Efficient Implementation of CRYSTALS-KYBER Key Encapsulation Mechanism on ESP32
Fabian Segatz, Muhammad Ihsan Al Hafiz
TL;DR
The paper tackles the challenge of running a post-quantum Kyber KEM on resource-constrained IoT hardware. It proposes a dual-core partitioning strategy and leverages ESP32 hardware accelerators (AES/SHA via MbedTLS) to speed up the Kyber-512-90s operations. The main contributions are a three-scenario implementation (single-core baseline, dual-core, and dual-core with accelerators) and quantified speedups, including up to $1.84\times$ encapsulation acceleration with accelerators. The work demonstrates practical viability for PQC on microcontrollers and offers concrete guidance for future hardware-aware cryptographic implementations on IoT platforms.
Abstract
Kyber, an IND-CCA2-secure lattice-based post-quantum key-encapsulation mechanism, is the winner of the first post-quantum cryptography standardization process of the US National Institute of Standards and Technology. In this work, we provide an efficient implementation of Kyber on ESP32, a very popular microcontroller for Internet of Things applications. We hand-partition the Kyber algorithm to enable utilization of the ESP32 dual-core architecture, which allows us to speed up its execution by 1.21x (keygen), 1.22x (encaps) and 1.20x (decaps). We also explore the possibility of gaining further improvement by utilizing the ESP32 SHA and AES coprocessor and achieve a culminated speed-up of 1.72x (keygen), 1.84x (encaps) and 1.69x (decaps).