High-Speed Polynomial Multiplication Architecture for Ring-LWE and SHE Cryptosystems

Chen, Donald Donglong; Mentens, Nele; Vercauteren, Fréderik; Roy, Sujoy Sinha; Cheung, Ray C. C.; Pao, Derek; Verbauwhede, Ingrid

doi:10.1109/tcsi.2014.2350431

Cited by 103 publications

(39 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Alternatively, researchers have used larger prime moduli with a low Hamming weight, such as the modulus p = 1049089 = 2 20 + 2 9 + 1 which has a Hamming weight of 3, [7], [40]. A modular multiplier architecture incorporating a Fermat number modulus is also proposed by [41] for use in a lattice-based primitive.…”

Section: Algorithmmentioning

confidence: 99%

“…Some research has been conducted into the design of FFT multipliers for cryptographic purposes and more specifically for use within lattice-based cryptography [40], [41], [46]. It can be seen from the previously mentioned hardware NTT multiplier architectures, that the hardware design of an efficient NTT multiplier involves several design and optimisation decisions and trade-offs.…”

Section: Algorithmmentioning

confidence: 99%

See 1 more Smart Citation

Evaluation of Large Integer Multiplication Methods on Hardware

Rafferty¹,

O’Neill

Hanley³

2017

IEEE Trans. Comput.

View full text Add to dashboard Cite

Abstract-Multipliers requiring large bit lengths have a major impact on the performance of many applications, such as cryptography, digital signal processing (DSP) and image processing. Novel, optimised designs of large integer multiplication are needed as previous approaches, such as schoolbook multiplication, may not be as feasible due to the large parameter sizes. Parameter bit lengths of up to millions of bits are required for use in cryptography, such as in lattice-based and fully homomorphic encryption (FHE) schemes. This paper presents a comparison of hardware architectures for large integer multiplication. Several multiplication methods and combinations thereof are analysed for suitability in hardware designs, targeting the FPGA platform. In particular, the first hardware architecture combining Karatsuba and Comba multiplication is proposed. Moreover, a hardware complexity analysis is conducted to give results independent of any particular FPGA platform. It is shown that hardware designs of combination multipliers, at a cost of additional hardware resource usage, can offer lower latency compared to individual multiplier designs. Indeed, the proposed novel combination hardware design of the Karatsuba-Comba multiplier offers lowest latency for integers greater than 512 bits. For large multiplicands, greater than 16384 bits, the hardware complexity analysis indicates that the NTT-Karatsuba-Schoolbook combination is most suitable.

show abstract

Section: Algorithmmentioning

confidence: 99%

Section: Algorithmmentioning

confidence: 99%

Evaluation of Large Integer Multiplication Methods on Hardware

Rafferty¹,

O’Neill

Hanley³

2017

IEEE Trans. Comput.

View full text Add to dashboard Cite

show abstract

“…For our purposes, their important property is that they work in the same integer rings as lattice cryptosystems do and, therefore, they impose no rounding errors or cipher blow-up. Consequently, NTTs can be used to efficiently perform polynomial multiplications, and they have been recently proposed as a means to speed up finite-ring polynomial multiplications: there are some cryptosystem realizations that make use of NTTs for improving the efficiency of their polynomial operations [21], [22], [23], [24], [25]. Our proposed techniques go further, by focusing on an unexplored specific subset of the available NTTs and adjusting the cryptosystem parameters accordingly, to produce new primitives that enable highly efficient implementations, as we show in the next sections.…”

Section: Number Theoretic Transforms (Ntts)mentioning

confidence: 99%

Number Theoretic Transforms for Secure Signal Processing

Pedrouzo-Ulloa

Troncoso-Pastoriza

Pérez-González

2017

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Multimedia contents are inherently sensitive signals that must be protected whenever they are outsourced to an untrusted environment. This problem becomes a challenge when the untrusted environment must perform some processing on the sensitive signals; a paradigmatic example is Cloud-based signal processing services. Approaches based on Secure Signal Processing (SSP) address this challenge by proposing novel mechanisms for signal processing in the encrypted domain and interactive secure protocols to achieve the goal of protecting signals without disclosing the sensitive information they convey.This work presents a novel and comprehensive set of approaches and primitives to efficiently process signals in an encrypted form, by using Number Theoretic Transforms (NTTs) in innovative ways. This usage of NTTs paired with appropriate signal pre-and post-coding enables a whole range of easily composable signal processing operations comprising, among others, filtering, generalized convolutions, matrix-based processing or error correcting codes. Our main focus is on unattended processing, in which no interaction from the client is needed; for implementation purposes, efficient lattice-based somewhat homomorphic cryptosystems are used. We exemplify these approaches and evaluate their performance and accuracy, proving that the proposed framework opens up a wide variety of new applications for secured outsourced-processing of multimedia contents.

show abstract

“…However, to our knowledge, there are only a few research works on the architectures for NTT [31], [32], [33], and they are either area-consuming or slow. Thus the design of number theoretic FFT/IFFT architecture which fits for FFTM 3 is required.…”

Section: Architecture For Fft/ifftmentioning

confidence: 99%

Parameter Space for the Architecture of FFT-Based Montgomery Modular Multiplication

Chen

Yao

Cheung

et al. 2016

IEEE Trans. Comput.

Self Cite

View full text Add to dashboard Cite

Modular multiplication is the core operation in public-key cryptographic algorithms such as RSA and the Diffie-Hellman algorithm. The efficiency of the modular multiplier plays a crucial role in the performance of these cryptographic methods. In this paper, improvements to FFT-based Montgomery Modular Multiplication (FFTM 3 ) using carry-save arithmetic and pre-computation techniques are presented. Moreover, pseudo-Fermat number transform is used to enrich the supported operand sizes for the FFTM 3 . The asymptotic complexity of our method is O(l log l log log l), which is the same as the Schönhage-Strassen multiplication Algorithm (SSA). A systematic procedure to select suitable parameter set for the FFTM 3 is provided. Prototypes of the improved FFTM 3 multiplier with appropriate parameter sets are implemented on Xilinx Virtex-6 FPGA. Our method can perform 3100-bit and 4124-bit modular multiplications in 6.74 µs and 7.78 µs, respectively. It offers better computation latency and area-latency product compared to the state-of-the-art methods for operand size of 3072-bit and above.

show abstract

High-Speed Polynomial Multiplication Architecture for Ring-LWE and SHE Cryptosystems

Cited by 103 publications

References 35 publications

Evaluation of Large Integer Multiplication Methods on Hardware

Evaluation of Large Integer Multiplication Methods on Hardware

Number Theoretic Transforms for Secure Signal Processing

Parameter Space for the Architecture of FFT-Based Montgomery Modular Multiplication

Contact Info

Product

Resources

About