Loading…

Algorithm-Hardware Co-Design of Split-Radix Discrete Galois Transformation for KyberKEM

KyberKEM is one of the final round key encapsulation mechanisms in the NIST post-quantum cryptography competition. Number theoretic transform (NTT), as the computing bottleneck of KyberKEM, has been widely studied. Discrete Galois Transformation (DGT) is a variant of NTT that reduces transform lengt...

Full description

Saved in:

Bibliographic Details
Published in:	IEEE transactions on emerging topics in computing 2023-10, Vol.11 (4), p.1-15
Main Authors:	Li, Guangyan, Chen, Donglong, Mao, Gaoyu, Dai, Wangchen, Sanka, Abdurrashid Ibrahim, Cheung, Ray C.C.
Format:	Article
Language:	English
Subjects:	Algorithms Co-design Complexity theory Computation Computer architecture Convolution Design Discrete galois transform Field programmable gate arrays FPGA Hardware key encapsulation mechanism Microprocessors negative wrapped convolution NIST Permutations Polynomials post-quantum cryptography Quantum cryptography split-radix State of the art Transformations Transforms
Citations:	Items that this one cites
Online Access:	Request full text
Tags:	Add Tag No Tags, Be the first to tag this record!

cited_by
cites	cdi_FETCH-LOGICAL-c246t-f4bf3921c9121b007544a53d635781876909cf59f11fdf84c0c11fa39a2307743
container_end_page	15
container_issue	4
container_start_page	1
container_title	IEEE transactions on emerging topics in computing
container_volume	11
creator	Li, Guangyan Chen, Donglong Mao, Gaoyu Dai, Wangchen Sanka, Abdurrashid Ibrahim Cheung, Ray C.C.
description	KyberKEM is one of the final round key encapsulation mechanisms in the NIST post-quantum cryptography competition. Number theoretic transform (NTT), as the computing bottleneck of KyberKEM, has been widely studied. Discrete Galois Transformation (DGT) is a variant of NTT that reduces transform length into half but requires more multiplication operations than the latest NTT algorithm in theoretical analysis. This paper proposes the split-radix DGT, a novel DGT variant utilizing the split-radix method, to reduce the computing complexity without compromising the transform length. Specifically, for length-128 polynomial, the split-radix DGT algorithm saves at least 10% multiplication operations compared with the latest NTT algorithm in theoretical analysis. Furthermore, we proposed a unified split-radix DGT processor with the dedicated stream permutation network for KyberKEM and implemented it on the Xilinx Artix-7 FPGA. The processor achieves at least 49.4% faster transformation and 65.3% faster component-wise multiplication, with at most 87% and 32% LUT-NTT area-time product and LUT-CWM area-time product, compared with the state-of-the-art polynomial multipliers in KyberKEM with the same BFU setting on similar platforms. Lastly, we designed a highly efficient KyberKEM architecture using the proposed split-radix DGT processor. The implementation results on Artix-7 FPGA show significant performance improvements over the state-of-the-art KyberKEM designs.
doi_str_mv	10.1109/TETC.2023.3270971
format	article
fullrecord	<record><control><sourceid>proquest_ESBDL</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TETC_2023_3270971</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10114669</ieee_id><sourcerecordid>2899465754</sourcerecordid><originalsourceid>FETCH-LOGICAL-c246t-f4bf3921c9121b007544a53d635781876909cf59f11fdf84c0c11fa39a2307743</originalsourceid><addsrcrecordid>eNpNkEFPAjEQhTdGEwnyA0w8NPG82Gm77fZIAMGAMVGMx6bstlgCW2yXKP_eEjgwl3mH995Mviy7B9wHwPJpMV4M-wQT2qdEYCngKusQ4GXORYGvL_Rt1otxjdOUwCUXnexrsFn54NrvbT7Vof7VwaChz0cmulWDvEUfu41r83dduz80crEKpjVoojfeRbQIuonWh61unW9QUmh2WJowG7_eZTdWb6LpnXc3-3xOX07z-dvkZTiY5xVhvM0tW1oqCVQSCCwxFgVjuqA1p4UooRRcYlnZQloAW9uSVbhKSlOpCcVCMNrNHk-9u-B_9ia2au33oUknFSmlZLxIlckFJ1cVfIzBWLULbqvDQQFWR4TqiFAdEaozwpR5OGWcMebCD8A4l_QfpRhrJg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2899465754</pqid></control><display><type>article</type><title>Algorithm-Hardware Co-Design of Split-Radix Discrete Galois Transformation for KyberKEM</title><source>IEEE Xplore Open Access Journals</source><creator>Li, Guangyan ; Chen, Donglong ; Mao, Gaoyu ; Dai, Wangchen ; Sanka, Abdurrashid Ibrahim ; Cheung, Ray C.C.