AxRLWE: A Multilevel Approximate Ring-LWE Co-Processor for Lightweight IoT Applications

Kundi, Dur-e-Shahwar; Khalid, Ayesha; Bian, Song; Wang, Chenghua; OrNeill, Maire; Liu, Weiqiang

doi:10.1109/jiot.2021.3122276

Cited by 7 publications

(12 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that we do not include the following designs since: 1) the design of [29] is a special design based on LUT-like method; 2) the structures of [28] and [30] belong to compact designs (similar to [43], which is a compact implementation of an approximate Ring-LWE based scheme); and 3) the designs in [31] and Architecture-II of [33] did not consider the input-output processing resources in structural design.…”

Section: Major Area-time Complexities For the Proposed Rblwe-based Ac...mentioning

confidence: 99%

KINA: Karatsuba Initiated Novel Accelerator for Ring-Binary-LWE (RBLWE)-Based Post-Quantum Cryptography

He,

Tu,

Xie

et al. 2023

IEEE Trans. VLSI Syst.

View full text Add to dashboard Cite

Along with the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) standardization process, lightweight PQC-related research, and development have also gained substantial attention from the research community. Ring-binary-learning-with-errors (RBLWE), a ring variant of binary-LWE (BLWE), has been used to build a promising lightweight PQC scheme for emerging Internet-of-Things (IoT) and edge computing applications, namely the RBLWEbased encryption scheme (RBLWE-ENC). The parameter settings of RBLWE-ENC, however, are not in favor of deploying typical fast algorithms like number theoretic transform (NTT). Following this direction, in this work, we propose a Karatsuba initiated novel accelerator (KINA) for efficient implementation of RBLWE-ENC. Overall, we have made several coherent interdependent stages of efforts to carry out the proposed work: 1) we have innovatively used the Karatsuba algorithm (KA) to derive the major arithmetic operation of RBLWE-ENC into a new form for high-performance operation; 2) we have then effectively mapped the proposed algorithm into an efficient hardware accelerator with the help of a number of optimization techniques; and 3) we have also provided detailed complexity analysis and implementation comparison to demonstrate the superior performance of the proposed KINA, e.g., the proposed design with u = 2 involves 64.71% higher throughput and 15.37% less area-delay product (ADP) than the state-of-theart design for n = 512 (Virtex-7). The proposed KINA offers flexible processing speed and is suitable for high-performance applications like IoT servers. This work is expected to be useful for lightweight PQC development.

show abstract

Section: Major Area-time Complexities For the Proposed Rblwe-based Ac...mentioning

confidence: 99%

KINA: Karatsuba Initiated Novel Accelerator for Ring-Binary-LWE (RBLWE)-Based Post-Quantum Cryptography

He,

Tu,

Xie

et al. 2023

IEEE Trans. VLSI Syst.

View full text Add to dashboard Cite

show abstract

“…Since this paper focuses on BRLWE-based PQC structures, we do not compare them with the existing regular Ring-LWE based designs (different errors/schemes/structures). Nevertheless, Ring-LWE based work, such as [10] and [21], represent important PQC implementations in the field. The Ring-LWE of [10] deploys DSPs and BRAMs for parallel-processing, and the AxRing-LWE based design in [21] uses an approximate method for resource-limited applications.…”

Section: Complexity Analysis and Comparisonmentioning

confidence: 99%

“…Nevertheless, Ring-LWE based work, such as [10] and [21], represent important PQC implementations in the field. The Ring-LWE of [10] deploys DSPs and BRAMs for parallel-processing, and the AxRing-LWE based design in [21] uses an approximate method for resource-limited applications. Future work directions include side-channel attacks [22] and algorithm innovations.…”

Section: Complexity Analysis and Comparisonmentioning

confidence: 99%

Lightweight Hardware Implementation of Binary Ring-LWE PQC Accelerator

Lucas

Alwan

Murzello

et al. 2022

IEEE Comput. Arch. Lett.

