integers or computing discrete logarithms in a cyclic group will be jeopardized by the availability of quantum computers. As a consequence, the design of quantum-computing resistant cryptographic primitives has gained traction lately, especially thanks to the U.S. National Institute of Standards and Technology initiative, which aims at selecting a portfolio of primitives for standardization. A prime position in the set of asymmetric encryption primitives is occupied by the ones relying on decoding random linear error correction codes as their trapdoor. Among these primitives, the LEDAcrypt cryptosystem was recently announced to be admitted to the second round of the standardization initiative, where the investigation of the implementation performance is the main focus. In this paper we analyze the possible hardware designs to implement fast polynomial multiplications tailored to the encryption functions of the LEDAcrypt key encapsulation mechanism, and public key encryption primitives. In particular, we describe two designs for binary polynomial multiplications and analyze the advantages provided by exploiting the sparse nature of one of the operands in LEDAcrypt multiplications, validating our designs on a Xilinx Artix 100.
Evaluating the Trade-offs in the Hardware Design of the LEDAcrypt Encryption Functions
A. Barenghi;W. Fornaciari;A. Galimberti;G. Pelosi;D. Zoni
2019-01-01
Abstract
The confidentiality provided by widely employed asymmetric cryptosystems relying on the hardness of factoring large integers or computing discrete logarithms in a cyclic group will be jeopardized by the availability of quantum computers. As a consequence, the design of quantum-computing resistant cryptographic primitives has gained traction lately, especially thanks to the U.S. National Institute of Standards and Technology initiative, which aims at selecting a portfolio of primitives for standardization. A prime position in the set of asymmetric encryption primitives is occupied by the ones relying on decoding random linear error correction codes as their trapdoor. Among these primitives, the LEDAcrypt cryptosystem was recently announced to be admitted to the second round of the standardization initiative, where the investigation of the implementation performance is the main focus. In this paper we analyze the possible hardware designs to implement fast polynomial multiplications tailored to the encryption functions of the LEDAcrypt key encapsulation mechanism, and public key encryption primitives. In particular, we describe two designs for binary polynomial multiplications and analyze the advantages provided by exploiting the sparse nature of one of the operands in LEDAcrypt multiplications, validating our designs on a Xilinx Artix 100.| File | Dimensione | Formato | |
|---|---|---|---|
|
mainBGPZicecs2019.pdf
accesso aperto
Descrizione: main article
:
Post-Print (DRAFT o Author’s Accepted Manuscript-AAM)
Dimensione
395.88 kB
Formato
Adobe PDF
|
395.88 kB | Adobe PDF | Visualizza/Apri |
|
ICECS 2019.pdf
Accesso riservato
Descrizione: versione pubblicata
:
Publisher’s version
Dimensione
438.79 kB
Formato
Adobe PDF
|
438.79 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
