International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: A Compact and High-Performance Hardware Architecture for CRYSTALS-Dilithium

Authors:
Cankun Zhao , School of Integrated Circuits, Tsinghua University, Beijing, China
Neng Zhang , School of Integrated Circuits, Tsinghua University, Beijing, China
Hanning Wang , School of Integrated Circuits, Tsinghua University, Beijing, China
Bohan Yang , School of Integrated Circuits, Tsinghua University, Beijing, China
Wenping Zhu , School of Integrated Circuits, Tsinghua University, Beijing, China
Zhengdong Li , School of Integrated Circuits, Tsinghua University, Beijing, China
Min Zhu , Wuxi Micro Innovation Integrated Circuit Design Co., Ltd., Wuxi, China
Shouyi Yin , School of Integrated Circuits, Tsinghua University, Beijing, China
Shaojun Wei , School of Integrated Circuits, Tsinghua University, Beijing, China
Leibo Liu , School of Integrated Circuits, Tsinghua University, Beijing, China
Download:
DOI: 10.46586/tches.v2022.i1.270-295
URL: https://tches.iacr.org/index.php/TCHES/article/view/9297
Search ePrint
Search Google
Abstract: The lattice-based CRYSTALS-Dilithium scheme is one of the three thirdround digital signature finalists in the National Institute of Standards and Technology Post-Quantum Cryptography Standardization Process. Due to the complex calculations and highly individualized functions in Dilithium, its hardware implementations face the problems of large area requirements and low efficiency. This paper proposes several optimization methods to achieve a compact and high-performance hardware architecture for round 3 Dilithium. Specifically, a segmented pipelined processing method is proposed to reduce both the storage requirements and the processing time. Moreover, several optimized modules are designed to improve the efficiency of the proposed architecture, including a pipelined number theoretic transform module, a SampleInBall module, a Decompose module, and three modular reduction modules. Compared with state-of-the-art designs for Dilithium on similar platforms, our implementation requires 1.4×/1.4×/3.0×/4.5× fewer LUTs/FFs/BRAMs/DSPs, respectively, and 4.4×/1.7×/1.4× less time for key generation, signature generation, and signature verification, respectively, for NIST security level 5.
BibTeX
@article{tches-2021-31650,
  title={A Compact and High-Performance Hardware Architecture for CRYSTALS-Dilithium},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2022, Issue 1},
  pages={270-295},
  url={https://tches.iacr.org/index.php/TCHES/article/view/9297},
  doi={10.46586/tches.v2022.i1.270-295},
  author={Cankun Zhao and Neng Zhang and Hanning Wang and Bohan Yang and Wenping Zhu and Zhengdong Li and Min Zhu and Shouyi Yin and Shaojun Wei and Leibo Liu},
  year=2021
}