A scalable SIMD RISC-V based processor with customized vector extensions for CRYSTALS-kyber

Conference paper (2022)

Authors

H. Li Cyber Security -

Nele Mentens Universiteit Leiden, Katholieke Universiteit Leuven

S. Picek Cyber Security - , Radboud Universiteit Nijmegen

Research Group

Cyber Security () (TU Delft)

DOI

https://doi.org/10.1145/3489517.3530552

RISC-V ISA extension Lattice-based cryptography Polynomial operation SIMD processor Vector instruction

More Info

expand_more

To reference this document use:

http://resolver.tudelft.nl/uuid:fce3c05c-fd1d-436c-8404-09291c52b840

Published Date

2022

Language

English

Faculty

Electrical Engineering, Mathematics and Computer Science

Department

Intelligent Systems

Research Group

Cyber Security

Abstract

This paper uses RISC-V vector extensions to speed up lattice-based operations in architectures based on HW/SW co-design. We analyze the structure of the number-theoretic transform (NTT), inverse NTT (INTT), and coefficient-wise multiplication (CWM) in CRYSTALS-Kyber, a lattice-based key encapsulation mechanism. We propose 12 vector extensions for CRYSTALS-Kyber multiplication and four for finite field operations in combination with two optimizations of the HW/SW interface. This results in a speed-up of 141.7, 168.7, and 245.5 times for NTT, INTT, and CWM, respectively, compared with the baseline implementation, and a speed-up of over four times compared with the state-of-the-art HW/SW co-design using RV32IMC.

Files

3489517.3530552.pdf

(.pdf | 1.54 Mb)