Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Efficient Algorithm Level Error Detection for Number-Theoretic Transform used for Kyber Assessed on FPGAs and ARM

Kasra Ahmadi, Saeed Aghapour, Mehran Mozaffari Kermani, Reza Azarderakhsh

TL;DR

Algorithm-level fault detection schemes in the NTT multiplication using Negative Wrapped Convolution (NWC) and the NTT tailored for Kyber Round 3 are introduced, representing a significant enhancement compared with previous research.

Abstract

Polynomial multiplication stands out as a highly demanding arithmetic process in the development of post-quantum cryptosystems. The importance of the number-theoretic transform (NTT) extends beyond post-quantum cryptosystems, proving valuable in enhancing existing security protocols such as digital signature schemes and hash functions. CRYSTALS-KYBER stands out as the sole public key encryption (PKE) algorithm chosen by the National Institute of Standards and Technology (NIST) in its third round selection, making it highly regarded as a leading post-quantum cryptography (PQC) solution. Due to the potential for errors to significantly disrupt the operation of secure, cryptographically-protected systems, compromising data integrity, and safeguarding against side-channel attacks initiated through faults it is essential to incorporate mitigating error detection schemes. This paper introduces algorithm level fault detection schemes in the NTT multiplication using Negative Wrapped Convolution and the NTT tailored for Kyber Round 3, representing a significant enhancement compared to previous research. We evaluate this through the simulation of a fault model, ensuring that the conducted assessments accurately mirror the obtained results. Consequently, we attain a notably comprehensive coverage of errors. Furthermore, we assess the performance of our efficient error detection scheme for Negative Wrapped Convolution on FPGAs to showcase its implementation and resource requirements. Through implementation of our error detection approach on Xilinx/AMD Zynq Ultrascale+ and Artix-7, we achieve a comparable throughput with just a 9% increase in area and 13% increase in latency compared to the original hardware implementations. Finally, we attained an error detection ratio of nearly 100% for the NTT operation in Kyber Round 3, with a clock cycle overhead of 16% on the Cortex-A72 processor.

Efficient Algorithm Level Error Detection for Number-Theoretic Transform used for Kyber Assessed on FPGAs and ARM

TL;DR

Algorithm-level fault detection schemes in the NTT multiplication using Negative Wrapped Convolution (NWC) and the NTT tailored for Kyber Round 3 are introduced, representing a significant enhancement compared with previous research.

Abstract

Polynomial multiplication stands out as a highly demanding arithmetic process in the development of post-quantum cryptosystems. The importance of the number-theoretic transform (NTT) extends beyond post-quantum cryptosystems, proving valuable in enhancing existing security protocols such as digital signature schemes and hash functions. CRYSTALS-KYBER stands out as the sole public key encryption (PKE) algorithm chosen by the National Institute of Standards and Technology (NIST) in its third round selection, making it highly regarded as a leading post-quantum cryptography (PQC) solution. Due to the potential for errors to significantly disrupt the operation of secure, cryptographically-protected systems, compromising data integrity, and safeguarding against side-channel attacks initiated through faults it is essential to incorporate mitigating error detection schemes. This paper introduces algorithm level fault detection schemes in the NTT multiplication using Negative Wrapped Convolution and the NTT tailored for Kyber Round 3, representing a significant enhancement compared to previous research. We evaluate this through the simulation of a fault model, ensuring that the conducted assessments accurately mirror the obtained results. Consequently, we attain a notably comprehensive coverage of errors. Furthermore, we assess the performance of our efficient error detection scheme for Negative Wrapped Convolution on FPGAs to showcase its implementation and resource requirements. Through implementation of our error detection approach on Xilinx/AMD Zynq Ultrascale+ and Artix-7, we achieve a comparable throughput with just a 9% increase in area and 13% increase in latency compared to the original hardware implementations. Finally, we attained an error detection ratio of nearly 100% for the NTT operation in Kyber Round 3, with a clock cycle overhead of 16% on the Cortex-A72 processor.
Paper Structure (27 sections, 20 equations, 5 figures, 5 tables, 4 algorithms)

This paper contains 27 sections, 20 equations, 5 figures, 5 tables, 4 algorithms.

Table of Contents

  1. Introduction
  2. Related works
  3. Our Major Contributions
  4. Preliminaries
  5. Number Theoretic Transform (NTT)
  6. Negative Wrapped Convolution
  7. Polynomial Multiplication Utilizing the NTT in Kyber
  8. Proposed Error Detection Scheme
  9. Negative Wrapped Convolution
  10. Component-wise NTT Multiplication
  11. Pre-processor
  12. Kyber
  13. NTT Module
  14. Error Coverage Simulation Results
  15. Fault Model
  16. ...and 12 more sections

Figures (5)

  • Figure 1: Concurrent error detection scheme for the NTT operation.
  • Figure 2: Proposed algorithm level error detection scheme for the NTT multiplication module using Negative Wrapped Convolution.
  • Figure 3: Proposed error detection scheme for pre-process module through recompuation with shifted operands.
  • Figure 4: Proposed algorithm level error detection scheme for the NTT utilized in Kyber.
  • Figure 5: The utilized fault model in this work for the butterfly sub-block.