</creator><creatorcontrib>Li, Guangyan ; Chen, Donglong ; Mao, Gaoyu ; Dai, Wangchen ; Sanka, Abdurrashid Ibrahim ; Cheung, Ray C.C.</creatorcontrib><description>KyberKEM is one of the final round key encapsulation mechanisms in the NIST post-quantum cryptography competition. Number theoretic transform (NTT), as the computing bottleneck of KyberKEM, has been widely studied. Discrete Galois Transformation (DGT) is a variant of NTT that reduces transform length into half but requires more multiplication operations than the latest NTT algorithm in theoretical analysis. This paper proposes the split-radix DGT, a novel DGT variant utilizing the split-radix method, to reduce the computing complexity without compromising the transform length. Specifically, for length-128 polynomial, the split-radix DGT algorithm saves at least 10% multiplication operations compared with the latest NTT algorithm in theoretical analysis. Furthermore, we proposed a unified split-radix DGT processor with the dedicated stream permutation network for KyberKEM and implemented it on the Xilinx Artix-7 FPGA. The processor achieves at least 49.4% faster transformation and 65.3% faster component-wise multiplication, with at most 87% and 32% LUT-NTT area-time product and LUT-CWM area-time product, compared with the state-of-the-art polynomial multipliers in KyberKEM with the same BFU setting on similar platforms. Lastly, we designed a highly efficient KyberKEM architecture using the proposed split-radix DGT processor. The implementation results on Artix-7 FPGA show significant performance improvements over the state-of-the-art KyberKEM designs.</description><identifier>ISSN: 2168-6750</identifier><identifier>EISSN: 2168-6750</identifier><identifier>DOI: 10.1109/TETC.2023.3270971</identifier><identifier>CODEN: ITETBT</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Algorithms ; Co-design ; Complexity theory ; Computation ; Computer architecture ; Convolution ; Design ; Discrete galois transform ; Field programmable gate arrays ; FPGA ; Hardware ; key encapsulation mechanism ; Microprocessors ; negative wrapped convolution ; NIST ; Permutations ; Polynomials ; post-quantum cryptography ; Quantum cryptography ; split-radix ; State of the art ; Transformations ; Transforms</subject><ispartof>IEEE transactions on emerging topics in computing, 2023-10, Vol.11 (4), p.1-15</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c246t-f4bf3921c9121b007544a53d635781876909cf59f11fdf84c0c11fa39a2307743</cites><orcidid>0000-0002-6764-0729 ; 0000-0001-5357-7442 ; 0000-0002-8399-9467 ; 0000-0001-7403-3081 ; 0000-0002-1664-5108 ; 0000-0002-5192-1649</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10114669$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,27633,27924,27925,54796,54933</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10114669$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Li, Guangyan</creatorcontrib><creatorcontrib>Chen, Donglong</creatorcontrib><creatorcontrib>Mao, Gaoyu</creatorcontrib><creatorcontrib>Dai, Wangchen</creatorcontrib><creatorcontrib>Sanka, Abdurrashid Ibrahim</creatorcontrib><creatorcontrib>Cheung, Ray C.C.</creatorcontrib><title>Algorithm-Hardware Co-Design of Split-Radix Discrete Galois Transformation for KyberKEM</title><title>IEEE transactions on emerging topics in computing</title><addtitle>TETC</addtitle><description>KyberKEM is one of the final round key encapsulation mechanisms in the NIST post-quantum cryptography competition. Number theoretic transform (NTT), as the computing bottleneck of KyberKEM, has been widely studied. Discrete Galois Transformation (DGT) is a variant of NTT that reduces transform length into half but requires more multiplication operations than the latest NTT algorithm in theoretical analysis. This paper proposes the split-radix DGT, a novel DGT variant utilizing the split-radix method, to reduce the computing complexity without compromising the transform length. Specifically, for length-128 polynomial, the split-radix DGT algorithm saves at least 10% multiplication operations compared with the latest NTT algorithm in theoretical