Fast Modular Multipliers for Supersingular Isogeny-Based Post-Quantum Cryptography

As one of the postquantum protocol candidates, the supersingular isogeny key encapsulation (SIKE) protocol delivers promising public and secret key sizes over other candidates. Nevertheless, the considerable computations form the bottleneck and limit its practical applications. The modular multiplication operations occupy a large proportion of the overall computations required by the SIKE protocol. The VLSI implementation of the high-speed modular multiplier remains a big challenge. In this article, we propose three improved modular multiplication algorithms based on an unconventional radix for this protocol, all of which cost about 20% fewer computations than the prior art. Besides, a multiprecision scheme is also introduced for the proposed algorithms to improve the scalability in hardware implementation, resulting in three new algorithms. We then present very efficient high-speed constant-time modular multiplier architectures for the six algorithms. It is shown that these new architectures can be extensively pipelined and highly optimized to obtain high throughput and low latency. The field-programmable gate array (FPGA) implementation results show that all proposed multipliers achieve much higher throughput than previous designs, but the increase in resources is relatively small. In addition, the multipliers without the multiprecision scheme have very low latency, which is very friendly to high-speed applications of the SIKE protocol.

[1]  Matthew B. Hastings,et al.  Hybrid quantum-classical approach to correlated materials , 2015, 1510.03859.

[2]  Reza Azarderakhsh,et al.  NEON SIKE: Supersingular Isogeny Key Encapsulation on ARMv7 , 2018, SPACE.

[3]  George W. Reitwiesner,et al.  Binary Arithmetic , 1960, Adv. Comput..

[4]  Eike Kiltz,et al.  A Modular Analysis of the Fujisaki-Okamoto Transformation , 2017, TCC.

[5]  Parviz Keshavarzi,et al.  High-performance scalable architecture for modular multiplication using a new digit-serial computation , 2016, Microelectron. J..

[6]  David Jao,et al.  Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies , 2011, J. Math. Cryptol..

[7]  Christof Paar,et al.  High-Radix Montgomery Modular Exponentiation on Reconfigurable Hardware , 2001, IEEE Trans. Computers.

[8]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[9]  Francisco Rodríguez-Henríquez,et al.  On the cost of computing isogenies between supersingular elliptic curves , 2018, IACR Cryptol. ePrint Arch..

[10]  Daniel Smith-Tone,et al.  Report on Post-Quantum Cryptography , 2016 .

[11]  Frederik Vercauteren,et al.  Efficient Finite field multiplication for isogeny based post quantum cryptography , 2016, IACR Cryptol. ePrint Arch..

[12]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[13]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[14]  Reza Azarderakhsh,et al.  Post-Quantum Cryptography on FPGA Based on Isogenies on Elliptic Curves , 2017, IEEE Transactions on Circuits and Systems I: Regular Papers.

[15]  David Jao,et al.  Isogeny-Based Quantum-Resistant Undeniable Signatures , 2014, PQCrypto.

[16]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[17]  Samuel Jaques,et al.  Quantum cryptanalysis in the RAM model: Claw-finding attacks on SIKE , 2019, IACR Cryptol. ePrint Arch..

[18]  Jun Lin,et al.  Ultra-Fast Modular Multiplication Implementation for Isogeny-Based Post-Quantum Cryptography , 2019, 2019 IEEE International Workshop on Signal Processing Systems (SiPS).

[19]  Parviz Keshavarzi,et al.  High-Throughput Modular Multiplication and Exponentiation Algorithms Using Multibit-Scan–Multibit-Shift Technique , 2015, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[20]  Reza Azarderakhsh,et al.  Key Compression for Isogeny-Based Cryptosystems , 2016, AsiaPKC '16.

[21]  Jean-Pierre Deschamps,et al.  Modular Multiplication and Exponentiation Architectures for Fast RSA Cryptosystem Based on Digit Serial Computation , 2011, IEEE Transactions on Industrial Electronics.

[22]  Zhe Liu,et al.  SIDH on ARM: Faster Modular Multiplications for Faster Post-Quantum Supersingular Isogeny Key Exchange , 2018, IACR Cryptol. ePrint Arch..

[23]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[24]  Jian Ni,et al.  Optimized Modular Multiplication for Supersingular Isogeny Diffie-Hellman , 2019, IEEE Transactions on Computers.

[25]  Reza Azarderakhsh,et al.  A High-Performance and Scalable Hardware Architecture for Isogeny-Based Cryptography , 2018, IEEE Transactions on Computers.

[26]  Parviz Keshavarzi,et al.  Compact SD: a new encoding algorithm and its application in multiplication , 2017, Int. J. Comput. Math..

[27]  Reza Azarderakhsh,et al.  Towards Optimized and Constant-Time CSIDH on Embedded Devices , 2019, COSADE.