Post-Quantum Lattice-Based Cryptography Implementations

The advent of quantum computing threatens to break many classical cryptographic schemes, leading to innovations in public key cryptography that focus on post-quantum cryptography primitives and protocols resistant to quantum computing threats. Lattice-based cryptography is a promising post-quantum cryptography family, both in terms of foundational properties as well as in its application to both traditional and emerging security problems such as encryption, digital signature, key exchange, and homomorphic encryption. While such techniques provide guarantees, in theory, their realization on contemporary computing platforms requires careful design choices and tradeoffs to manage both the diversity of computing platforms (e.g., high-performance to resource constrained), as well as the agility for deployment in the face of emerging and changing standards. In this work, we survey trends in lattice-based cryptographic schemes, some recent fundamental proposals for the use of lattices in computer security, challenges for their implementation in software and hardware, and emerging needs for their adoption. The survey means to be informative about the math to allow the reader to focus on the mechanics of the computation ultimately needed for mapping schemes on existing hardware or synthesizing part or all of a scheme on special-purpose har dware.

[1]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[2]  Daniele Micciancio,et al.  Faster exponential time algorithms for the shortest vector problem , 2010, SODA '10.

[3]  Frederik Vercauteren,et al.  Efficient software implementation of ring-LWE encryption , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[4]  Carl Eklund,et al.  National Institute for Standards and Technology , 2009, Encyclopedia of Biometrics.

[5]  Chunsheng Gu Integer Version of Ring-LWE and its Applications , 2017, IACR Cryptol. ePrint Arch..

[6]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[7]  Chen-Mou Cheng,et al.  Post-Quantum Key Exchange on FPGAs , 2017, IACR Cryptol. ePrint Arch..

[8]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[9]  Daniele Micciancio,et al.  Worst-case to average-case reductions based on Gaussian measures , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[10]  Tim Güneysu,et al.  Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems , 2012, CHES.

[11]  Douglas Stebila,et al.  Post-quantum Key Exchange for the Internet and the Open Quantum Safe Project , 2016, SAC.

[12]  Paulo S. L. M. Barreto,et al.  Sharper Ring-LWE Signatures , 2016, IACR Cryptol. ePrint Arch..

[13]  Chris Peikert,et al.  An Efficient and Parallel Gaussian Sampler for Lattices , 2010, CRYPTO.

[14]  Arnold Schönhage,et al.  Schnelle Multiplikation großer Zahlen , 1971, Computing.

[15]  Frederik Vercauteren,et al.  High-Speed Polynomial Multiplication Architecture for Ring-LWE and SHE Cryptosystems , 2015, IEEE Transactions on Circuits and Systems I: Regular Papers.

[16]  Chaohui Du,et al.  Efficient polynomial multiplier architecture for Ring-LWE based public key cryptosystems , 2016, 2016 IEEE International Symposium on Circuits and Systems (ISCAS).

[17]  William Whyte,et al.  Choosing Parameters for NTRUEncrypt , 2017, CT-RSA.

[18]  Óscar García-Morchón,et al.  DTLS-HIMMO: Achieving DTLS Certificate Security with Symmetric Key Overhead , 2015, ESORICS.

[19]  S. Cook,et al.  ON THE MINIMUM COMPUTATION TIME OF FUNCTIONS , 1969 .

[20]  Máire O'Neill,et al.  Practical Lattice-Based Digital Signature Schemes , 2015, ACM Trans. Embed. Comput. Syst..

[21]  Peter Schwabe,et al.  High-Speed Signatures from Standard Lattices , 2014, LATINCRYPT.

[22]  Daniel Dadush,et al.  Solving the Shortest Vector Problem in 2n Time Using Discrete Gaussian Sampling: Extended Abstract , 2014, STOC.

[23]  H. Nussbaumer,et al.  Fast polynomial transform algorithms for digital convolution , 1980 .

[24]  Chaohui Du,et al.  Towards efficient polynomial multiplication for lattice-based cryptography , 2016, 2016 IEEE International Symposium on Circuits and Systems (ISCAS).

[25]  Zhe Liu,et al.  Efficient Ring-LWE Encryption on 8-Bit AVR Processors , 2015, CHES.

[26]  Arjun Chopra,et al.  Improved Parameters for the Ring-TESLA Digital Signature Scheme , 2016, IACR Cryptol. ePrint Arch..

[27]  Tancrède Lepoint,et al.  NFLlib: NTT-Based Fast Lattice Library , 2016, CT-RSA.

