论文信息 - Efficient polynomial multiplier architecture for Ring-LWE based public key cryptosystems

Efficient polynomial multiplier architecture for Ring-LWE based public key cryptosystems

The most critical and computationally intensive operation of Ring-LWE based public key cryptosystems is polynomial multiplication. In this paper, we introduce several optimization techniques to speed up polynomial multiplication with the number theoretic transform (NTT). We propose to pre-compute N TT of the constant polynomial to reduce the number of NTT computations. In order to reduce the cost of bit-reverse operation, a optimization technique is introduced to perform it on-the-fly. We also present a technique to improve the utilization rate of the butterfly operator. Moreover, the cancellation lemma is exploited to reduce the required ROM storage. Based on these optimizations, we present a versatile pipelined polynomial multiplication architecture, which takes around (n lg n + 1.5n) clock cycles to calculate the product of two n-degree polynomials. Experimental results on a Spartan-6 FPGA show that our polynomial multiplier achieves a speedup of 2.04 on average and consumes less hardware resources when compared with the state of art of efficient implementation.

Chaohui Du | Guoqiang Bai | Guoqiang Bai | Chaohui Du

[1] Miklós Ajtai,et al. Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.

[2] Vadim Lyubashevsky,et al. Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[3] Chris Peikert,et al. On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[4] Daniel J. Bernstein,et al. Introduction to post-quantum cryptography , 2009 .

[5] J. Pollard,et al. The fast Fourier transform in a finite field , 1971 .

[6] Franz Winkler,et al. Polynomial Algorithms in Computer Algebra , 1996, Texts and Monographs in Symbolic Computation.

[7] Tim Güneysu,et al. Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware , 2012, LATINCRYPT.

[8] Chris Peikert,et al. Better Key Sizes (and Attacks) for LWE-Based Encryption , 2011, CT-RSA.

[9] Craig Gentry,et al. Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[10] Frederik Vercauteren,et al. Compact Ring-LWE Cryptoprocessor , 2014, CHES.

[11] Patrick Schaumont,et al. Low-cost and area-efficient FPGA implementations of lattice-based cryptography , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[12] Ronald L. Rivest,et al. Introduction to Algorithms, 3rd Edition , 2009 .

[13] Peter W. Shor,et al. Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.