Evaluating NTT/INTT implementation styles for post-quantum cryptography

Malik Imran; Safiullah Khan; Ayesha Khalid; Ciara Rafferty; Yasir Ali Shah; Samuel Pagliarini; Muhammad Rashid; Maire O'Neill

doi:10.1109/LES.2024.3410516

Evaluating NTT/INTT implementation styles for post-quantum cryptography

Malik Imran, Safiullah Khan, Ayesha Khalid, Ciara Rafferty, Yasir Ali Shah, Samuel Pagliarini, Muhammad Rashid, Maire O'Neill

School of Electronics, Electrical Engineering and Computer Science

Research output: Contribution to journal › Letter › peer-review

7 Citations (Scopus)

171 Downloads (Pure)

Abstract

Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This work experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: (i) A forward NTT (FNTT) architecture, (ii) An inverse NTT (INTT) architecture and (iii) A unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 FPGA and 28nm ASIC platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66× and 3.75× higher throughput/area and energy/area values respectively than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25× and 1.09× higher throughput/area and energy/area values respectively, compared to the UNTT design.

Original language	English
Number of pages	4
Journal	IEEE Embedded Systems Letters
Early online date	06 Jun 2024
DOIs	https://doi.org/10.1109/LES.2024.3410516
Publication status	Early online date - 06 Jun 2024

Publications and Copyright Policy

This work is licensed under Queen’s Research Publications and Copyright Policy.

Keywords

post-quantum cryptography
number theoretic transform
polynomial multiplication
FPGA
ASIC

Access to Document

10.1109/LES.2024.3410516Licence: Unspecified

Evaluating NTT/INTT implementation styles for post-quantum cryptography
Copyright 2024 the authors. This is an accepted manuscript distributed under a Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium, provided the author and source are cited.
Accepted author manuscript, 951 KBLicence: CC BY

Cite this

@article{33e747c5050c46289a49289334e9f3b1,

title = "Evaluating NTT/INTT implementation styles for post-quantum cryptography",

abstract = "Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This work experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: (i) A forward NTT (FNTT) architecture, (ii) An inverse NTT (INTT) architecture and (iii) A unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 FPGA and 28nm ASIC platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66× and 3.75× higher throughput/area and energy/area values respectively than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25× and 1.09× higher throughput/area and energy/area values respectively, compared to the UNTT design.",

keywords = "post-quantum cryptography, number theoretic transform, polynomial multiplication, FPGA, ASIC",

author = "Malik Imran and Safiullah Khan and Ayesha Khalid and Ciara Rafferty and Shah, {Yasir Ali} and Samuel Pagliarini and Muhammad Rashid and Maire O'Neill",

year = "2024",

month = jun,

day = "6",

doi = "10.1109/LES.2024.3410516",

language = "English",

journal = "IEEE Embedded Systems Letters",

issn = "1943-0663",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - Evaluating NTT/INTT implementation styles for post-quantum cryptography

AU - Imran, Malik

AU - Khan, Safiullah

AU - Khalid, Ayesha

AU - Rafferty, Ciara

AU - Shah, Yasir Ali

AU - Pagliarini, Samuel

AU - Rashid, Muhammad

AU - O'Neill, Maire

PY - 2024/6/6

Y1 - 2024/6/6

N2 - Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This work experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: (i) A forward NTT (FNTT) architecture, (ii) An inverse NTT (INTT) architecture and (iii) A unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 FPGA and 28nm ASIC platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66× and 3.75× higher throughput/area and energy/area values respectively than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25× and 1.09× higher throughput/area and energy/area values respectively, compared to the UNTT design.

AB - Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This work experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: (i) A forward NTT (FNTT) architecture, (ii) An inverse NTT (INTT) architecture and (iii) A unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 FPGA and 28nm ASIC platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66× and 3.75× higher throughput/area and energy/area values respectively than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25× and 1.09× higher throughput/area and energy/area values respectively, compared to the UNTT design.

KW - post-quantum cryptography

KW - number theoretic transform

KW - polynomial multiplication

KW - FPGA

KW - ASIC

U2 - 10.1109/LES.2024.3410516

DO - 10.1109/LES.2024.3410516

M3 - Letter

SN - 1943-0663

JO - IEEE Embedded Systems Letters

JF - IEEE Embedded Systems Letters

ER -

Evaluating NTT/INTT implementation styles for post-quantum cryptography

Abstract

Publications and Copyright Policy

Keywords

Access to Document

Fingerprint

Cite this