[28]  Óscar García-Morchón,et al.  spKEX: An optimized lattice-based key exchange , 2017, IACR Cryptol. ePrint Arch..

[29]  Ayesha Khalid,et al.  On Practical Discrete Gaussian Samplers for Lattice-Based Cryptography , 2018, IEEE Transactions on Computers.

[30]  Chaohui Du,et al.  High-performance software implementation of discrete Gaussian sampling for lattice-based cryptography , 2016, 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference.

[31]  Arjun Chopra,et al.  GLYPH: A New Insantiation of the GLP Digital Signature Scheme , 2017, IACR Cryptol. ePrint Arch..

[32]  Daniel J. Bernstein,et al.  The Salsa20 Family of Stream Ciphers , 2008, The eSTREAM Finalists.

[33]  Erdem Alkim,et al.  NewHope on ARM Cortex-M , 2016, SPACE.

[34]  Máire O'Neill,et al.  Evaluation of Large Integer Multiplication Methods on Hardware , 2017, IEEE Transactions on Computers.

[35]  Frederik Vercauteren,et al.  Compact Ring-LWE Cryptoprocessor , 2014, CHES.

[36]  Tanja Lange,et al.  NTRU Prime: Reducing Attack Surface at Low Cost , 2017, SAC.

[37]  Peter Schwabe,et al.  Software Speed Records for Lattice-Based Signatures , 2013, PQCrypto.

[38]  Raj Katti,et al.  Discrete Gaussian sampling for low-power devices , 2015, 2015 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM).

[39]  Frederik Vercauteren,et al.  High Precision Discrete Gaussian Sampling on FPGAs , 2013, Selected Areas in Cryptography.

[40]  Damien Stehlé,et al.  CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM , 2017, 2018 IEEE European Symposium on Security and Privacy (EuroS&P).

[41]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[42]  Ron Steinfeld,et al.  Efficient Public Key Encryption Based on Ideal Lattices , 2009, ASIACRYPT.

[43]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[44]  Shu-jen H. Chang,et al.  SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash , 2016 .

[45]  Morris J. Dworkin,et al.  SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions , 2015 .

[46]  Tim Güneysu,et al.  Lattice-Based Signatures: Optimization and Implementation on Reconfigurable Hardware , 2015, IEEE Transactions on Computers.

[47]  Abhishek Banerjee,et al.  Pseudorandom Functions and Lattices , 2012, EUROCRYPT.

[48]  W. M. Gentleman,et al.  Fast Fourier Transforms: for fun and profit , 1966, AFIPS '66 (Fall).

[49]  Ron Steinfeld,et al.  Making NTRU as Secure as Worst-Case Problems over Ideal Lattices , 2011, EUROCRYPT.

[50]  Frederik Vercauteren,et al.  Saber: Module-LWR based key exchange, CPA-secure encryption and CCA-secure KEM , 2018, IACR Cryptol. ePrint Arch..

[51]  Donald Ervin Knuth,et al.  The Art of Computer Programming, Volume II: Seminumerical Algorithms , 1970 .

[52]  Craig Costello,et al.  Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem , 2015, 2015 IEEE Symposium on Security and Privacy.

[53]  Frederik Vercauteren,et al.  Compact and Side Channel Secure Discrete Gaussian Sampling , 2014, IACR Cryptol. ePrint Arch..

[54]  Bilgiday Yuce,et al.  The Future of Real-Time Security , 2015, ACM Trans. Embed. Comput. Syst..

[55]  Tsuyoshi Takagi,et al.  Portable Implementation of Lattice-Based Cryptography Using JavaScript , 2015, 2015 Third International Symposium on Computing and Networking (CANDAR).

[56]  Léo Ducas,et al.  Faster Gaussian Lattice Sampling Using Lazy Floating-Point Arithmetic , 2012, ASIACRYPT.

[57]  Johannes A. Buchmann,et al.  Discrete Ziggurat: A Time-Memory Trade-off for Sampling from a Gaussian Distribution over the Integers , 2013, IACR Cryptol. ePrint Arch..

[58]  Máire O'Neill,et al.  Lattice-based cryptography: From reconfigurable hardware to ASIC , 2016, 2016 International Symposium on Integrated Circuits (ISIC).

[59]  Tim Güneysu,et al.  Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware , 2012, LATINCRYPT.

[60]  Chris Peikert,et al.  Better Key Sizes (and Attacks) for LWE-Based Encryption , 2011, CT-RSA.

[61]  Jintai Ding,et al.  A Simple Provably Secure Key Exchange Scheme Based on the Learning with Errors Problem , 2012, IACR Cryptol. ePrint Arch..