analysis. Furthermore, we proposed a unified split-radix DGT processor with the dedicated stream permutation network for KyberKEM and implemented it on the Xilinx Artix-7 FPGA. The processor achieves at least 49.4% faster transformation and 65.3% faster component-wise multiplication, with at most 87% and 32% LUT-NTT area-time product and LUT-CWM area-time product, compared with the state-of-the-art polynomial multipliers in KyberKEM with the same BFU setting on similar platforms. Lastly, we designed a highly efficient KyberKEM architecture using the proposed split-radix DGT processor. The implementation results on Artix-7 FPGA show significant performance improvements over the state-of-the-art KyberKEM designs.</description><subject>Algorithms</subject><subject>Co-design</subject><subject>Complexity theory</subject><subject>Computation</subject><subject>Computer architecture</subject><subject>Convolution</subject><subject>Design</subject><subject>Discrete galois transform</subject><subject>Field programmable gate arrays</subject><subject>FPGA</subject><subject>Hardware</subject><subject>key encapsulation mechanism</subject><subject>Microprocessors</subject><subject>negative wrapped convolution</subject><subject>NIST</subject><subject>Permutations</subject><subject>Polynomials</subject><subject>post-quantum cryptography</subject><subject>Quantum cryptography</subject><subject>split-radix</subject><subject>State of the art</subject><subject>Transformations</subject><subject>Transforms</subject><issn>2168-6750</issn><issn>2168-6750</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNpNkEFPAjEQhTdGEwnyA0w8NPG82Gm77fZIAMGAMVGMx6bstlgCW2yXKP_eEjgwl3mH995Mviy7B9wHwPJpMV4M-wQT2qdEYCngKusQ4GXORYGvL_Rt1otxjdOUwCUXnexrsFn54NrvbT7Vof7VwaChz0cmulWDvEUfu41r83dduz80crEKpjVoojfeRbQIuonWh61unW9QUmh2WJowG7_eZTdWb6LpnXc3-3xOX07z-dvkZTiY5xVhvM0tW1oqCVQSCCwxFgVjuqA1p4UooRRcYlnZQloAW9uSVbhKSlOpCcVCMNrNHk-9u-B_9ia2au33oUknFSmlZLxIlckFJ1cVfIzBWLULbqvDQQFWR4TqiFAdEaozwpR5OGWcMebCD8A4l_QfpRhrJg</recordid><startdate>20231001</startdate><enddate>20231001</enddate><creator>Li, Guangyan</creator><creator>Chen, Donglong</creator><creator>Mao, Gaoyu</creator><creator>Dai, Wangchen</creator><creator>Sanka, Abdurrashid Ibrahim</creator><creator>Cheung, Ray C.C.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-6764-0729</orcidid><orcidid>https://orcid.org/0000-0001-5357-7442</orcidid><orcidid>https://orcid.org/0000-0002-8399-9467</orcidid><orcidid>https://orcid.org/0000-0001-7403-3081</orcidid><orcidid>https://orcid.org/0000-0002-1664-5108</orcidid><orcidid>https://orcid.org/0000-0002-5192-1649</orcidid></search><sort><creationdate>20231001</creationdate><title>Algorithm-Hardware Co-Design of Split-Radix Discrete Galois Transformation for KyberKEM</title><author>Li, Guangyan ; Chen, Donglong ; Mao, Gaoyu ; Dai, Wangchen ; Sanka, Abdurrashid Ibrahim ; Cheung, Ray C.C.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c246t-f4bf3921c9121b007544a53d635781876909cf59f11fdf84c0c11fa39a2307743</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Algorithms</topic><topic>Co-design</topic><topic>Complexity theory</topic><topic>Computation</topic><topic>Computer architecture</topic><topic>Convolution</topic><topic>Design</topic><topic>Discrete galois transform</topic><topic>Field programmable gate arrays</topic><topic>FPGA</topic><topic>Hardware</topic><topic>key encapsulation mechanism</topic><topic>Microprocessors</topic><topic>negative wrapped convolution</topic><topic>NIST</topic><topic>Permutations</topic><topic>Polynomials</topic><topic>post-quantum cryptography</topic><topic>Quantum cryptography</topic><topic>split-radix</topic><topic>State of the art</topic><topic>Transformations</topic><topic>Transforms</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Li, Guangyan</creatorcontrib><creatorcontrib>Chen, Donglong</creatorcontrib><creatorcontrib>Mao, Gaoyu</creatorcontrib><creatorcontrib>Dai, Wangchen</creatorcontrib><creatorcontrib>Sanka, Abdurrashid Ibrahim</creatorcontrib><creatorcontrib>Cheung, Ray C.C.