Filters








195 Hits in 3.1 sec

High-Speed Key Encapsulation from NTRU [chapter]

Andreas Hülsing, Joost Rijneveld, John Schanck, Peter Schwabe
2017 Lecture Notes in Computer Science  
This paper presents software demonstrating that the 20year-old NTRU cryptosystem is competitive with more recent latticebased cryptosystems in terms of speed, key size, and ciphertext size.  ...  This software takes only 307 914 cycles for the generation of a keypair, 48 646 for encapsulation, and 67 338 for decapsulation.  ...  encapsulation), and performance in terms of speed and sizes.  ... 
doi:10.1007/978-3-319-66787-4_12 fatcat:rq7slwi2ajduzkbngdbc5oajmy

High-Speed Hardware Architectures and FPGA Benchmarking of CRYSTALS-Kyber, NTRU, and Saber [article]

Viet Ba Dang, Kamyar Mohajerani, Kris Gaj
2021 IACR Cryptology ePrint Archive  
This paper presents high-speed hardware architectures for four lattice-based CCA-secure Key Encapsulation Mechanisms (KEMs), representing three NIST PQC finalists: CRYSTALS-Kyber, NTRU (with two distinct  ...  variants, NTRU-HPS and NTRU-HRSS), and Saber.  ...  High-speed vs. lightweight.  ... 
dblp:journals/iacr/DangMG21 fatcat:7lold6bgknfe5er3ocvibpjsqq

Implementation and Benchmarking of Round 2 Candidates in the NIST Post-Quantum Cryptography Standardization Process Using Hardware and Software/Hardware Co-design Approaches [article]

Viet B. Dang, Farnoud Farahmand, Michal Andrzejczak, Kamyar Mohajerani, Duc Tri Nguyen, Kris Gaj
2020 IACR Cryptology ePrint Archive  
We apply our hardware approach to 6 lattice-based CCA-secure Key Encapsulation Mechanisms (KEMs), representing 4 NIST PQC submissions.  ...  Hardware implementations of cryptographic operations may quite easily outperform software implementations for at least a subset of major performance metrics, such as speed, power consumption, and energy  ...  high-speed.  ... 
dblp:journals/iacr/DangFAMNG20 fatcat:l632lw4f6bgixfv2otzmpi7cmm

TensorCrypto: High Throughput Acceleration of Lattice-based Cryptography Using Tensor Core on GPU

Wai-Kong Lee, Hwajeong Seo, Zhenfei Zhang, Seong Oun Hwang
2022 IEEE Access  
Considering that the IoT gateway devices and cloud servers need to handle massive connections from the sensor nodes, the proposed high throughput implementation on GPU is very useful in securing the IoT  ...  In particular, the proposed implementation techniques achieved throughput up to 793651 key encapsulations per second and 505051 decapsulations per second on a RTX2060 GPU.  ...  At a high level, our solution allows very high throughput key encapsulation/decapsulation using a same public-private key pair for each communication session.  ... 
doi:10.1109/access.2022.3152217 fatcat:b3zkaen3pbg2pf5evcmu3a6nx4

Streamlined NTRU Prime on FPGA [article]

Bo-Yuan Peng, Adrian Marotzke, Ming-Han Tsai, Bo-Yin Yang, Ho-Lin Chen
2021 IACR Cryptology ePrint Archive  
With the high-speed design, we achieve the to-date fastest speeds for Streamlined NTRU Prime, with speeds of 5007, 10989 and 64026 cycles for encapsulation, decapsulation, and key generation respectively  ...  We present a novel full hardware implementation of Streamlined NTRU Prime, with two variants: A high-speed, high-area implementation, and a slower, low-area implementation.  ...  the high-speed version, and LA the low-area version.The implementation from[9]does not implement decoding or key generation.  ... 
dblp:journals/iacr/PengMTYC21 fatcat:3tm5w5fpkfatlgtqihtozvzdpa

A Lightweight Implementation of NTRU Prime for the Post-quantum Internet of Things [chapter]

