Hardware Post-Quantum Cryptographic Library
The technical contributions of this work are: (1) FPGA-tailored implementation of the hardware primitives with novel algorithmic proposals of the OT and ZKP; (2) algorithmic optimizations to reduce area and latency costs without compromising security; and (3) open-sourcing the synthesizable and fully verifiable code for the community at large. The RTL code base is fully parameterizable with an efficient, N-point Number-Theoretic Transform (NTT) module for fast polynomial multiplications. These primitives will aid researchers and designers in constructing quantum-proof secure computing systems to prepare for the post-quantum era.
Background
The recent development trend in the field of quantum computers has confirmed that it is only a matter of time before these computer systems become functional and readily available. Quantum computers hold the promise of a significant computational power increase. These computer systems will be able to compute efficiently solutions for many computational problems that are NP-hard on conventional machines. While this development presents many compute opportunities, it also deepens our current cyber-security crisis by making many of the classical cryptosystems non-secure or critically weakened. For instance, with quantum algorithms capable of efficiently solving the integer factorization and discrete logarithm problems, RSA, ECC and ElGamal will all need to be re-examined or even replaced, since these computational problems form the core of their security. In fact, research efforts to develop a new class of post-quantum algorithms and cryptosystems are now underway.
In early 2017, the National Institute of Standards and Technology (NIST) launched a campaign to standardize the post-quantum cryptography. In the first round of submissions, 69 candidate algorithms were put forth, with 27 advancing to the second round. The most commonly used algorithmic approach across these submissions is the Ring-Learning with Errors (Ring-LWE) method. In fact, Ring-LWE is used in 12 out of 27 second round candidate submissions. Ring-LWE cryptosystems have a number of key advantages: (1) its lattice- based security reduction – modified shortest vector problems – remains NP-hard even on quantum computers, (2) it has a much smaller key size compared with other techniques of comparable security guarantees, (3) it supports homomorphic encryption, and (4) it could lend itself to efficient hardware implementations.
Capabilities
The team has leveraged these features and develop efficient hardware implementations. Although there are myriad works exploring different implementations of the Ring-LWE algorithm in software, hardware level design space exploration efforts have been very tentitave. Moreover, out of the existing hardware implementations, very few focus on scalability and efficiency. One technical reason for this is that large polynomial operations over finite rings – which form the core computational kernel of Ring-LWE algorithms – remain a key challenge for many hardware designers.
To address this issue, we introduce a set of highly-optimized, parameterizable hardware modules to serve as primitives for faster design space exploration of post-quantum cryptosystems, especially the systems using Ring-LWE algorithms. The post-quantum hardware primitive set consists of four frequently used security components: the public key cryp- tosystem (PKC), key exchange (KEX), oblivious transfer (OT), and zero-knowledge proof (ZKP). The PKC and KEX form the basis of most modern cryptographic systems. The OT is used in many privacy-preserving applications, e.g., DNA database query and private machine learning. Similarly, ZKP is used in a number of applications, such as a potential candidate for the next generation of blockchain algorithms.
Hardware Downloads
A zip file of the source code for this project is available for download by clicking on the download sign on the right. First, we would like to thank our sponsors who have generously supported these efforts for multiple years now. Second, many thanks to the STAM Center researchers and students, both present and former, who have contributed to the code base. These are open-source projects provided under the MIT License.
One can also access the project code through the github directory by clicking on the github icon.
