A Compact and Scalable Hardware/Software Co-design of SIKE

Authors

  • Pedro Maat C. Massolino Radboud University, Nijmegen, The Netherlands
  • Patrick Longa Microsoft Research, USA
  • Joost Renes Radboud University, Nijmegen, The Netherlands
  • Lejla Batina Radboud University, Nijmegen, The Netherlands

DOI:

https://doi.org/10.13154/tches.v2020.i2.245-271

Keywords:

Post-quantum cryptography, supersingular isogenies, SIDH, SIKE, hardware/software co-design, FPGA, constant-time, embedded applications

Abstract

We present efficient and compact hardware/software co-design implementations of the Supersingular Isogeny Key Encapsulation (SIKE) protocol on field-programmable gate arrays (FPGAs). In order to be better equipped for different post-quantum scenarios, our architectures were designed to feature high-flexibility by covering all the currently available parameter sets and with support for primes up to 1016 bits. In particular, any of the current SIKE parameters equivalent to the post-quantum security of AES-128/192/256 and SHA3-256 can be selected and run on-the-fly. This security scalability property, together with the small footprint and efficiency of our architectures, makes them ideal for embedded applications in a post-quantum world. In addition, the proposed implementations exhibit regular, constant-time execution, which provides protection against timing and simple sidechannel attacks. Our results demonstrate that supersingular isogeny-based primitives such as SIDH and SIKE can indeed be deployed for embedded applications featuring competitive performance. For example, our smallest architecture based on a 128-bit MAC unit takes only 3415 slices, 21 BRAMs and 57 DSPs on a Virtex 7 690T and can perform key generation, encapsulation and decapsulation in 14.4, 24.4 and 26.0 milliseconds for SIKEp434 and in 52.3, 86.4 and 93.2 milliseconds for SIKEp751, respectively.

Downloads

Published

2020-03-02

Issue

Section

Articles

How to Cite

A Compact and Scalable Hardware/Software Co-design of SIKE. (2020). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(2), 245-271. https://doi.org/10.13154/tches.v2020.i2.245-271