Hao Cheng, Daniel Dinu, Johann Großschädl, Peter B. Rønne, Peter Y. A. Ryan
2020 Lecture Notes in Computer Science  
This paper presents, to our knowledge, the first assembler-optimized implementation of Streamlined NTRU Prime for an 8-bit AVR microcontroller and shows that high-security latticebased cryptography is  ...  NTRU Prime is a variant of the classical NTRU cryptosystem that comes with a couple of tweaks to minimize the attack surface; most notably, it avoids rings with "worrisome" structure.  ...  The authors thank John Schanck for answering questions on the generation of product-form parameters for NTRU Prime.  ... 
doi:10.1007/978-3-030-41702-4_7 fatcat:mcmao6pdpbag7mj4zdmncmvfzq

A Constant Time Full Hardware Implementation of Streamlined NTRU Prime [article]

Adrian Marotzke
2020 IACR Cryptology ePrint Archive  
Decapsulation: Input is the encoded secret key (k, Encode(h), ρ, hash(4, Encode(h))) from the key generation step, and the encoded ciphertext C = (Encode(c), Conf irm) from the encapsulation.  ...  Output (k, Encode(h), ρ, hash(4, Encode(h))) as the secret key. Encapsulation: Input is the encoded public key, Encode(h). Generate a random short r. Decode the public key h. Compute hr ∈ R/q.  ...  From a speed perspective, the time spent on hashing is negligible (see Table 2 and 3 ).  ... 
dblp:journals/iacr/Marotzke20 fatcat:sphnjwlitbgudbyzig4x5duska

Performance Analysis of TLS for Quantum Robust Cryptography on a Constrained Device [article]

Jon Barton, William J Buchanan, Nikolaos Pitropakis, Sarwar Sayeed, Will Abramson
2022 arXiv   pre-print
It also threatens methods based on discrete logarithms, such as with the Diffie-Hellman key exchange method.  ...  While high-powered computing devices may be able to run these new methods, we need to investigate how well these methods run on limited powered devices.  ...  The listed speed is the speed of an encapsulation followed by a decapsulation. The table presents the best attempt to provide a like-for-like comparison between the various works.  ... 
arXiv:1912.12257v2 fatcat:wqvonw35sffaxcd4kmqfqqr6pu

BAT: Small and Fast KEM over NTRU Lattices

Pierre-Alain Fouque, Paul Kirchner, Thomas Pornin, Yang Yu
2022 Transactions on Cryptographic Hardware and Embedded Systems  
We present BAT – an IND-CCA secure key encapsulation mechanism (KEM) that is based on NTRU but follows an encryption/decryption paradigm distinct from classical NTRU KEMs.  ...  However, since the secret key is now a short basis (not a vector), we need to modify the decryption algorithm and we present a new NTRU decoder.  ...  The message m is now encapsulated as c = hm+e mod q where h is the NTRU public key and e is a small error.  ... 
doi:10.46586/tches.v2022.i2.240-265 fatcat:pswp6sxt6fasxlgmsigpzi6rx4

Polynomial Multiplication in NTRU Prime

Erdem Alkim, Dean Yun-Li Cheng, Chi-Ming Marvin Chung, Hülya Evkan, Leo Wei-Lun Huang, Vincent Hwang, Ching-Lin Trista Li, Ruben Niederhagen, Cheng-Jhih Shih, Julian Wälde, Bo-Yin Yang
2020 Transactions on Cryptographic Hardware and Embedded Systems  
We demonstrate these methods on the NTRU Prime key-encapsulation mechanism (KEM) proposed by Bernstein, Chuengsatiansup, Lange, and Vredendaal, which uses a polynomial ring that is, by design, not amenable  ...  For the parameter-set ntrulpr761, this results in between 16% and 9% faster total operations (sum of key generation, encapsulation, and decapsulation) and requires between 15% and 39% less memory than  ...  The framework measures the number of cycles required for key generation, key encapsulation, and key decapsulation.  ... 
doi:10.46586/tches.v2021.i1.217-238 fatcat:ma7ba6tmondenfi4quoigecs4q

