Efficient arithmetic for lattice-based cryptography: special session paper

Lattice-based cryptography is a promising family of post quantum algorithms. Contrary to other approaches, lattice-based primitives are extremely versatile and allow the realisation of several essential cryptographic primitives, such as encryption and digital signatures. In addition, they enable more sophisicated schemes to be constructed, such as Identity-based and Attribute-based Encryption, and even Fully Homomorphic Encryption. However, lattice-based cryptography requires novel implementations of several computationally intensive building blocks, for example discrete sampling (often from a Gaussian distribution) and Number Theoretic Transforms. This paper reviews the state-of-the-art in efficient designs for these core components in hardware and software.

[1]  Erdem Alkim,et al.  Post-quantum Key Exchange - A New Hope , 2016, USENIX Security Symposium.

[2]  Damien Stehlé,et al.  CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM , 2017, 2018 IEEE European Symposium on Security and Privacy (EuroS&P).

[3]  Frederik Vercauteren,et al.  Compact Ring-LWE Cryptoprocessor , 2014, CHES.

[4]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[5]  Patrick Longa,et al.  Speeding up the Number Theoretic Transform for Faster Ideal Lattice-Based Cryptography , 2016, CANS.

[6]  Markku-Juhani O. Saarinen Arithmetic coding and blinding countermeasures for lattice signatures , 2018, Journal of Cryptographic Engineering.

[7]  Léo Ducas,et al.  Lattice Signatures and Bimodal Gaussians , 2013, IACR Cryptol. ePrint Arch..

[8]  Tim Güneysu,et al.  An Investigation of Sources of Randomness Within Discrete Gaussian Sampling , 2017, IACR Cryptol. ePrint Arch..

[9]  Tim Güneysu,et al.  High-Performance Ideal Lattice-Based Cryptography on 8-Bit ATxmega Microcontrollers , 2015, LATINCRYPT.

[10]  Máire O'Neill,et al.  Lattice-based encryption over standard lattices in hardware , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[11]  Léo Ducas,et al.  Accelerating Bliss: the geometry of ternary polynomials , 2014, IACR Cryptol. ePrint Arch..

[12]  Tim Güneysu,et al.  Towards lightweight Identity-Based Encryption for the post-quantum-secure Internet of Things , 2017, 2017 18th International Symposium on Quality Electronic Design (ISQED).

[13]  Sedat Akleylek,et al.  An Efficient Lattice-Based Signature Scheme with Provably Secure Instantiation , 2016, AFRICACRYPT.

[14]  Peter W. Shor Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1999 .

[15]  Peter Pessl,et al.  Analyzing the Shuffling Side-Channel Countermeasure for Lattice-Based Signatures , 2016, INDOCRYPT.

[16]  Lov K. Grover A fast quantum mechanical algorithm for database search , 1996, STOC '96.

[17]  Ayesha Khalid,et al.  On Practical Discrete Gaussian Samplers for Lattice-Based Cryptography , 2018, IEEE Transactions on Computers.

[18]  Léo Ducas,et al.  Efficient Identity-Based Encryption over NTRU Lattices , 2014, ASIACRYPT.

[19]  Daniele Micciancio,et al.  Gaussian Sampling over the Integers: Efficient, Generic, Constant-Time , 2017, CRYPTO.

[20]  Tanja Lange,et al.  Flush, Gauss, and reload : a cache attack on the BLISS lattice-based signature scheme , 2016 .

[21]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[22]  Tim Güneysu,et al.  Beyond ECDSA and RSA: Lattice-based digital signatures on constrained devices , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[23]  Damien Stehlé,et al.  CRYSTALS - Dilithium: Digital Signatures from Module Lattices , 2017, IACR Cryptol. ePrint Arch..

[24]  Erkay Savas,et al.  Implementation and Evaluation of Improved Gaussian Sampling for Lattice Trapdoors , 2017, IACR Cryptol. ePrint Arch..

[25]  Tim Güneysu,et al.  Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware , 2012, LATINCRYPT.

[26]  Miklós Ajtai,et al.  Generating hard instances of lattice problems (extended abstract) , 1996, STOC '96.