Hardware Optimization and Evaluation for Crucial Modules 
of Lattice-Based Cryptography

doi:10.13209/j.0479-8023.2021.054

Acta Scientiarum Naturalium Universitatis Pekinensis ›› 2021, Vol. 57 ›› Issue (4): 595-604.DOI: 10.13209/j.0479-8023.2021.054

Previous Articles Next Articles

Hardware Optimization and Evaluation for Crucial Modules of Lattice-Based Cryptography

CHEN Zhaohui^1,2, MA Yuan^2,3,†, JING Jiwu^1,4

1. School of Computer Science and Technology, University of Chinese Academy of Sciences, Beijing 100049 2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093 3. School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049 4. School of Software and Microelectronics, Peking University, Beijing 102600

Received:2020-06-18 Revised:2020-09-24 Online:2021-07-20 Published:2021-07-20
Contact: MA Yuan, E-mail: mayuan(at)iie.ac.cn

格密码关键运算模块的硬件实现优化与评估

陈朝晖^1,2, 马原^2,3,†, 荆继武^1,4

1. 中国科学院大学计算机科学与技术学院, 北京 100049 2. 中国科学院信息工程研究所信息安全国家重点实验室, 北京 100093 3. 中国科学院大学网络空间安全学院, 北京 100049 4. 北京大学软件与微电子学院, 北京 102600

通讯作者: 马原, E-mail: mayuan(at)iie.ac.cn
基金资助:
国家自然科学基金(61872357, 61802396)、国家密码发展基金(MMJJ20170205, MMJJ20180113)和北京数字认证股份有限公司委托研究项目(BJCA2020-YF-0300)资助

Abstract

Abstract:

To improve the efficiency of lattice-based cryptography in practical applications, the optimization technology of polynomial multiplication in lattice-based cryptography is proposed. The polynomial coefficients are stored in a ping-pong structure to improve the bandwidth. By eliminating pre-scale operations, 10.5% of modular multiplication operations and 16.7% of storage space are saved. The structure based on look-up table shift register and three-input adder is adopted to reduce the logical resource occupation. The pipeline structure with optional stages is designed to make the butterfly module in polynomial multiplication meet the timing requirements of different cryptographic hardware systems. The evaluation results show that the maximum frequency of low-area, balanced and high-performance implementations of the optimized butterfly unit can reach 150, 250 and 350 MHz, respectively. Compared with the existing implementation technologies, the optimized hardware implementation can achieve higher operating frequency with a smaller circuit area, which improves the efficiency of polynomial multiplication module by 22.8%.

Key words: post-quantum cryptography, polynomial multiplication, number theoretic transformation, butterfly operation, FPGA

摘要：

为提高格密码在实际应用中的运算效率, 提出一种格密码中多项式乘法运算的优化实现技术。该技术采用乒乓结构存储多项式系数, 用以提升存取带宽, 通过消除预缩放运算, 减少10.5%的模乘运算和16.7%的存储空间占用, 采用移位寄存器和三输入加法器的结构, 有效地减少逻辑资源占用。同时, 设计具有可选层级的流水线结构, 使多项式乘法中的蝶形运算模块可以满足不同密码硬件系统的时序要求。评估结果表明, 采用优化技术的低面积、均衡型和高性能实现的蝶形运算模块最大工作频率分别可达到150, 250和350 MHz以上。与现有实现技术相比, 优化的多项式乘法硬件实现能够以更小的电路面积实现更高的工作频率, 使电路效率提升22.8%。

关键词: 后量子密码, 多项式乘法, 数论变换, 蝶形运算, FPGA

CHEN Zhaohui, MA Yuan, JING Jiwu. Hardware Optimization and Evaluation for Crucial Modules of Lattice-Based Cryptography[J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2021, 57(4): 595-604.

陈朝晖, 马原, 荆继武. 格密码关键运算模块的硬件实现优化与评估[J]. 北京大学学报自然科学版, 2021, 57(4): 595-604.

[1]	XIE Hao, CAO Jian, LI Pu, ZHAO Xiongbo, ZHANG Xing. A Hardware Accelerator for SSD Object Detection Algorithm Based on FPGA [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2022, 58(6): 1015-1022.
[2]	LIAO Nan, CUI Xiaoxin, LIAO Kai, WANG Tian, YU Dunshan, CHENG Yufang. A Non-invasive Fault Attack on FPGA-based Cryptographic Applications [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2016, 52(2): 193-198.
[3]	YONG Shanshan,WANG Xin’an,CAO Ying,ZHANG Fangni,SHI Xiaolong,XIE Zheng. Reconfigurable Operators Array: Architecture and Modeling [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2014, 50(4): 761-767.
[4]	CAO Jian,JIAO Hai,WANG Yuan,ZHANG Xing. Volumetric Display System Based on FPGA and DLP Technologies [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2014, 50(4): 605-610.
[5]	HUANG Ying,CUI Xiaoxin,WEI Wei,ZHANG Xiao,LIAO Kai,LIAO Nan,YU Dunshan. Research on DPA Resistant Circuit for FPGA [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2014, 50(4): 652-656.
[6]	ZHANG Xiao,CUI Xiaoxin,WEI Wei,HUANG Ying,LIAO Kai,LIAO Nan,YU Dunshan. Correlation Electromagnetic Analysis Attacks against an FPGA Implementation of AES [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2014, 50(4): 647-651.
[7]	LI Yuwen,ZHANG Xing,JIANG Anping. Design of AES Coprocessor Used on the Node of Wireless Sensor Network [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2009, 45(3): 426-430.
[8]	LIN Teng,FENG Jianhua,ZHAO Jianbing,WANG Yangyuan. A Novel Scheme for Application-Dependent Testing of FPGAs [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2009, 45(3): 402-408.
[9]	LI Ying,LU Weijun,YU Dunshan,ZHANG Xing. A Resource Optimizing Algorithm in FPGA Based High Speed FIR Digital Filters [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2009, 45(2): 222-226.
[10]	WANG Jian,JIANG Anping,SHENG Shimin. A Dual Finite Fields Algorithm for Elliptic Curve Cryptosystem and FPGA Implementation [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2008, 44(6): 871-876.
[11]	QIAO Hua,GUAN Wu,DONG Mingke,XIANG Haige. Design and Implementation of LDPC Decoder with High Throughput [J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2008, 44(3): 347-352.

Hardware Optimization and Evaluation for Crucial Modules of Lattice-Based Cryptography

格密码关键运算模块的硬件实现优化与评估

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 11

Recommended Articles

Metrics