Exploring Energy Efficient Quantum-resistant Signal Processing Using Array Processors

Quantum computers threaten to break public-key cryptography schemes such as DSA and ECDSA in polynomial time, which poses an imminent threat to secure signal processing. Ring learning with error (RLWE) lattice-based cryptography (LBC) is one of the most promising families of post-quantum cryptography (PQC) schemes in terms of efficiency and versatility. Two conventional methods to compute polynomial multiplication, the most compute-intensive routine in the RLWE schemes, are convolutions and Number Theoretic Transform (NTT).In this work, we explore the energy efficiency of polynomial multiplier using systolic architecture for the first time. As an early exploration, we design two high-throughput systolic array polynomial multipliers, including NTT-based and convolution-based, and compare them to our low-cost sequential (non-systolic) NTT-based multiplier. Our sequential NTT-based multiplier achieves 3x speedup over the state-of-the-art FGPA implementation of the polynomial multiplier in the NewHope-Simple key exchange mechanism on a low-cost Artix7 FPGA. When synthesized on a Zynq UltraScale+ FPGA, the NTT-based systolic and convolution-based systolic designs achieve on average 1.7x and 7.5x speedup over our sequential NTT-based multiplier respectively, which can lead to generating over 2x more signatures per second by CRYSTALS-Dilithium, a PQC digital signature scheme. These explorations help designers select the right PQC implementations for making future signal processing applications quantum-resistant.

[1]  W. M. Gentleman,et al.  Fast Fourier Transforms: for fun and profit , 1966, AFIPS '66 (Fall).

[2]  J. Tukey,et al.  An algorithm for the machine calculation of complex Fourier series , 1965 .

[3]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[4]  Craig Costello,et al.  Frodo: Take off the Ring! Practical, Quantum-Secure Key Exchange from LWE , 2016, IACR Cryptol. ePrint Arch..

[5]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[6]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[7]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[8]  Nikil D. Dutt,et al.  Post-Quantum Lattice-Based Cryptography Implementations , 2019, ACM Comput. Surv..

[9]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[10]  Kurt Rohloff,et al.  An FPGA co-processor implementation of Homomorphic Encryption , 2014, 2014 IEEE High Performance Extreme Computing Conference (HPEC).

[11]  Nikil Dutt,et al.  Synthesis of Flexible Accelerators for Early Adoption of Ring-LWE Post-quantum Cryptography , 2020, ACM Trans. Embed. Comput. Syst..

[12]  Nikil Dutt,et al.  Flexible NTT Accelerators for RLWE Lattice-Based Cryptography , 2019, 2019 IEEE 37th International Conference on Computer Design (ICCD).

[13]  Tim Güneysu,et al.  Implementing the NewHope-Simple Key Exchange on Low-Cost FPGAs , 2017, LATINCRYPT.

[14]  Mats Torkelson,et al.  A new approach to pipeline FFT processor , 1996, Proceedings of International Conference on Parallel Processing.

[15]  H. T. Kung Why systolic architectures? , 1982, Computer.

[16]  Anantha P. Chandrakasan,et al.  Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols , 2019, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[17]  Nikil D. Dutt,et al.  Domain-specific Accelerators for Ideal Lattice-based Public Key Protocols , 2018, IACR Cryptol. ePrint Arch..

[18]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[19]  Jaime Velasco-Medina,et al.  High-Throughput Ring-LWE Cryptoprocessors , 2017, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[20]  Michael Naehrig,et al.  Accelerating Homomorphic Evaluation on Reconfigurable Hardware , 2015, CHES.