A Scalable SIMD RISC-V based Processor with Customized Vector Extensions for CRYSTALS-Kyber

Huimin Li; Nele Mentens; Stjepan Picek

Paper 2021/1648

A Scalable SIMD RISC-V based Processor with Customized Vector Extensions for CRYSTALS-Kyber

Huimin Li, Delft University of Technology, The Netherlands

Nele Mentens, Leiden University, The Netherlands; KU Leuven, Belgium

Stjepan Picek, Radboud University and Delft University of Technology, The Netherlands

Abstract

SHA-3 is considered to be one of the most secure standardized hash functions. It relies on the Keccak-f[1,600] permutation, which operates on an internal state of 1,600 bits, mostly represented as a $5 \times 5 \times 64 - b i t$ matrix. While existing implementations process the state sequentially in chunks of typically 32 or 64 bits, the Keccak-f[1,600] permutation can benefit a lot from speedup through parallelization. This paper is the first to explore the full potential of parallelization of Keccak-f[1,600] in RISC-V based processors through custom vector extensions on 32-bit and 64-bit architectures. We analyze the Keccak-f[1,600] permutation, composed of five different step mappings, and propose ten custom vector instructions to speed up the computation. We realize these extensions in a SIMD processor described in SystemVerilog. We compare the performance of our designs to existing architectures based on vectorized application-specific instruction set processors (ASIP). We show that our designs outperform all related work thanks to our carefully selected custom vector instructions.

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Preprint.
Keywords: Lattice-based Cryptography Polynomial Operation Vector Instruction SIMD Processor RISC-V ISA Extension
Contact author(s): H Li-7 @ tudelft nl
nele mentens @ kuleuven be
s picek @ tudelft nl
History: 2022-09-28: last of 4 revisions; 2021-12-17: received; See all versions
Short URL: https://ia.cr/2021/1648
License: CC BY

BibTeX

@misc{cryptoeprint:2021/1648,
      author = {Huimin Li and Nele Mentens and Stjepan Picek},
      title = {A Scalable {SIMD} {RISC}-V based Processor with Customized Vector Extensions for {CRYSTALS}-Kyber},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1648},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1648}
}