Time-Area Optimized Public-Key Engines: $\mathcal{MQ}$ -Cryptosystems as Replacement for Elliptic Curves?

Bogdanov, Andrey; Eisenbarth, Thomas; Rupp, Andy; Wolf, Christopher A.

doi:10.1007/978-3-540-85053-3_4

Cited by 70 publications

(39 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that ECDSA is the most efficient of the three. However, even when comparing to signature generation in MQ and ECC, the former are a factor of 2 -50 faster on FPGA than the latter [3]. Similar results have been demonstrated for comparison with RSA and ECC in software [21], [4], [5].…”

Section: Introductionsupporting

confidence: 69%

Small Public Keys and Fast Verification for $\mathcal{M}$ ultivariate $\mathcal{Q}$ uadratic Public Key Systems

Petzoldt

Thomae

Bulygin

et al. 2011

Cryptographic Hardware and Embedded Systems – CHES 2011

Self Cite

View full text Add to dashboard Cite

Abstract. Security of public key schemes in a post-quantum world is a challenging task-as both RSA and ECC will be broken then. In this paper, we show how post-quantum signature systems based on Multivariate Quadratic (MQ) polynomials can be improved up by about 9/10, and 3/5, respectively, in terms of public key size and verification time. The exact figures are 88% and 59%. This is particularly important for smallscale devices with restricted energy, memory, or computational power. In addition, we provide evidence that this reduction does not affect security and that it is also optimal in terms of possible attacks. We do so by combining the previously unrelated concepts of reduced and equivalent keys. Our new scheme is based on the so-called Unbalanced Oil and Vinegar class of MQ-schemes. We have derived our results mathematically and verified the speed-ups through a C++ implementation.

show abstract

Section: Introductionsupporting

confidence: 69%

Small Public Keys and Fast Verification for $\mathcal{M}$ ultivariate $\mathcal{Q}$ uadratic Public Key Systems

Petzoldt

Thomae

Bulygin

et al. 2011

Cryptographic Hardware and Embedded Systems – CHES 2011

Self Cite

View full text Add to dashboard Cite

show abstract

“…Implementations of several post-quantum multivariate quadratic (MQ) signature schemes like Unbalanced Oil and Vinegar (UOV), Rainbow, and TTS were given in [BERW08]. These schemes are usually faster (factor 2-50) than ECC but also suffer from large key sizes for the private and public key (e.g., 80 Kb for UOV) [PTBW11].…”

Section: Comparison Of Our Implementations With Related Workmentioning

confidence: 99%

Efficient implementation of ideal lattice-based cryptography

Pöppelmann¹

2017

It - Information Technology

View full text Add to dashboard Cite

Digital signatures and public-key encryption are used to protect almost any secure communication channel on the Internet or between embedded devices. Currently, protocol designers and engineers usually rely on schemes that are either based on the factoring assumption (RSA) or on the hardness of the discrete logarithm problem (DSA/ECDSA). But in case of advances in classical cryptanalysis or progress on the development of quantum computers the hardness of these closely related problems might be seriously weakened. In order to prepare for such an event, research on alternatives is required to provide long-term security.In this thesis, we focus on the efficient implementation of such alternative public-key cryptosystems whose security is based on the intractability of certain computational problems on ideal lattices. While an extensive theoretical background exists for lattice-based and ideal latticebased cryptography, not much is known about the efficiency of practical instantiations, especially on constrained and cost-sensitive platforms. We thus investigate novel algorithms and implementation techniques for fast and flexible polynomial multiplication and Gaussian sampling and then use these building blocks to implement public-key encryption and signature schemes. The results provided in this thesis show that lattice-based schemes can be optimized for high performance or resource efficiency on embedded microcontrollers and reconfigurable hardware. Our implementations of a public-key encryption scheme based on the ring learning with errors problems (RLWE) or of the bimodal lattice signature scheme (BLISS) can even outperform classical ECC-and RSA-based implementations.Lattice-based cryptography can also be used to realize homomorphic cryptography that allows computation on encrypted data. However, due to the large parameter sets and complex operations required, even for simple homomorphic evaluation operations, the performance of these schemes is a major issue preventing practical usage. In this thesis we investigate options for acceleration of homomorphic cryptography in a cloud environment using reconfigurable hardware. We implement all evaluation operations of the YASHE homomorphic encryption scheme and propose methods to deal with large ciphertext and key sizes as well as limited memory bandwidth. KeywordsPost-quantum cryptography, public-key cryptosystem, embedded system, microcontroller, FPGA KurzfassungDigitale Signaturen und Public-Key-Verschlüsselung werden für den Schutz nahezu jeder sicheren Kommunikation über das Internet oder zwischen eingebetteten Systemen genutzt. Die Sicherheit basiert dabei entweder auf der Faktorisierungsannahme (RSA) oder der Annahme, dass es schwer ist, das diskrete Logarithmus-Problem (DSA/ECDSA) zu lösen. Durch Fortschritte in der klassischen Kryptoanalyse oder bei der Entwicklung von Quantencomputern könnten diese Probleme allerdings in Zukunft ernsthaft geschwächt oder gelöst werden. Daher ist Forschung zu alternativen Public-Key-Kryptosystemen erforderlich, die in ...

show abstract

“…If parameters are selected as (n, q, θ, r, a) = (84, 2,4,6,14), the length of the plaintext block is 84 bits and the length of the ciphertext block is 98 bits, it needs to add 14 external perturbations, the public key is 358,190 (3,655*98) bits, i.e. 44,774 bytes.…”

Section: Security and Parameter Selection Of Pmi+mentioning

confidence: 99%

Efficient Hardware Implementation of MQ Asymmetric Cipher PMI+ on FPGAs

Tang

Liu

Chen

et al. 2014

Information Security Practice and Experience

View full text Add to dashboard Cite

Abstract. PMI+ is a Multivariate Quadratic (MQ) public key algorithm used for encryption and decryption operations, and belongs to post quantum cryptography. We designs a hardware on FPGAs to efficiently implement PMI+ in this paper. Our main contributions are that, firstly, a hardware architecture of encryption and decryption of PMI+ is developed, and description of corresponding hardware algorithm is proposed; secondly, basic arithmetic units are implemented with higher efficiency that multiplication, squaring, vector dot product and power operation are implemented in full parallel; and thirdly, an optimized implementation for core module, including optimized large power operation, is achieved. The encryption and decryption hardware of PMI+ is efficiently realized on FPGA by the above optimization and improvement. It is verified by experiments that the designed hardware can complete an encryption operation within 497 clock cycles, and the clock frequency can be up to 145.6MHz, and the designed hardware can complete a decryption operation within 438 clock cycles wherein the clock frequency can be up to 37.04MHz.

show abstract

Time-Area Optimized Public-Key Engines: $\mathcal{MQ}$ -Cryptosystems as Replacement for Elliptic Curves?

Cited by 70 publications

References 11 publications

Small Public Keys and Fast Verification for $\mathcal{M}$ ultivariate $\mathcal{Q}$ uadratic Public Key Systems

Small Public Keys and Fast Verification for $\mathcal{M}$ ultivariate $\mathcal{Q}$ uadratic Public Key Systems

Efficient implementation of ideal lattice-based cryptography

Efficient Hardware Implementation of MQ Asymmetric Cipher PMI+ on FPGAs

Contact Info

Product

Resources

About