Implementing RLWE-based Schemes Using an RSA Co-Processor. / Albrecht, Martin; Hanser, Christian; Hoeller, Andrea; Pöppelmann, Thomas; Virdia, Fernando; Wallner, Andreas.

IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES). Vol. 2019, Issue 1 Ruhr University of Bochum, 2018.

Research output: Chapter in Book/Report/Conference proceedingChapter (peer-reviewed)

Published

Standard

Implementing RLWE-based Schemes Using an RSA Co-Processor. / Albrecht, Martin; Hanser, Christian; Hoeller, Andrea; Pöppelmann, Thomas; Virdia, Fernando; Wallner, Andreas.

IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES). Vol. 2019, Issue 1 Ruhr University of Bochum, 2018.

Research output: Chapter in Book/Report/Conference proceedingChapter (peer-reviewed)

Harvard

Albrecht, M, Hanser, C, Hoeller, A, Pöppelmann, T, Virdia, F & Wallner, A 2018, Implementing RLWE-based Schemes Using an RSA Co-Processor. in IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES). vol. 2019, Issue 1, Ruhr University of Bochum. https://doi.org/10.13154/tches.v2019.i1.169-208

APA

Albrecht, M., Hanser, C., Hoeller, A., Pöppelmann, T., Virdia, F., & Wallner, A. (2018). Implementing RLWE-based Schemes Using an RSA Co-Processor. In IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES) (Vol. 2019, Issue 1). Ruhr University of Bochum. https://doi.org/10.13154/tches.v2019.i1.169-208

Vancouver

Albrecht M, Hanser C, Hoeller A, Pöppelmann T, Virdia F, Wallner A. Implementing RLWE-based Schemes Using an RSA Co-Processor. In IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES). Vol. 2019, Issue 1. Ruhr University of Bochum. 2018 https://doi.org/10.13154/tches.v2019.i1.169-208

Author

Albrecht, Martin ; Hanser, Christian ; Hoeller, Andrea ; Pöppelmann, Thomas ; Virdia, Fernando ; Wallner, Andreas. / Implementing RLWE-based Schemes Using an RSA Co-Processor. IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES). Vol. 2019, Issue 1 Ruhr University of Bochum, 2018.

BibTeX

@inbook{82fc8a983832489daa71a587efd7afb3,
title = "Implementing RLWE-based Schemes Using an RSA Co-Processor",
abstract = "We repurpose existing RSA/ECC co-processors for (ideal) lattice-based cryptography by exploiting the availability of fast long integer multiplication. Such co-processors are deployed in smart cards in passports and identity cards, secured microcontrollers and hardware security modules (HSM). In particular, we demonstrate an implementation of a variant of the Module-LWE-based Kyber Key Encapsulation Mechanism (KEM) that is tailored for high performance on a commercially available smart card chip (SLE 78). To benefit from the RSA/ECC co-processor we use Kronecker substitution in combination with schoolbook and Karatsuba polynomial multiplication. Moreover, we speed-up symmetric operations in our Kyber variant using the AES co-processor to implement a PRNG and a SHA-256 co-processor to realise hash functions. This allows us to execute CCA-secure Kyber768 key generation in 79.6 ms, encapsulation in 102.4 ms and decapsulation in 132.7 ms.",
keywords = "learning with errors, smart card, implementation",
author = "Martin Albrecht and Christian Hanser and Andrea Hoeller and Thomas P{\"o}ppelmann and Fernando Virdia and Andreas Wallner",
year = "2018",
month = "10",
day = "14",
doi = "10.13154/tches.v2019.i1.169-208",
language = "English",
volume = "2019, Issue 1",
booktitle = "IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)",
publisher = "Ruhr University of Bochum",

}

RIS

TY - CHAP

T1 - Implementing RLWE-based Schemes Using an RSA Co-Processor

AU - Albrecht, Martin

AU - Hanser, Christian

AU - Hoeller, Andrea

AU - Pöppelmann, Thomas

AU - Virdia, Fernando

AU - Wallner, Andreas

PY - 2018/10/14

Y1 - 2018/10/14

N2 - We repurpose existing RSA/ECC co-processors for (ideal) lattice-based cryptography by exploiting the availability of fast long integer multiplication. Such co-processors are deployed in smart cards in passports and identity cards, secured microcontrollers and hardware security modules (HSM). In particular, we demonstrate an implementation of a variant of the Module-LWE-based Kyber Key Encapsulation Mechanism (KEM) that is tailored for high performance on a commercially available smart card chip (SLE 78). To benefit from the RSA/ECC co-processor we use Kronecker substitution in combination with schoolbook and Karatsuba polynomial multiplication. Moreover, we speed-up symmetric operations in our Kyber variant using the AES co-processor to implement a PRNG and a SHA-256 co-processor to realise hash functions. This allows us to execute CCA-secure Kyber768 key generation in 79.6 ms, encapsulation in 102.4 ms and decapsulation in 132.7 ms.

AB - We repurpose existing RSA/ECC co-processors for (ideal) lattice-based cryptography by exploiting the availability of fast long integer multiplication. Such co-processors are deployed in smart cards in passports and identity cards, secured microcontrollers and hardware security modules (HSM). In particular, we demonstrate an implementation of a variant of the Module-LWE-based Kyber Key Encapsulation Mechanism (KEM) that is tailored for high performance on a commercially available smart card chip (SLE 78). To benefit from the RSA/ECC co-processor we use Kronecker substitution in combination with schoolbook and Karatsuba polynomial multiplication. Moreover, we speed-up symmetric operations in our Kyber variant using the AES co-processor to implement a PRNG and a SHA-256 co-processor to realise hash functions. This allows us to execute CCA-secure Kyber768 key generation in 79.6 ms, encapsulation in 102.4 ms and decapsulation in 132.7 ms.

KW - learning with errors

KW - smart card

KW - implementation

U2 - 10.13154/tches.v2019.i1.169-208

DO - 10.13154/tches.v2019.i1.169-208

M3 - Chapter (peer-reviewed)

VL - 2019, Issue 1

BT - IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES)

PB - Ruhr University of Bochum

ER -