High-speed FPGA Implementation of the NIST Round 1 Rainbow Signature Scheme

Abstract

Round 1 of the the NIST post-quantum cryptogra- phy (PQC) standardization effort began on November 30th, 2017. The competition aims to select the most promising quantum- resistantalgorithms, which are currently secure against large scale quantum computers. Multivariate cryptosystems belong to a promising group of PQC schemes and are based on multivariate polynomials over finite fields. Among them are the Unbalanced Oil and Vinegar (UOV) and Rainbow signature schemes, which have been extensively studied since 1999 and 2005, respectively. The main advantage of UOV ishigh confidence in its security, and the disadvantages include large key and signature sizes. Rainbow is a multi-layer version of UOV that offers better performance, smaller keys, and smaller signatures. This paper presents a high-speed FPGA implementation for the NIST Round 1 PQC submission of Rainbow. We discuss a high-speed design that uses a parameterized system solver, which can solvean n-by-n system in n clock cycles. Compared to the previous state-of-the- art, we reduce the number of required multipliers by almost half, speed up execution, and implement Rainbow for higher security levels. Our design supports many parameter sets, which require operations in the fields GF(16) and GF(256). Additionally, in order tomake benchmarking easier and fairer, our design follows a universal PQC hardware API, which allowsfor fair comparison with other post-quantum signature schemes. This design is being made open-source to increase transparency and speed up further optimization.