A Compact and High-Performance Hardware Architecture for CRYSTALS-Dilithium

Cankun Zhao,Bohan Yang,Leibo Liu,Min Zhu,Wenping Zhu,Neng Zhang,Shaojun Wei,Hanning Wang,Shouyi Yin,Zhengdong Li

doi:10.46586/tches.v2022.i1.270-295

Abstract

The lattice-based CRYSTALS-Dilithium scheme is one of the three thirdround digital signature finalists in the National Institute of Standards and Technology Post-Quantum Cryptography Standardization Process. Due to the complex calculations and highly individualized functions in Dilithium, its hardware implementations face the problems of large area requirements and low efficiency. This paper proposes several optimization methods to achieve a compact and high-performance hardware architecture for round 3 Dilithium. Specifically, a segmented pipelined processing method is proposed to reduce both the storage requirements and the processing time. Moreover, several optimized modules are designed to improve the efficiency of the proposed architecture, including a pipelined number theoretic transform module, a SampleInBall module, a Decompose module, and three modular reduction modules. Compared with state-of-the-art designs for Dilithium on similar platforms, our implementation requires 1.4×/1.4×/3.0×/4.5× fewer LUTs/FFs/BRAMs/DSPs, respectively, and 4.4×/1.7×/1.4× less time for key generation, signature generation, and signature verification, respectively, for NIST security level 5.

Highlights

Post-quantum cryptography (PQC) refers to cryptographic algorithms that are secure against both quantum and classical computers
The National Institute of Standards and Technology (NIST) initiated the PQC Standardization Process in 2016, and 69 algorithms were submitted for the first round in 2017
The security of Rainbow has been affected by recent cryptanalysis [Beu[20], Din20], which increases the probability that Dilithium will eventually be standardized

Summary

Introduction

Post-quantum cryptography (PQC) refers to cryptographic algorithms that are secure against both quantum and classical computers. Since conventional public-key cryptographic algorithms, which are based on the mathematical hardness of computing integer factorizations and discrete logarithms, can be broken by Shor’s algorithm [Sho94] with a large-scale quantum computer, the confidentiality and integrity of digital communications on the Internet and elsewhere are under threat. To ensure the security of information systems in the upcoming quantum era, researchers have begun to study quantum-resistant public-key cryptographic algorithms. There are three digital signature algorithms among the seven finalists, CRYSTALS-Dilithium [LDK+20a], FALCON [PFH+20], and Rainbow [DCP+20]. The security of Rainbow has been affected by recent cryptanalysis [Beu[20], Din20], which increases the probability that Dilithium will eventually be standardized

Objectives

Methods

Results

Conclusion