Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

High-speed SABER key encapsulation mechanism in 65nm CMOS

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Quantum computers will break cryptographic primitives that are based on integer factorization and discrete logarithm problems. SABER is a key agreement scheme based on the Learning With Rounding problem that is quantum-safe, i.e., resistant to quantum computer attacks. This article presents a high-speed silicon implementation of SABER in a 65nm technology as an Application Specific Integrated Circuit. The chip measures 1\(\textrm{mm}^2\) in size and can operate at a maximum frequency of 715\(\textrm{MHz}\) at a nominal supply voltage of 1.2V. Our chip takes 10, 9.9 and 13\(\upmu \textrm{s}\) for the computation of key generation, encapsulation, and decapsulation operations of SABER. The average power consumption of the chip is 153.6\(\textrm{mW}\). Physical measurements reveal that our design is 8.96x (for key generation), 11.80x (for encapsulation), and 11.23x (for decapsulation) faster than the best known silicon-proven SABER implementation.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Data Availability

The data (RTL codes) generated during and/or implemented during the current study are available in the saber-chip repository, https://github.com/Centre-for-Hardware-Security/saber-chip.

Notes

  1. The Verilog HDL code is already available in our saber-chip repository on GitHub [24].

References

  1. Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997). https://doi.org/10.1137/S0097539795293172

    Article  MathSciNet  MATH  Google Scholar 

  2. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978). https://doi.org/10.1145/359340.359342

    Article  MathSciNet  MATH  Google Scholar 

  3. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976). https://doi.org/10.1109/TIT.1976.1055638

    Article  MathSciNet  MATH  Google Scholar 

  4. Merkle, R.C.: Secure communications over insecure channels. Commun. ACM 21(4), 294–299 (1978). https://doi.org/10.1145/359460.359473

    Article  MATH  Google Scholar 

  5. U.S. NSA. Commercial national security algorithm suite and quantum computing faq (last accessed on March 17 ). Available at: https://cryptome.org/2016/01/CNSA-Suite-and-Quantum-Computing-FAQ.pdf (2022)

  6. Yeniaras, E., Cenk, M.: Faster characteristic three polynomial multiplication and its application to ntru prime decapsulation. J. Cryptogr. Eng. (2022). https://doi.org/10.1007/s13389-021-00282-7

    Article  Google Scholar 

  7. NIST. Round 3 finalists: Public-key encryption and key-establishment algorithms (last accessed on March 11 ). Available at: https://csrc.nist.gov/Projects/post-quantum-cryptography/round-3-submissions (2022)

  8. Basso, A., Aydin, F., Dinu, D., Friel, J., Varna, A., Sastry, M., Ghosh, S.: Where star wars meets star trek: Saber and dilithium on the same polynomial multiplier. Cryptology ePrint Archive, Report 2021/1697 (2021). https://ia.cr/2021/1697

  9. Roy, S. Sinha., Basso, A.: High-speed instruction-set coprocessor for lattice-based key encapsulation mechanism: Saber in hardware. In: IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 443–466 (2020). https://doi.org/10.13154/tches.v2020.i4.443-466

  10. Mera, J. Maria Bermudo., Turan, F., Karmakar, A., Roy, S. Sinha., Verbauwhede, I.: Compact domain-specific co-processor for accelerating module lattice-based kem (2020). In: Paper presented at the 57th ACM/IEEE Design Automation Conference (DAC), San Francisco, CA, USA, pp. 1–6, July 20–24 (2020)

  11. Fritzmann, T., Sigl, G., Sepúlveda, J.: Risq-v: Tightly coupled risc-v accelerators for post-quantum cryptography. Cryptology ePrint Archive, Report 2020/446 (2020). https://ia.cr/2020/446

  12. Lee, W.K., Seo, H., Hwang, S.O., Karmakar, A., Mera, J.M.B., Achar, R.: Dpcrypto: Acceleration of post-quantum cryptographic algorithms using dot-product instruction on gpus. Cryptology ePrint Archive, Report 2021/1389 (2021). https://ia.cr/2021/1389

  13. Becker, H., Mera, J.M. Bermudo., Karmakar, A., Yiu, J., Verbauwhede, I.: Polynomial multiplication on embedded vector architectures. IACR Transactions on Cryptographic Hardware and Embedded Systems 2022, 482–505 (2021). https://doi.org/10.46586/tches.v2022.i1.482-505

  14. Abdulrahman, A., Chen, J.P., Chen, Y.J., Hwang, V., Kannwischer, M.J., Yang, B.Y.: Multi-moduli ntts for saber on cortex-m3 and cortex-m4. Cryptology ePrint Archive, Report 2021/995 (2021). https://ia.cr/2021/995

  15. Karmakar, A., Mera, J.M.B., Roy, S.S., Verbauwhede, I.: Saber on arm cca-secure module lattice-based key encapsulation on arm. Cryptology ePrint Archive, Report 2018/682 (2018). https://ia.cr/2018/682

  16. Beirendonck, M.V., D’anvers, J.P., Karmakar, A., Balasch, J., Verbauwhede, I.: A side-channel-resistant implementation of saber. J. Emerg. Technol. Comput. Syst. 17(2), 1–26 (2021). https://doi.org/10.1145/3429983