[62]  Rachid El Bansarkhani LARA - A Design Concept for Lattice-based Encryption , 2019, IACR Cryptol. ePrint Arch..

[63]  David Cash,et al.  Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems , 2009, CRYPTO.

[64]  Chaohui Du,et al.  Towards efficient discrete Gaussian sampling for lattice-based cryptography , 2015, 2015 25th International Conference on Field Programmable Logic and Applications (FPL).

[65]  William Whyte,et al.  Transcript Secure Signatures Based on Modular Lattices , 2014, PQCrypto.

[66]  Chaohui Du,et al.  High-speed polynomial multiplier architecture for ring-LWE based public key cryptosystems , 2016, 2016 International Great Lakes Symposium on VLSI (GLSVLSI).

[67]  Eike Kiltz,et al.  A Modular Analysis of the Fujisaki-Okamoto Transformation , 2017, TCC.

[68]  Léo Ducas,et al.  Fast Fourier Orthogonalization , 2016, IACR Cryptol. ePrint Arch..

[69]  Zhe Liu,et al.  High-Performance Ideal Lattice-Based Cryptography on 8-Bit AVR Microcontrollers , 2017, ACM Trans. Embed. Comput. Syst..

[70]  Steven D. Galbraith,et al.  Sampling from discrete Gaussians for lattice-based cryptography on a constrained device , 2014, Applicable Algebra in Engineering, Communication and Computing.

[71]  Tim Güneysu,et al.  Beyond ECDSA and RSA: Lattice-based digital signatures on constrained devices , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[72]  Ravi Kumar,et al.  A sieve algorithm for the shortest lattice vector problem , 2001, STOC '01.

[73]  William Whyte,et al.  A signature scheme from Learning with Truncation , 2017, IACR Cryptol. ePrint Arch..

[74]  Paul Galdone,et al.  The Three Bears , 1972 .

[75]  Nikil Dutt,et al.  Software and Hardware Implementation of Lattice-Cased Cryptography Schemes , 2017 .

[76]  Léo Ducas,et al.  Efficient Identity-Based Encryption over NTRU Lattices , 2014, ASIACRYPT.

[77]  Daniele Micciancio,et al.  Gaussian Sampling over the Integers: Efficient, Generic, Constant-Time , 2017, CRYPTO.

[78]  Octavian Cret,et al.  Implementing Modular FFTs in FPGAs -- A Basic Block for Lattice-Based Cryptography , 2013, 2013 Euromicro Conference on Digital System Design.

[79]  Tim Güneysu,et al.  Enhanced Lattice-Based Signatures on Reconfigurable Hardware , 2014, CHES.

[80]  Erdem Alkim,et al.  Post-quantum Key Exchange - A New Hope , 2016, USENIX Security Symposium.

[81]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[82]  Juliane Krämer,et al.  Bounding the Cache-Side-Channel Leakage of Lattice-Based Signature Schemes Using Program Semantics , 2017, FPS.

[83]  Pavel Emeliyanenko,et al.  Efficient Multiplication of Polynomials on Graphics Hardware , 2009, APPT.

[84]  Damien Stehlé,et al.  Classical hardness of learning with errors , 2013, STOC '13.

[85]  Vadim Lyubashevsky,et al.  Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures , 2009, ASIACRYPT.

[86]  Markku-Juhani O. Saarinen Gaussian Sampling Precision and Information Leakage in Lattice Cryptography , 2015, IACR Cryptol. ePrint Arch..

[87]  Sied Ali Ansarmohammadi,et al.  Fast and area efficient implementation for chaotic image encryption algorithms , 2015, 2015 18th CSI International Symposium on Computer Architecture and Digital Systems (CADS).

[88]  Tim Güneysu,et al.  High-Performance Ideal Lattice-Based Cryptography on 8-Bit ATxmega Microcontrollers , 2015, LATINCRYPT.

[89]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[90]  Erdem Alkim,et al.  NewHope without reconciliation , 2016, IACR Cryptol. ePrint Arch..

[91]  Damien Stehlé,et al.  CRYSTALS - Dilithium: Digital Signatures from Module Lattices , 2017, IACR Cryptol. ePrint Arch..

[92]  Markku-Juhani O. Saarinen HILA5: On Reliability, Reconciliation, and Error Correction for Ring-LWE Encryption , 2017, SAC.

[93]  William Whyte,et al.  NAEP: Provable Security in the Presence of Decryption Failures , 2003, IACR Cryptol. ePrint Arch..

