2016
DOI: 10.1007/978-3-319-49445-6_19
|View full text |Cite
|
Sign up to set email alerts
|

NewHope on ARM Cortex-M

Abstract: Recently, Alkim, Ducas, Pöppelmann, and Schwabe proposed a Ring-LWE-based key exchange protocol called NewHope [2] and illustrated that this protocol is very ecient on large Intel processors. Their paper also claims that the parameter choice enables ecient implementation on small embedded processors. In this paper we show that these claims are actually correct and present NewHope software for the ARM Cortex-M family of 32-bit microcontrollers. More specically, our software targets the low-end Cortex-M0 and the… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
56
0
3

Year Published

2017
2017
2020
2020

Publication Types

Select...
4
4
2

Relationship

1
9

Authors

Journals

citations
Cited by 57 publications
(59 citation statements)
references
References 13 publications
0
56
0
3
Order By: Relevance
“…Number Theoretic Transform (NTT) is typically used to improve the multiplication capacity [24,25,26]. Recent research on NTT applications involves with the Intel processors by Seiler [27], Lyubashevsky [28], and ARM Cortex-M4 in [29]. Kyber algorithm also applies NTT to accelerate multiplication performance.…”
Section: Ntt Modulementioning
confidence: 99%
“…Number Theoretic Transform (NTT) is typically used to improve the multiplication capacity [24,25,26]. Recent research on NTT applications involves with the Intel processors by Seiler [27], Lyubashevsky [28], and ARM Cortex-M4 in [29]. Kyber algorithm also applies NTT to accelerate multiplication performance.…”
Section: Ntt Modulementioning
confidence: 99%
“…Optimized implementations of NewHope have also been proposed and their computational performance measured on Intel platforms. Alkim et al [63] even evaluated their NewHope algorithm also in the ARM platform. However, the results have focused on computational complexity (where units have been cycle counts).…”
Section: Related Benchmarks Of Post-quantum Securitymentioning
confidence: 99%
“…NewHope also needs to sample random values from a binomial distribution . For reconciliation mechanism, we follow the method in [18] and may use non-floating-point arithmetic [34] in our future work. The overview of NewHope is described in Figure 2.…”
Section: Lizard and Ring-lizard Lizard Encryption Schemementioning
confidence: 99%