A Hardware Accelerator for Polynomial Multiplication Operation of CRYSTALS-KYBER PQC Scheme

Ferhat Yamana, Ahmet Can Mertb, Erdinç Öztürkc and Erkay Savaşd
Faculty of Engineering and Natural Sciences, Sabanci University, Istanbul, Turkey
aferhatyaman@sabanciuniv.edu
bahmetcanmert@sabanciuniv.edu
cerdinco@sabanciuniv.edu
derkays@sabanciuniv.edu

ABSTRACT


Polynomial multiplication is one of the most timeconsuming operations utilized in lattice-based post-quantum cryptography (PQC) schemes. CRYSTALS-KYBER is a latticebased key encapsulation mechanism (KEM) and it was recently announced as one of the four finalists at round three in NIST’s PQC Standardization. Therefore, efficient implementations of polynomial multiplication operation are crucial for highperformance CRYSTALS-KYBER applications. In this paper, we propose three different hardware architectures (lightweight, balanced, high-performance) that implement the NTT, Inverse NTT (INTT) and polynomial multiplication operations for the CRYSTALS-KYBER scheme. The proposed architectures include a unified butterfly structure for optimizing polynomial multiplication and can be utilized for accelerating the key generation, encryption and decryption operations of CRYSTALS-KYBER. Our high-performance hardware with 16 butterfly units shows up to 112×, 132× and 109× improved performance for NTT, INTT and polynomial multiplication, respectively, compared to the high-speed software implementations on Cortex-M4.

Keywords: CRYSTALS-KYBER, PQC, NTT, Polynomial Multiplication, Hardware.



Full Text (PDF)