Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography

Malik Imran, Safiullah Khan, Ayesha Khalid, Ciara Rafferty, Yasir Ali Shah, Samuel Pagliarini, Muhammad Rashid, Máire O’Neill

Research output: Contribution to journalArticlepeer-review

1 Downloads (Pure)


Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This work experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: (i) A forward NTT (FNTT) architecture, (ii) An inverse NTT (INTT) architecture and (iii) A unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 FPGA and 28nm ASIC platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66x and 3.75x higher throughput/area and energy/area values respectively than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25x and 1.09x higher throughput/area and energy/area values respectively, compared to the UNTT design.
Original languageEnglish
Pages (from-to)1-4
Number of pages4
JournalIEEE Embedded Systems Letters
Publication statusPublished (in print/issue) - 6 Jun 2024

Bibliographical note

Publisher Copyright:


  • Post-quantum cryptography
  • number theoretic transform
  • polynomial multiplication
  • FPGA
  • ASIC
  • Computer architecture
  • Routing
  • Hardware
  • Polynomials
  • Registers
  • Field programmable gate arrays
  • Clocks


Dive into the research topics of 'Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography'. Together they form a unique fingerprint.

Cite this