View full text Add to dashboard Cite

Significant innovation has been made in the development of public-key cryptography that is able to withstand quantum attacks, known as post-quantum cryptography (PQC). This paper focuses on the development of an efficient PQC hardware implementation. Specifically, an implementation of the binary Ring-learning-with-errors (BRLWE)-based encryption scheme, a promising lightweight PQC suitable for resource-constrained applications, is proposed. The paper first develops the mathematical formulation to present the proposed algorithmic process. The corresponding hardware accelerators are then described in detail. Finally, comparisons with previous implementations are provided to demonstrate the superior performance of the proposed design. For instance, the proposed low-complexity accelerator has 34.7% less area-delay product (ADP) than the state-of-the-art design for n ¼ 256 in the field-programmable gate array (FPGA) platform. Apart from the efficiency of the hardware architectures, the proposed design also has a complete input/output processing setup, and thus is feasible for emerging lightweight applications.

show abstract

“…Earlier efforts of approximation have rightly targeted the two main bottlenecks of LWE systems, i.e., Gaussian sampling and polynomial multiplication. The Gaussian sampling is either reduced via truncating [6], [7] or is completely replaced by a binary distribution sampler, which eliminates the need for a full multiplication [8]. The inherent error in the LWEbased schemes is also exploited via approximate multipliers for efficient R-LWE-based cryptosystems [9].…”

Section: Introductionmentioning

confidence: 99%

“…This work undertakes the approximation of discrete Gaussian distribution sampler in R-LWE by truncating its samples by three different levels. While the hardware resource consumption estimates after truncation are the same as described in earlier work AxRLWE [7], this work experimentally evaluates the truncated distribution properties and in comparison, benchmarks higher security estimates for the three truncation levels via the LWE Estimator [10]. In addition, an (upper bound of) probability of decryption failure of the approximated schemes is also provided for two parameter sets of medium security of R-LWE [2], [11].…”

Section: Introductionmentioning

confidence: 99%

Better Security Estimates for Approximate, IoT-Friendly R-LWE Cryptosystems

O’Connor

Khalid

O’Neill

et al. 2022

2022 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS)

Self Cite

View full text Add to dashboard Cite

This work explores the effect of approximation on the Ring-learning with errors (R-LWE) based public-key cryptography (PKE) systems. Lattice-based problems such as LWE have proven to be a viable alternative to the currently used PKE systems in a post-quantum world, with one such scheme taken up for standardisation in NIST's post-quantum cryptography standardisation process (CRYSTALS-Kyber). In the modern world, the Internet of Things (IoT) applications and devices have become ubiquitous. Often, they are not secure, and with the threat of quantum computing looming on the horizon, R-LWE could provide a solution. R-LWE-based schemes come at a higher computational cost, making them challenging to be implemented on IoT devices that require low energy, low area, and efficient cryptography. To enable this, approximation could aid in lowering the necessary power and memory by removing some of the complexity in R-LWE scheme. This work provides improved security estimates for an earlier presented approximate R-LWE scheme (AxRLWE), that explores the approximation via truncation of the Gaussian distribution samples values and using an approximate modular multiplier. In addition, this work calculates an effective failure rate for different truncation levels of 2 typical medium level R-LWE parameter sets and concludes a truncation of 2-bits to be the best balance between security and approximation.

show abstract

AxRLWE: A Multilevel Approximate Ring-LWE Co-Processor for Lightweight IoT Applications

Cited by 7 publications

References 39 publications

KINA: Karatsuba Initiated Novel Accelerator for Ring-Binary-LWE (RBLWE)-Based Post-Quantum Cryptography

KINA: Karatsuba Initiated Novel Accelerator for Ring-Binary-LWE (RBLWE)-Based Post-Quantum Cryptography

Lightweight Hardware Implementation of Binary Ring-LWE PQC Accelerator

Better Security Estimates for Approximate, IoT-Friendly R-LWE Cryptosystems

Contact Info

Product

Resources

About