Reference : AVRNTRU: Lightweight NTRU-based Post-Quantum Cryptography for 8-bit AVR Microcontrollers
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Educational Sciences
http://hdl.handle.net/10993/49346
AVRNTRU: Lightweight NTRU-based Post-Quantum Cryptography for 8-bit AVR Microcontrollers
English
Cheng, Hao mailto [University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > APSIA >]
Groszschädl, Johann mailto [University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS) >]
Roenne, Peter [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > APSIA >]
Ryan, Peter Y A [University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS) >]
Feb-2021
2021 Design, Automation and Test in Europe Conference and Exhibition, DATE 2021, Grenoble, France, February 1-5, 2021, Proceedings
IEEE
1272-1277
Yes
International
978-3-9819263-5-4
2021 Design, Automation and Test in Europe Conference and Exhibition (DATE 2021)
2021-02-01 to 2021-02-05
Grenoble
France
[en] Post-quantum cryptography ; Polynomial arithmetic ; Product-form polynomials ; Constant-time implementation
[en] Introduced in 1996, NTRUEncrypt is not only one of the earliest but also one of the most scrutinized lattice-based cryptosystems and expected to remain secure in the upcoming era of quantum computing. Furthermore, NTRUEncrypt offers some efficiency benefits over “pre-quantum” cryptosystems like RSA or ECC since the low-level arithmetic operations are less computation-intensive and, thus, more suitable for constrained devices. In this paper we present AVR N TRU, a highly-optimized implementation of NTRUEncrypt for 8-bit AVR microcontrollers that we developed from scratch to reach high performance and resistance to timing attacks. AVR N TRU complies with the EESS #1 v3.1 specification and supports product-form parameter sets such as ees443ep1, ees587ep1, and ees743ep1. An entire encryption (including mask generation and blinding-polynomial generation) using the ees443ep1 parameters requires 847973 clock cycles on an ATmega1281 microcontroller; the decryption is more costly and has an execution time of 1051871 cycles. We achieved these results with the help of a novel hybrid technique for multiplication in a truncated polynomial ring, whereby one of the operands is a sparse ternary polynomial in product form and the other an arbitrary element of the ring. A constant-time multiplication in the ring given by the ees443ep1 parameters takes only 192577 cycles, which sets a new speed record for the arithmetic part of a lattice-based cryptosystem on AVR.
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
European Commission - EC
http://hdl.handle.net/10993/49346
10.23919/DATE51398.2021.9474033
https://ieeexplore.ieee.org/document/9474033
H2020 ; 779391 - FutureTPM - Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
DATE2021.pdfAuthor postprint160.12 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.