Print Email Facebook Twitter A scalable SIMD RISC-V based processor with customized vector extensions for CRYSTALS-kyber Title A scalable SIMD RISC-V based processor with customized vector extensions for CRYSTALS-kyber Author Li, H. (TU Delft Cyber Security) Mentens, Nele (Universiteit Leiden; Katholieke Universiteit Leuven) Picek, S. (TU Delft Cyber Security; Radboud Universiteit Nijmegen) Date 2022 Abstract This paper uses RISC-V vector extensions to speed up lattice-based operations in architectures based on HW/SW co-design. We analyze the structure of the number-theoretic transform (NTT), inverse NTT (INTT), and coefficient-wise multiplication (CWM) in CRYSTALS-Kyber, a lattice-based key encapsulation mechanism. We propose 12 vector extensions for CRYSTALS-Kyber multiplication and four for finite field operations in combination with two optimizations of the HW/SW interface. This results in a speed-up of 141.7, 168.7, and 245.5 times for NTT, INTT, and CWM, respectively, compared with the baseline implementation, and a speed-up of over four times compared with the state-of-the-art HW/SW co-design using RV32IMC. Subject ISA extensionlattice-based cryptographypolynomial operationRISC-VSIMD processorvector instruction To reference this document use: http://resolver.tudelft.nl/uuid:fce3c05c-fd1d-436c-8404-09291c52b840 DOI https://doi.org/10.1145/3489517.3530552 Publisher Institute of Electrical and Electronics Engineers (IEEE) ISBN 9781450391429 Source Proceedings of the 59th ACM/IEEE Design Automation Conference, DAC 2022 Event 59th ACM/IEEE Design Automation Conference, DAC 2022, 2022-07-10 → 2022-07-14, San Francisco, United States Series Proceedings - Design Automation Conference, 0738-100X Part of collection Institutional Repository Document type conference paper Rights © 2022 H. Li, Nele Mentens, S. Picek Files PDF 3489517.3530552.pdf 1.54 MB Close viewer /islandora/object/uuid:fce3c05c-fd1d-436c-8404-09291c52b840/datastream/OBJ/view