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE/IET Electronic Library</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on emerging topics in computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Li, Guangyan</au><au>Chen, Donglong</au><au>Mao, Gaoyu</au><au>Dai, Wangchen</au><au>Sanka, Abdurrashid Ibrahim</au><au>Cheung, Ray C.C.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Algorithm-Hardware Co-Design of Split-Radix Discrete Galois Transformation for KyberKEM</atitle><jtitle>IEEE transactions on emerging topics in computing</jtitle><stitle>TETC</stitle><date>2023-10-01</date><risdate>2023</risdate><volume>11</volume><issue>4</issue><spage>1</spage><epage>15</epage><pages>1-15</pages><issn>2168-6750</issn><eissn>2168-6750</eissn><coden>ITETBT</coden><abstract>KyberKEM is one of the final round key encapsulation mechanisms in the NIST post-quantum cryptography competition. Number theoretic transform (NTT), as the computing bottleneck of KyberKEM, has been widely studied. Discrete Galois Transformation (DGT) is a variant of NTT that reduces transform length into half but requires more multiplication operations than the latest NTT algorithm in theoretical analysis. This paper proposes the split-radix DGT, a novel DGT variant utilizing the split-radix method, to reduce the computing complexity without compromising the transform length. Specifically, for length-128 polynomial, the split-radix DGT algorithm saves at least 10% multiplication operations compared with the latest NTT algorithm in theoretical analysis. Furthermore, we proposed a unified split-radix DGT processor with the dedicated stream permutation network for KyberKEM and implemented it on the Xilinx Artix-7 FPGA. The processor achieves at least 49.4% faster transformation and 65.3% faster component-wise multiplication, with at most 87% and 32% LUT-NTT area-time product and LUT-CWM area-time product, compared with the state-of-the-art polynomial multipliers in KyberKEM with the same BFU setting on similar platforms. Lastly, we designed a highly efficient KyberKEM architecture using the proposed split-radix DGT processor. The implementation results on Artix-7 FPGA show significant performance improvements over the state-of-the-art KyberKEM designs.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TETC.2023.3270971</doi><tpages>15</tpages><orcidid>https://orcid.org/0000-0002-6764-0729</orcidid><orcidid>https://orcid.org/0000-0001-5357-7442</orcidid><orcidid>https://orcid.org/0000-0002-8399-9467</orcidid><orcidid>https://orcid.org/0000-0001-7403-3081</orcidid><orcidid>https://orcid.org/0000-0002-1664-5108</orcidid><orcidid>https://orcid.org/0000-0002-5192-1649</orcidid></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 2168-6750
ispartof	IEEE transactions on emerging topics in computing, 2023-10, Vol.11 (4), p.1-15
issn	2168-6750 2168-6750
language	eng
recordid	cdi_crossref_primary_10_1109_TETC_2023_3270971
source	IEEE Xplore Open Access Journals
subjects	Algorithms Co-design Complexity theory Computation Computer architecture Convolution Design Discrete galois transform Field programmable gate arrays FPGA Hardware key encapsulation mechanism Microprocessors negative wrapped convolution NIST Permutations Polynomials post-quantum cryptography Quantum cryptography split-radix State of the art Transformations Transforms
title	Algorithm-Hardware Co-Design of Split-Radix Discrete Galois Transformation for KyberKEM
url	http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-30T21%3A05%3A39IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ESBDL&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Algorithm-Hardware%20Co-Design%20of%20Split-Radix%20Discrete%20Galois%20Transformation%20for%20KyberKEM&rft.jtitle=IEEE%20transactions%20on%20emerging%20topics%20in%20computing&rft.au=Li,%20Guangyan&rft.date=2023-10-01&rft.volume=11&rft.issue=4&rft.spage=1&rft.epage=15&rft.pages=1-15&rft.issn=2168-6750&rft.eissn=2168-6750&rft.coden=ITETBT&rft_id=info:doi/10.1109/TETC.2023.3270971&rft_dat=%3Cproquest_ESBDL%3E2899465754%3C/proquest_ESBDL%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c246t-f4bf3921c9121b007544a53d635781876909cf59f11fdf84c0c11fa39a2307743%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2899465754&rft_id=info:pmid/&rft_ieee_id=10114669&rfr_iscdi=true