Faster multiplication in ℤ 2 m [x] on Cortex-M4 to speed up NIST PQC candidates [article]

Matthias J. Kannwischer, Joost Rijneveld, Peter Schwabe
2018 IACR Cryptology ePrint Archive  
speedups of 22% for key generation, 20% for encapsulation and 22% for decapsulation.  ...  We use these optimized multiplication routines to speed up the NIST post-quantum candidates RLizard, NTRU-HRSS, NTRUEncrypt, Saber, and Kindi.  ...  Out of the remaining 64 proposals, 22 are lattice-based public-key encryption schemes or key-encapsulation mechanisms (KEMs).  ... 
dblp:journals/iacr/KannwischerRS18 fatcat:uvmwkilvkram5cgbfmsgn3jniq

Research on Secure Communication on In-Vehicle Ethernet Based on Post-Quantum Algorithm NTRUEncrypt

Yuan Zhu, Yipeng Liu, Mingzhi Wu, Jinzhao Li, Shiyang Liu, Jianning Zhao
2022 Electronics  
The result shows that, besides the NTRUEncrypt's particular attribute of resisting quantum computer attacks, the execution speed of session key negotiation using NTRUEncrypt is 66.06 times faster than  ...  In this paper, we propose and evaluate, for the first time, a NTRUEncrypt enhanced session key negotiation for the in-vehicle Ethernet context.  ...  Acknowledgments: The authors wish to express their many thanks for the support provided by Manager Jianjie Gu and Engineer Chengguo Wang from Shanghai G-Pulse Technology Co., Ltd.  ... 
doi:10.3390/electronics11060856 doaj:88483fed136c454e949fd9bd86ce06b7 fatcat:4czovgic2vgsnlmzyilosxjpa4

Single-Trace Attacks on Message Encoding in Lattice-Based KEMs

Bo-Yeon Sim, Jihoon Kwon, Joohee Lee, Il-Ju Kim, Taeho Lee, Jaeseung Han, Hyojin Yoon, Jihoon Cho, Dong-Guk Han
2020 IEEE Access  
(Low) -O2 Optimize for speed (Medium) -O3 Optimize for speed (High) -Os Optimize for size TABLE TABLE 4 . 4 Network structure for ML-based PA Layer node (in, out) kernel initializer  ...  INTRODUCTION T HE key encapsulation mechanism (KEM) is a publickey cryptosystem aimed at establishing key sharing between two parties.  ... 
doi:10.1109/access.2020.3029521 fatcat:sf442wny6vhazmlbsvs6zfihwi

Lattice-based Key Sharing Schemes - A Survey [article]

Prasanna Ravi, James Howe, Anupam Chattopadhyay, Shivam Bhasin
2020 IACR Cryptology ePrint Archive  
In this paper, we survey the evolution of lattice-based key sharing schemes (public key encryption and key encapsulation schemes) and cover various aspects ranging from theoretical security guarantees,  ...  as public key encryption, digital signatures and key encapsulation mechanisms.  ...  The hardness of retrieving the secret key from the public key directly comes from the hardness of inverting the NTRU one-way function.  ... 
dblp:journals/iacr/RaviHCB20 fatcat:gwfp7xfzbbgxnldzbngfc4ru7q

NTTRU: Truly Fast NTRU Using NTT

Vadim Lyubashevsky, Gregor Seiler
2019 Transactions on Cryptographic Hardware and Embedded Systems  
We present NTTRU – an IND-CCA2 secure NTRU-based key encapsulation scheme that uses the number theoretic transform (NTT) over the cyclotomic ring Z7681[X]/(X768−X384+1) and produces public keys and ciphertexts  ...  We additionally give a simple transformation that allows one to provably deal with small decryption errors in OW-CPA encryption schemes (such as NTRU) when using them to construct an IND-CCA2 key encapsulation  ...  turn subtract from the signed high half-product of b and c.  ... 
doi:10.13154/tches.v2019.i3.180-201 dblp:journals/tches/LyubashevskyS19 fatcat:yeaqxzel6faktg2rzpi5u3f7ku
« Previous Showing results 1 — 15 out of 195 results