Performance Evaluation and Optimisation for Kyber on the MULTOS IoT Trust-Anchor. / Mayes, Keith.

2020. 1-8 Paper presented at IEEE SmartIoT 2020, Beijing, China.

Research output: Contribution to conferencePaper

E-pub ahead of print


  • Accepted Manuscript

    Rights statement: Accepted Manuscript Rights statement: © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. Accepted author manuscript, 719 KB, PDF document

    Accepted author manuscript, 242 KB, PDF document


The Internet of Things (IoT) may be considered as a distributed, critical infrastructure, consisting of billions of devices, many of which having limited processing capability. However, the security of IoT must not be compromised by these limitations, and defenses need to protect against today's threats, and those predicted for the future. This requires protection against implementation attacks, as well as the ability to load, replace and run, best-practice cryptographic algorithms.
Post-Quantum cryptographic algorithms are attracting great interest, and NIST standardization has a competition to find the best. Prior research demonstrated that a Learning With Errors candidate algorithm could be implemented on a smart card chip, however this was a low-level implementation, and not representative of loading the algorithm onto a secured IoT chip platform. In this paper we present analysis from a practical implementation of the Kyber768 CPAPKE public key encryption component on a MULTOS IoT Trust-Anchor chip. The investigation considered memory and speed requirements, and optimizations, and compared the NTT transform version of Kyber, presented in Round 1 of the NIST competition, with the Kroenecker multiplier technique that exploits a hardware crypto-coprocessor. The work began with a generic multi-round multiplier approach, which was then improved using a novel modification of the input data, allowing a built-in modular multiply function to be used, significantly increasing the speed of a multiplication round, and doubling the useable size of the hardware multiplier.
Original languageEnglish
Number of pages8
Publication statusE-pub ahead of print - 10 Sep 2020
EventIEEE SmartIoT 2020 - On-line due to Covid-19, Beijing, China
Duration: 14 Aug 202016 Aug 2020


ConferenceIEEE SmartIoT 2020
Abbreviated titleIEEE SmartIoT 2020
Internet address
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 38250789