    Article  Google Scholar 

  17. Fritzmann, T., Beirendonck, M. Van., Roy, D. Basu., Karl, P., Schamberger, T., Verbauwhede, I., Sigl, G.: Masked accelerators and instruction set extensions for post-quantum cryptography. IACR Transactions on Cryptographic Hardware and Embedded Systems 2022, 414–460 (2021). https://doi.org/10.46586/tches.v2022.i1.414-460

  18. Abdulgadir, A., Mohajerani, K., Dang, V.B., Kaps, J.P., Gaj, K.: A lightweight implementation of saber resistant against side-channel attacks In: Adhikari, A., Küsters, R., Preneel, B. (eds) Progress in Cryptology—INDOCRYPT 2021. INDOCRYPT 2021. Lecture Notes in Computer Science, vol. 13143. Springer, Cham. (2021).https://doi.org/10.1007/978-3-030-92518-5_11

  19. Wang, B., Gu, X., Yang, Y.: Saber on esp32. Cryptology ePrint Archive, Report 2019/1453 (2019). https://ia.cr/2019/1453

  20. Zhu, Y., Zhu, M., Yang, B., Zhu, W., Deng, C., Chen, C., Wei, S., Liu, L.: Lwrpro: An energy-efficient configurable crypto-processor for module-lwr. IEEE Trans. Circuits Syst. I Regular Pap. 68(3), 1146–1159 (2021). https://doi.org/10.1109/TCSI.2020.3048395

    Article  Google Scholar 

  21. Ghosh, A., Mera, J., Karmakar, A., Das, D., Ghosh, S., Verbauwhede, I., Sen, S.: A 334\(\mu w\) 0.158\(mm^2\) saber learning with rounding based post-quantum crypto accelerator (2022). Preprint at https://arxiv.org/pdf/2201.07375.pdf

  22. Zhu,, Zhu, W., Zhu, M., Li, C., Deng, C., Chen, C., Yin, S., Yin, S., Wei, S., Liu, L.: A 28nm 48kops 3.4 \(\mu \) j/op agile crypto-processor for post-quantum cryptography on multi-mathematical problems (2022). In: IEEE International Solid State Circuits Conference (ISSCC), San Francisco, CA, USA, pp. 514–516, February 20–26, (2022)

  23. Imran, M., Almeida, F., Raik, J., Basso, A., Roy, S.S., Pagliarini, S.: Design space exploration of saber in 65nm asic (2021). In: Paper Presented at the Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security, Virtual Event, Republic of Korea, pp. 85–90, November 19, (2021)

  24. Imran, M., Pagliarini, S.: saber-chip (last accessed on March 21 ). (2022) Available at https://github.com/Centre-for-Hardware-Security/saber-chip

  25. Basso, A., Mera, J.M.B., D’Anvers, J.P. , Karmakar, A., Roy, S.S., Beirendonck, M.V., Vercauteren, F.: Saber: Mod-lwr based kem (round 3 submission) (last accessed on March 23 ).(2022) Available at https://www.esat.kuleuven.be/cosic/pqcrypto/saber/files/saberspecround3.pdf

  26. Basso, A., Roy, S.S.: Optimized polynomial multiplier architectures for post-quantum kem saber (2021). In: Paper Presented at the 58th ACM/IEEE Design Automation Conference (DAC), San Francisco, CA, USA, p. 1285–1290, December 5–9 (2021)

  27. NIST.: Sha-3 standard: Permutation-based hash and extendable-output functions. FIPS PUB 202 (last accessed on March 9) (2022). Available at https://doi.org/10.6028/NIST.FIPS.202

  28. STM32.: Nucleo-64 development board with stm32f446re mcu (last accessed on February 19) (2022). Available at https://www.st.com/en/evaluation-tools/nucleo-f446re.html

  29. Imran, M., Abideen, Z.U., Pagliarini, S.: An open-source library of large integer polynomial multipliers (2021). iN: Paper Presented at the Proceedings of the 24th International Symposium on Design and Diagnostics of Electronic Circuits Systems (DDECS), Vienna, Austria, pp. 145–150, April 7–9 (2021)

Download references

Funding

This work was partially supported by the EC through the European Social Fund in the context of the project “ICT programme”. It was also partially supported by European Union’s Horizon 2020 research and innovation programme under grant agreement No 952252 (SAFEST). Sujoy Sinha Roy received funding by the State Government of Styria, Austria - Department Zukunftsfonds Steiermark.

Author information

Authors and Affiliations

  1. Department of Computer Systems, Tallinn University of Technology, Tallinn, Estonia

    Malik Imran, Felipe Almeida & Samuel Pagliarini

  2. School of Computer Science, University of Birmingham, Birmingham, UK

    Andrea Basso

  3. IAIK, Graz University of Technology, Graz, Austria

    Sujoy Sinha Roy

Authors
  1. Malik Imran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Felipe Almeida
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrea Basso
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sujoy Sinha Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Samuel Pagliarini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Malik Imran.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Imran, M., Almeida, F., Basso, A. et al. High-speed SABER key encapsulation mechanism in 65nm CMOS. J Cryptogr Eng 13, 461–471 (2023). https://doi.org/10.1007/s13389-023-00316-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-023-00316-2

Keywords

Search

Navigation