Optimized Schoolbook Polynomial Multiplication for Compact Lattice-Based Cryptography on FPGA

Liu, Weiqiang; Fan, Sailong; Khalid, Ayesha; Rafferty, Ciara; O’Neill, Máire

doi:10.1109/tvlsi.2019.2922999

Cited by 78 publications

(30 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Later on [77] proposed a design of an area/power efficient approximate modular multiplier (so called AxMM) for complete RLWE hardware, by exploiting the statistics of Gaussian noise in addition to the technique of [78]; transforming the unsigned Gaussian data to signed format. Fig.…”

Section: Cryptography Homomorphicmentioning

confidence: 99%

“…The leading one detector (LOD) of AxMult performs a single bit truncation on the Gaussian data (B) there by reducing its width from 6-bit to 4-bit for modulus q = 7,681, whereas MSB signed bit (b [5]) is not utilized during the modular multiplication rather than applied at the end to get the required result for a negative number. Compared to the smallest exact RLWE multiplier design [78], the AxMM is able to reduce the area by over 35% and power consumption by over 23% with slight reduction in STD of Gaussian distribution as well as the security level. 2)…”

Section: Cryptography Homomorphicmentioning

confidence: 99%

See 1 more Smart Citation

Security in Approximate Computing and Approximate Computing for Security: Challenges and Opportunities

Liu

O’Neill

et al. 2020

Proc. IEEE

Self Cite

View full text Add to dashboard Cite

Approximate computing, an advanced computational technique which returns inaccurate but acceptable results instead of exact results, has emerged as a new preferable paradigm over traditional computing architectures for energy efficient system designs. It is crucial for nanoscale integrated circuits (ICs) to achieve high speed and low power, where some intrinsic errors are acceptable, such as (deep-) machine learning, image processing, communication and other error-tolerant and cognitive applications. However, approximate computing also introduces security vulnerabilities mainly due to the uncertainty and unpredictability of intrinsic errors during approximate execution which may be indistinguishable using malicious modification of the accurate result. On the other hand, interestingly, approximate computing can also provide new approaches for security. Existing literature in approximate computing covers threat models, countermeasures, and evaluations, but lacks a framework for analysis and comparison. In this paper, we provide a classification of the state of the art in this research field, including threat models in approximate computing and promising security approaches using approximate computing. Index Terms-Approximate computing, hardware security, cryptography I. INTRODUCTION N the last decade, various advanced computing systems, including supercomputers, ubiquitous computing centers, and servers, have been developed and widely deployed. Unfortunately, Moore's law is approaching its limitation [1], and conventional computing techniques are not able to provide higher computing performance under the restriction of power consumption. Therefore, new nanoscale computing paradigms are urgently required for low power and high performance computing systems. Hence, appropriate reduction of the computational accuracy could effectively improve the performance of computing systems without sacrificing functionality and perception.

show abstract

Section: Cryptography Homomorphicmentioning

confidence: 99%

Section: Cryptography Homomorphicmentioning

confidence: 99%

Security in Approximate Computing and Approximate Computing for Security: Challenges and Opportunities

Liu

O’Neill

et al. 2020

Proc. IEEE

Self Cite

View full text Add to dashboard Cite

show abstract

“…A lightweight design for SPM was proposed in [8], but it does not optimize the iteration clock cycle, as a result the throughput is not very high. On the other hand, [9] proposed an optimized SPM that reduces half of the iterative clock cycle. However, since its Gaussian sampling is signed data, some modules in encryption and decryption cannot be shared.…”

Section: Introductionmentioning

confidence: 99%

“…The method of shift-addition-multiplication-subtractionsubtraction (SAMS2) [14] is taken up to accelerate the implementation of modular reduction operation in hardware. A well-optimization structure for SPM is proposed in [9]. For discrete Gaussian noise distribution, sampling with signed numbers is proposed for the first time, which reduces resources consumption.…”

Section: Introductionmentioning

confidence: 99%

An Efficient and Parallel R-LWE Cryptoprocessor

Zhang

Wang

Kundi

et al. 2020

IEEE Trans. Circuits Syst. II

Self Cite

View full text Add to dashboard Cite

Lattice-based cryptography (LBC) is a promising and efficient public key cryptography scheme whose theoretical foundation usually lies in Learning with Error (LWE) problem and its variant such as Ring-LWE (R-LWE) is the most studied cryptosystem which allows for more efficient implementation while maintaining the hardness of an original problem. Polynomial multiplication is the bottleneck of R-LWE, that can either be done using Number Theoretic Transform (NTT) or schoolbook polynomial multiplication (SPM) algorithm. The use of SPM is wider and possible for all parameters of R-LWE schemes. This work proposes an efficient and parallel strategy for SPM in R-LWE; by successfully reducing its time complexity from n 2 to n 2 /4 (making it 1.8× faster and 1.4× hardware efficient). Furthermore, by adjusting the bit width for the error terms, the polynomial multiplication and addition blocks are reused for both encryption and decryption modules resulting in 14% reduced area and 1.7× better throughput in comparison to state-of-art SPM based R-LWE designs.

show abstract

“…Multiplication is one of the most critical operations in the DSP system [2,3]. The multiplication process is performed in three steps.…”

Section: Introductionmentioning

confidence: 99%

An Approximate 4-2 Compressor based on Spintronic Devices

Shafieabadi¹,

Sharifi²,

Faghih³

2019

IJMECS

View full text Add to dashboard Cite

In many classes of applications, mainly in signal and image processing applications, decreasing the static power of computational circuits is a challenge. Multipliers are typically located on the critical path of such systems. A promising approach for energy-efficient design of digital systems is approximate or inexact computing. On the other hand, leakage power and limited scalability become serious obstacles that prevent the continuous miniaturization of the conventional CMOSbased logic circuits. Spin-based devices are considered as promising alternatives for CMOS technology due to their proper characteristics such as near-zero current leakage, sustainability, integrity, low standby power. In this paper a new low power approximate 4-2 compressor is presented which is implemented using spintronic devices. The proposed design is utilized in a multiplier tree for image processing applications. We have simulated and compared the proposed design with state-of-the-art designs in both quantitative and qualitative metrics. The simulation results show that the proposed design has 92% and 188% lower power consumption and PDP, respectively compared to the best state-of-the-art design.

show abstract

Optimized Schoolbook Polynomial Multiplication for Compact Lattice-Based Cryptography on FPGA

Cited by 78 publications

References 10 publications

Security in Approximate Computing and Approximate Computing for Security: Challenges and Opportunities

Security in Approximate Computing and Approximate Computing for Security: Challenges and Opportunities

An Efficient and Parallel R-LWE Cryptoprocessor

An Approximate 4-2 Compressor based on Spintronic Devices

Contact Info

Product

Resources

About