[94]  Daniele Micciancio,et al.  Cryptographic Functions from Worst-Case Complexity Assumptions , 2010, The LLL Algorithm.

[95]  Aydin Aysu,et al.  Precomputation Methods for Hash-Based Signatures on Energy-Harvesting Platforms , 2016, IEEE Transactions on Computers.

[96]  Daniele Micciancio Lattice-Based Cryptography , 2011, Encyclopedia of Cryptography and Security.

[97]  Tim Güneysu,et al.  High-Performance and Lightweight Lattice-Based Public-Key Encryption , 2016, IoTPTS@AsiaCCS.

[98]  Markku-Juhani O. Saarinen Gaussian Sampling Precision in Lattice Cryptography , 2015 .

[99]  Shay Gueron,et al.  Speeding up R-LWE Post-quantum Key Exchange , 2016, NordSec.

[100]  Chris Peikert,et al.  Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller , 2012, IACR Cryptol. ePrint Arch..

[101]  J. Tukey,et al.  An Algorithm for the Machine Calculation of , 2016 .

[102]  Sedat Akleylek,et al.  On the Efficiency of Polynomial Multiplication for Lattice-Based Cryptography on GPUs Using CUDA , 2015, BalkanCryptSec.

[103]  Alexander W. Dent,et al.  A Designer's Guide to KEMs , 2003, IMACC.

[104]  Peter Schwabe,et al.  High-speed key encapsulation from NTRU , 2017, IACR Cryptol. ePrint Arch..

[105]  Silvan Streit,et al.  Post-Quantum Key Exchange on ARMv8-A: A New Hope for NEON Made Simple , 2018, IEEE Transactions on Computers.

[106]  G. Long Grover algorithm with zero theoretical failure rate , 2001, quant-ph/0106071.

[107]  Paul G. Comba,et al.  Exponentiation Cryptosystems on the IBM PC , 1990, IBM Syst. J..

[108]  Oded Goldreich,et al.  Public-Key Cryptosystems from Lattice Reduction Problems , 1996, CRYPTO.

[109]  Ron Steinfeld,et al.  Middle-Product Learning with Errors , 2017, CRYPTO.

[110]  Tim Güneysu,et al.  Implementing the NewHope-Simple Key Exchange on Low-Cost FPGAs , 2017, LATINCRYPT.

[111]  Martin Fürer Faster integer multiplication , 2007, STOC '07.

[112]  Scott R. Fluhrer,et al.  Cryptanalysis of ring-LWE based key exchange with key share reuse , 2016, IACR Cryptol. ePrint Arch..

[113]  Andrew Chi-Chih Yao,et al.  The complexity of nonuniform random number generation , 1976 .

[114]  Wayne Luk,et al.  Gaussian random number generators , 2007, CSUR.

[115]  Erdem Alkim,et al.  Revisiting TESLA in the Quantum Random Oracle Model , 2017, PQCrypto.

[116]  Patrick Schaumont,et al.  Low-cost and area-efficient FPGA implementations of lattice-based cryptography , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[117]  Juliane Krämer,et al.  Lattice-Based Signature Schemes and Their Sensitivity to Fault Attacks , 2016, 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[118]  Jung Hee Cheon,et al.  Lizard: Cut off the Tail! // Practical Post-Quantum Public-Key Encryption from LWE and LWR , 2018, IACR Cryptol. ePrint Arch..

[119]  Shi Bai,et al.  An Improved Compression Technique for Signatures Based on Learning with Errors , 2014, CT-RSA.

[120]  Chaohui Du,et al.  A Family of Scalable Polynomial Multiplier Architectures for Ring-LWE Based Cryptosystems , 2016, IACR Cryptol. ePrint Arch..

[121]  Kassem Kalach,et al.  Hardware Complexity of Modular Multiplication and Exponentiation , 2007, IEEE Transactions on Computers.

[122]  Chen-Mou Cheng,et al.  High Performance Post-Quantum Key Exchange on FPGAs , 2021, J. Inf. Sci. Eng..

[123]  Eike Kiltz,et al.  A Concrete Treatment of Fiat-Shamir Signatures in the Quantum Random-Oracle Model , 2018, IACR Cryptol. ePrint Arch..

[124]  Frederik Vercauteren,et al.  Masking ring-LWE , 2016, Journal of Cryptographic Engineering.

[125]  M. E. Muller,et al.  A Note on the Generation of Random Normal Deviates , 1958 .

[126]  Rasool Jalili,et al.  Implementation and Comparison of Lattice-based Identification Protocols on Smart Cards and Microcontrollers , 2014, IACR Cryptol. ePrint Arch..

