High-Performance Ideal Lattice-Based Cryptography on 8-Bit AVR Microcontrollers
English
Liu, Zhe[University of Waterloo > Department of Combinatorics and Optimization]
Pöppelmann, Thomas[Infineon Technologies AG > Chip Card and Security Division]
Oder, Tobias[Ruhr University Bochum > Deptartment of Electrical Engineering and Information Technology]
Seo, Hwajeong[Hansung University > Department of Information Technology]
Roy, Sujoy Sinha[Katholieke Universiteit Leuven > Department of Electrical Engineering (ESAT)]
Güneysu, Tim[University of Bremen > Research Group for Computer Engineering and IT-Security (CEITS)]
Groszschädl, Johann[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Kim, Howon[Pusan National University > School of Computer Science and Engineering]
Verbauwhede, Ingrid[Katholieke Universiteit Leuven > Department of Electrical Engineering (ESAT)]
[en] Over recent years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. In this work, we evaluate and compare implementations of Ring-LWE encryption and the bimodal lattice signature scheme (BLISS) on an 8-bit Atmel ATxmega128 microcontroller. Our implementation of Ring-LWE encryption provides comprehensive protection against timing side-channels and takes 24.9ms for encryption and 6.7ms for decryption. To compute a BLISS signature, our software takes 317ms and 86ms for verification. These results underline the feasibility of lattice-based cryptography on constrained devices.