Paper 2020/1067

A Constant Time Full Hardware Implementation of Streamlined NTRU Prime

Adrian Marotzke

Abstract

This paper presents a constant time hardware implementation of the NIST round 2 post-quantum cryptographic algorithm Streamlined NTRU Prime. We implement the entire KEM algorithm, including all steps for key generation, encapsulation and decapsulation, and all en- and decoding. We focus on optimizing the resources used, as well as applying optimization and parallelism available due to the hardware design. We show the core en- and decapsulation requires only a fraction of the total FPGA fabric resource cost, which is dominated by that of the hash function, and the en- and decoding algorithm. For the NIST Security Level 3, our implementation uses a total of 1841 slices on a Xilinx Zynq Ultrascale+ FPGA, together with 14 BRAMs and 19 DSPs. The maximum achieved frequency is 271 MHz, at which the key generation, encapsulation and decapsulation take 4808 μs, 524 μs and 958 μs respectively. To our knowledge, this work is the first full hardware implementation where the entire algorithm is implemented.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Minor revision. CARDIS 2020
Contact author(s)
adrian marotzke @ tuhh de
History
2020-11-05: last of 3 revisions
2020-09-03: received
See all versions
Short URL
https://ia.cr/2020/1067
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1067,
      author = {Adrian Marotzke},
      title = {A Constant Time Full Hardware Implementation of Streamlined NTRU Prime},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1067},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1067}},
      url = {https://eprint.iacr.org/2020/1067}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.