Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
166 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Efficient Algorithm Level Error Detection for Number-Theoretic Transform used for Kyber Assessed on FPGAs and ARM (2403.01215v2)

Published 2 Mar 2024 in cs.CR

Abstract: Polynomial multiplication stands out as a highly demanding arithmetic process in the development of post-quantum cryptosystems. The importance of the number-theoretic transform (NTT) extends beyond post-quantum cryptosystems, proving valuable in enhancing existing security protocols such as digital signature schemes and hash functions. CRYSTALS-KYBER stands out as the sole public key encryption (PKE) algorithm chosen by the National Institute of Standards and Technology (NIST) in its third round selection, making it highly regarded as a leading post-quantum cryptography (PQC) solution. Due to the potential for errors to significantly disrupt the operation of secure, cryptographically-protected systems, compromising data integrity, and safeguarding against side-channel attacks initiated through faults it is essential to incorporate mitigating error detection schemes. This paper introduces algorithm level fault detection schemes in the NTT multiplication using Negative Wrapped Convolution and the NTT tailored for Kyber Round 3, representing a significant enhancement compared to previous research. We evaluate this through the simulation of a fault model, ensuring that the conducted assessments accurately mirror the obtained results. Consequently, we attain a notably comprehensive coverage of errors. Furthermore, we assess the performance of our efficient error detection scheme for Negative Wrapped Convolution on FPGAs to showcase its implementation and resource requirements. Through implementation of our error detection approach on Xilinx/AMD Zynq Ultrascale+ and Artix-7, we achieve a comparable throughput with just a 9% increase in area and 13% increase in latency compared to the original hardware implementations. Finally, we attained an error detection ratio of nearly 100% for the NTT operation in Kyber Round 3, with a clock cycle overhead of 16% on the Cortex-A72 processor.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (25)
  1. W. T. Cochran, J. W. Cooley, D. L. Favin, H. D. Helms, R. A. Kaenel, W. W. Lang, G. C. Maling, D. R. Nelson, C. M. Rader, and P. Welch, “What is the fast Fourier transform?,” IEEE Trans. Audio Electroacoust, 1967.
  2. J. W. Cooley and J. W. Tukey, “An algorithm for the machine calculation of complex Fourier series,” Math. Comp., vol. 19, pp. 167-172, 1975.
  3. J. Hermelink, S. Streit, E. Strieder, and K. Thieme, “Adapting belief propagation to counter shuffling of NTTs,” IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2023, Nov. 2022.
  4. S. Kurniawan, P. Duong-Ngoc, and H. Lee, “Configurable memory based NTT architecture for homomorphic encryption,” IEEE Trans. Circuits Syst. II, Exp. Briefs, vol. 70, no. 10, pp. 3942-3946, 2023.
  5. B. Li, Y. Yan, Y. Wei, and H. Han, “Scalable and parallel optimization of the number theoretic transform based on FPGA,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 32, no. 2, pp. 291-304, Feb. 2024.
  6. Y. Geng, X. Hu, M. Li, and Z. Wang, “Rethinking parallel memory access pattern in number theoretic transform design,” IEEE Trans. Circuits Syst. II, Exp. Briefs, vol. 70, no. 5, pp. 1689-1693, May 2023.
  7. J. Mu, H. Tan, J. Wu, H. Lu, C. Chang, S. Chen, S. Liang, J. Ye, H. Li, and X. Li, “Energy-efficient NTT design with one-bank SRAM and 2-D PE array,” Design, Automation Test in Europe Conference (DATE), vol. 19, pp. 3353-3365, 2023.
  8. T. Tosun, E. Savas, “Zero-value filtering for accelerating non-profiled side-channel attack on incomplete NTT-based implementations of lattice-based cryptography,” IEEE Trans. Inf. Forensics Security, vol. 19, pp. 3353-3365, 2024.
  9. S. Aghapour, K. Ahmadi, M. Anastasova, M. M. Kermani, and R. Azarderakhsh, “PUF-Kyber: Design of a PUF-based Kyber architecture benchmarked on diverse ARM processor,” TechRxiv, 2023.
