Comparison of RISC-V and transport triggered architectures for a postquantum cryptography application

Cryptography is one of the basic phenomena of security systems. However, some of the widely used public- key cryptography algorithms can be broken by using quantum computers. Therefore, many postquantum cryptography algorithms are proposed in recent years to handle this issue. NTRU (Nth degree truncated polynomial ring units) is one of the most important of these quantum-safe algorithms. Besides the importance of cryptography algorithms, the architecture where they are implemented is also essential. In this study, we developed an NTRU public key cryptosystem application and designed several processors to compare them in many aspects. We address two different architectures in this work. The RISC-V (reduced instruction set computer-V) is chosen as it is the most lately version of classical RISC architecture. As competitor to this, we preferred transport triggered architecture (TTA) which offers high level customization and scalability. Details of all different implementations and the test results obtained with them are shared and discussed

PDF

___

1] Stallings W. Cryptography and Network Security: Principles and Practice. Upper Saddle River, NJ, USA: Pearson, 2017.
[2] Bhanot R, Rahul H. A review and comparative analysis of various encryption algorithms. International Journal of 21 Security and Its Applications 9.4 2015; 9: 289-306.
[3] Bos J, Kaihara M, Kleinjung T, Lenstra A, Montgomery P. On the security of 1024-bit RSA and 160-bit elliptic curve cryptography. IACR Cryptology ePrint Archive 2009; 389.
[4] Bernstein DJ. Introduction to post-quantum cryptography. In: Bernstein Daniel J, Buchmann J, Dahmen E (editors). Post-Quantum Cryptography. Heidelberg, Berlin: Springer, 2009, pp. 1-14.
[5] Hoffstein J, Pipher J, Joseph H S. NTRU: A ring-based public key ryptosystem. In: Buhler J.P. (editor) Algorithmic Number Theory. ANTS. Lecture Notes in Computer Science, vol 1423. Heidelberg, Berlin: Springer, 1998, pp. 267- 288.
[6] Yan S Y. Integer factorization and discrete logarithms. In: Yan Song Y (editor). Primality Testing and Integer Factorization in Public-Key Cryptography. Boston, MA, USA: Springer, 2009, pp. 209-285.
[7] Waterman A, Lee Y, Patterson D.A, Asanovi K. The RISC-V Instruction Set Manual, Volume I: Base User-Level ISA. Department of Electrical Engineering and Computer Sciences University of Berkeley at California, Technical Report No. UCB/EECS-2014-54. California, USA: 2014.
[8] Corporaal H. Design of transport triggered architectures. In: Proceedings of 4th Great Lakes Symposium on VLSI. Notre Dame, USA; IEEE, 1994. pp. 130-135. doi: 10.1109/GLSV.1994.289981.
[9] Alexandru N, Joseph A. F. Measuring the parallelism available for very long instruction word architectures. In: IEEE Transactions on Computers, vol. C-33, no. 11, 1984. 968-976 doi:10.1109/TC.1984.1676371
[10] Jääskeläinen P, Tervo A, Vayá G. P, Viitanen T, Behmann N, et al. Transport-triggered oft cores. In: 2018 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW). Vancouver, BC; IEEE, 2018. doi: 10.1109/IPDPSW.2018.00022
[11] Yifan H, She D, Mesman B, Corporaal H. MOVE-Pro: A low power and high code density TTA architecture. In: 2011 International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation, SAMOS. IEEE, 2011. pp. 294-301. doi: 10.1109/SAMOS.2011.6045474
[12] Kaps J. Cryptography for Ultra-Low Power Devices. PhD, Worcester Polytechnic Institute, MA, USA, May 2006.
[13] Atici A.C, Batina L, Fan J, Verbauwhede I, Yalcin S.B. Low-cost implementations of NTRU for pervasive security. In: International Conference on Application-Specific Systems, Architectures and Processors. Leuven; IEEE, 2008. pp. 79-84. doi: 10.1109/ASAP.2008.4580158.
[14] Hermans J, Vercauteren F, Preneel B. Speed records for NTRU. Cryptographers’ track at the RSA conference. Lecture Notes in Computer Science, vol 5985; Heidelberg, Berlin, Germany: Springer, 2010, pp.73-88.
[15] Dai W, Doröz Y, Sunar B. Accelerating NTRU based homomorphic encryption using GPUs. In: 2014 IEEE High Performance Extreme Computing Conference (HPEC). Waltham, MA; IEEE, 2014. pp. 1-6.
[16] Kleinjung T, Aoki K, Franke J, Lenstra A.K, Thomé E et al. Factorization of a 768-bit RSA modulus. In: Annual Cryptology Conference. Heidelberg, Berlin: Springer, 2010. pp. 333-350.
[17] Peter W. S. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Journal on Computing (5), 1997. 1484-1509. doi:10.1137/s0097539795293172
[18] Micciancio D. On the hardness of the shortest vector problem. PhD, Massachusetts Institute of Technology, MA, USA, 1998
19] Ajtai M. Generating hard instances of lattice problems. In: Proceedings of the Twenty-eighth Annual ACM Symposium on Theory of Computing. Philadelphia, Pennsylvania, USA, 1996. pp. 99-108.
[20] Micciancio D. The hardness of the closest vector problem with preprocessing. In: IEEE Transactions on Information Theory 47.3; 2001. pp. 1212-1215.
[21] Chris P. Public-key cryptosystems from the worst-case shortest vector problem. In: Proceedings of the Forty-first Annual ACM Symposium on Theory of Computing. ACM, 2009.
[22] O’Rourke C, Sunar B. Achieving NTRU with Montgomery multiplication. In: IEEE Transactions on Computers 52.4, 2003. pp. 440-448.
[23] Anton I, Kyurkchiev N, Asen Rahnev. A note on adaptation of the Knuth ′ s extended Euclidean algorithm for computing multiplicative inverse. International Journal of Pure and Applied Mathematics 118.2, 2018. 281-290. doi:10.12732/ijpam.v118i2.13
[24] Akcay L, Tukel M, Ors B. Design and implementation of an OpenRISC system-on-chip with an encryption pe- ripheral. In: IEEE European Conference on Circuit Theory and Design (ECCTD); Catania; 2017. pp. 1-4. doi: 10.1109/ECCTD.2017.8093340
[25] Mäntyneva J. Automated Design Space Exploration of Transport Triggered Architectures. PhD, Tampere University of Technology, Tampere, Finland, 2009.
[26] Jääskeläinen P, Esko O, Kultala H, Guzma V, Salminen E et al. TTA-based Co-design Environment v1.18 User Manual. Department of Pervasive Computing, Tampere University of Technology, Finland, 2018.
[27] Traber A, Gautschi M. PULPino: Datasheet. ETH Zurich, University of Bologna, 2017.
[28] Schiavone PD, Conti F, Rossi D, Gautschi M, Pullini A et al. Slow and steady wins the race? A comparison of ultra-low-power risc-v cores for internet-of-things applications. In: 2017 27th International Symposium on Power and Timing Modeling, Optimization and Simulation (PATMOS); Thessaloniki, Greece; 2017. pp. 1-8. doi: 10.1109/PATMOS.2017.8106976
[29] Przybus B. Xilinx redefines power, performance, and design productivity with three new 28 nm fpga families: Virtex-7, kintex-7, and artix-7 devices. Xilinx White Paper WP373 (v1.0), 2010. [30] Tom F. Vivado design suite. Xilinx White Paper WP416 (v1.1), 2012.