High-Throughput Ring-LWE Cryptoprocessors

Abstract

This paper presents the design of ring learning with errors (LWE) cryptoprocessors using number theoretic transform (NTT) cores and Gaussian samplers based on the inverse transform method. The NTT cores are designed using radix-2 and radix-8 decimation-in-frequency NTT algorithms and pipeline architectures. The designed Gaussian samplers are an optimized parallel implementation of the inverse transform method and they use a pipeline architecture to generate a sample every clock cycle after the latency period, that is, the output is obtained in a fixed time achieving timing-attack-resistant ringLWE cryptoprocessors. Also, taking into account the national institute of standards and technology recommendation, a random number generator is designed to generate the input of the Gaussian sampler. The cryptoprocessors were synthesized on the field-programmable gate array EP4SGX230KF40C2 and verified in hardware using the DE4 board and the SignalTap tool. According to the obtained synthesis results, for dimension 512, the three cryptoprocessors perform the encryption in 9.33, 5.16, and 1.73 μs and the decryption in 4.59, 2.78, and 1.04 μs. We compared the designed cryptoprocessors with other ones presented in the literature, and from this comparison, we can conclude that they have the highest throughput, but they require more area resources than other previous ones.