[127]  Nikil D. Dutt,et al.  Domain-specific Accelerators for Ideal Lattice-based Public Key Protocols , 2018, IACR Cryptol. ePrint Arch..

[128]  Sedat Akleylek,et al.  An Efficient Lattice-Based Signature Scheme with Provably Secure Instantiation , 2016, AFRICACRYPT.

[129]  Thomas Poppelmann,et al.  Area optimization of lightweight lattice-based encryption on reconfigurable hardware , 2014, 2014 IEEE International Symposium on Circuits and Systems (ISCAS).

[130]  Sorin A. Huss,et al.  On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes , 2012, CHES.

[131]  Léo Ducas,et al.  Accelerating Bliss: the geometry of ternary polynomials , 2014, IACR Cryptol. ePrint Arch..

[132]  Erdem Alkim,et al.  Sparse polynomial multiplication for lattice-based cryptography with small complexity , 2015, The Journal of Supercomputing.

[133]  William Whyte,et al.  NTRUSIGN: Digital Signatures Using the NTRU Lattice , 2003, CT-RSA.

[134]  Máire O'Neill,et al.  Time-independent discrete Gaussian sampling for post-quantum cryptography , 2016, 2016 International Conference on Field-Programmable Technology (FPT).

[135]  Zhenfei Zhang,et al.  Falcon: Fast-Fourier Lattice-based Compact Signatures over NTRU , 2019 .

[136]  Tatsuaki Okamoto,et al.  How to Enhance the Security of Public-Key Encryption at Minimum Cost , 1999, Public Key Cryptography.

[137]  Franz Winkler,et al.  Polynomial Algorithms in Computer Algebra , 1996, Texts and Monographs in Symbolic Computation.

[138]  Ron Steinfeld,et al.  Improved Security Proofs in Lattice-Based Cryptography: Using the Rényi Divergence Rather than the Statistical Distance , 2015, Journal of Cryptology.

[139]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[140]  Tim Güneysu,et al.  Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware , 2013, Selected Areas in Cryptography.

[141]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[142]  Ray C. C. Cheung,et al.  Parameter Space for the Architecture of FFT-Based Montgomery Modular Multiplication , 2016, IEEE Transactions on Computers.

[143]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[144]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[145]  Patrick Longa,et al.  Speeding up the Number Theoretic Transform for Faster Ideal Lattice-Based Cryptography , 2016, CANS.

[146]  Chris Peikert,et al.  Lattice Cryptography for the Internet , 2014, PQCrypto.

[147]  Máire O'Neill,et al.  Lattice-based encryption over standard lattices in hardware , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[148]  Daniele Micciancio,et al.  On Bounded Distance Decoding, Unique Shortest Vectors, and the Minimum Distance Problem , 2009, CRYPTO.

[149]  Rachid El Bansarkhani,et al.  Improvement and Efficient Implementation of a Lattice-Based Signature Scheme , 2013, Selected Areas in Cryptography.

[150]  Damien Stehlé,et al.  Worst-case to average-case reductions for module lattices , 2014, Designs, Codes and Cryptography.

[151]  Máire O'Neill,et al.  Compact and provably secure lattice-based signatures in hardware , 2017, 2017 IEEE International Symposium on Circuits and Systems (ISCAS).

[152]  Markku-Juhani O. Saarinen Ring-LWE Ciphertext Compression and Error Correction: Tools for Lightweight Post-Quantum Cryptography , 2017, IACR Cryptol. ePrint Arch..

[153]  Thomas Pöppelmann,et al.  Efficient implementation of ideal lattice-based cryptography , 2017, it Inf. Technol..

[154]  Craig Costello,et al.  Frodo: Take off the Ring! Practical, Quantum-Secure Key Exchange from LWE , 2016, IACR Cryptol. ePrint Arch..

[155]  Markku-Juhani O. Saarinen Arithmetic coding and blinding countermeasures for lattice signatures , 2018, Journal of Cryptographic Engineering.

[156]  Rasool Jalili,et al.  On Constrained Implementation of Lattice-Based Cryptographic Primitives and Schemes on Smart Cards , 2015, ACM Trans. Embed. Comput. Syst..

[157]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[158]  Thomas Prest,et al.  Gaussian Sampling in Lattice-Based Cryptography , 2015 .

[159]  G. Marsaglia,et al.  The Ziggurat Method for Generating Random Variables , 2000 .

[160]  Zhengzhong Jin,et al.  Optimal Key Consensus in Presence of Noise , 2016, IACR Cryptol. ePrint Arch..