  10. P. Ravi, B. Yang, S. Bhasin, F. Zhang, and A. Chattopadhyay, “Fiddling the twiddle constants-fault injection analysis of the number theoretic transform,” IACR Transactions on Cryptographic Hardware and Embedded Systems, pp 447-481, 2023.
  11. M. J. Kannwischer, J. Rijneveld, P. Schwabe, and K. Stoffelen, “pqm4: Testing and benchmarking NIST PQC on ARM Cortex-M4,” IACR, USA, Tech. Rep. 2019/844, 2019.
  12. N. Bindel, J. Buchmann, and J. Kramer, “Lattice-based signature schemes and their sensitivity to fault attacks,” in Proc. Workshop Fault Diagnosis Tolerance Cryptogr. (FDTC), pp. 63-77, 2016.
  13. L. G. Bruinderink and P. Pessl, “Differential fault attacks on deterministic lattice signatures,” IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2018, no. 3, pp. 21-43, 2018.
  14. K. Mus, S. Islam, and B. Sunar, “QuantumHammer: A practical hybrid attack on the LUOV signature scheme,” in Proc. ACM SIGSAC Conference on Computer and Communications Security, 2020.
  15. P. Ravi, M. Jhanwar, J. Howe, A. Chattopadhyay, and S. Bhasin, “Exploiting determinism in lattice-based signatures: Practical fault attacks on pqm4 implementations of NIST candidates,” in Proc. AsiaCCS, pp. 427-440, 2019.
  16. K. Ahmadi, S. Aghapour, M. M. Kermani, and R. Azarderakhsh, “Efficient error detection schemes for ECSM window method benchmarked on FPGAs,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst, to appear 2024.
  17. A. Dominguez-Oviedo and M. A. Hasan, “Algorithm-level error detection for ECSM,” Centre Appl. Crypto. Res., Univ. Waterloo, ON, Canada, Tech. Rep., TR-2009-05, 2009.
  18. R. Singh, S. Islam, B. Sunar, and P. Schaumont, “Analysis of EM fault injection on bit-sliced number theoretic transform software in Dilithium,” ACM Transactions on Embedded Computing Systems, to appear 2024.
  19. L. Ducas, E. Kiltz, T. Lepoint, V. Lyubashevsky, P. Schwabe, G. Seiler, and D. Stehle, “CRYSTALS-Dilithium: A lattice-based digital signature scheme,” IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2018, pp. 238-268, 2018.
  20. A. Sarker, M. M. Kermani, and R. Azarderakhsh, “Hardware constructions for error detection of number-theoretic transform utilized in secure cryptographic architectures,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 27, no. 3, pp. 738-741, 2018.
  21. A. Sarker, A. C. Canto, M. M. Kermani, and R. Azarderakhsh, “Error detection architectures for hardware/software co-design approaches of number-theoretic transform,” IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst., vol. 42, no. 7, pp. 2418-2422, 2022.
  22. V. Lyubashevsky, D. Micciancio, C. Peikert, and A. Rosen, “SWIFFT: A modest proposal for FFT hashing,” in Proc. Fast Software Encryption. Berlin, Germany: Springer, pp. 54-72, 2008.
  23. N. Zhang, Q. Qin, C. Zhou, S. Yin, S. J. Wei, and L. Liu, “NTTU: An area-efficient low-power NTTuncoupled architecture for NTT-based multiplication,” IEEE Trans. Comput., vol. 69, no. 4, pp. 520-533, 2020.
  24. J. Y. Jou and J. A. Abraham, “Fault-tolerant FFT networks,” IEEE Trans. Comput., vol. 37, no. 5, pp. 548-561, May 1988.
  25. L. Ducas, A. Durmus, T. Lepoint, and V. Lyubashevsky, “Lattice signatures and bimodal Gaussians,” in Proc. 33rd Annu. Cryptology Conf., pp. 40-56, 2013.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets