Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography

Malik Imran; Safiullah Khan; Ayesha Khalid; Ciara Rafferty; Yasir Ali Shah; Samuel Pagliarini; Muhammad Rashid; Máire O’Neill

doi:10.1109/LES.2024.3410516

Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography

Malik Imran
, Safiullah Khan
, Ayesha Khalid
, Ciara Rafferty
, Yasir Ali Shah
, Samuel Pagliarini
, Muhammad Rashid
, Máire O’Neill

Research output: Contribution to journal › Article › peer-review

16 Citations (Scopus)

98 Downloads (Pure)

Abstract

Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This letter experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: 1) a forward NTT (FNTT) architecture; 2) an inverse NTT (INTT) architecture; and 3) a unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 field-programmable gate array (FPGA) and 28-nm application-specific integrated circuit (ASIC) platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66 × and 3.75 × higher throughput/area and energy/area values, respectively, than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25 × and 1.09 × higher throughput/area and energy/area values, respectively, compared to the UNTT design.

Original language	English
Pages (from-to)	485-488
Number of pages	4
Journal	IEEE Embedded Systems Letters
Volume	16
Issue number	4
Early online date	6 Jun 2024
DOIs	https://doi.org/10.1109/LES.2024.3410516
Publication status	Published (in print/issue) - 31 Dec 2024

Bibliographical note

Publisher Copyright:
© 2009-2012 IEEE.

Funding

This work was supported by the Engineering and Physical Sciences Research Council (EPSRC) Quantum Communications Hub under Grant EP/T001011/1.

Funders	Funder number
Engineering and Physical Sciences Research Council	EP/T001011/1

Keywords

Post-quantum cryptography
number theoretic transform
polynomial multiplication
FPGA
ASIC
Computer architecture
Routing
Hardware
Polynomials
Registers
Field programmable gate arrays
Clocks
post-quantum cryptography
Application-specific integrated circuit (ASIC)
field-programmable gate array (FPGA)
number theoretic transform (NTT)

Access to Document

10.1109/LES.2024.3410516

manuscript-acceptedAuthor Accepted Manuscript, 951 KB

Cite this

@article{665580601c6049989d82bb442a45c146,

title = "Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography",

abstract = "Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This letter experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: 1) a forward NTT (FNTT) architecture; 2) an inverse NTT (INTT) architecture; and 3) a unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 field-programmable gate array (FPGA) and 28-nm application-specific integrated circuit (ASIC) platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66 × and 3.75 × higher throughput/area and energy/area values, respectively, than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25 × and 1.09 × higher throughput/area and energy/area values, respectively, compared to the UNTT design.",

keywords = "Post-quantum cryptography, number theoretic transform, polynomial multiplication, FPGA, ASIC, Computer architecture, Routing, Hardware, Polynomials, Registers, Field programmable gate arrays, Clocks, post-quantum cryptography, Application-specific integrated circuit (ASIC), field-programmable gate array (FPGA), number theoretic transform (NTT)",

author = "Malik Imran and Safiullah Khan and Ayesha Khalid and Ciara Rafferty and Shah, \{Yasir Ali\} and Samuel Pagliarini and Muhammad Rashid and M{\'a}ire O{\textquoteright}Neill",

note = "Publisher Copyright: {\textcopyright} 2009-2012 IEEE.",

year = "2024",

month = dec,

day = "31",

doi = "10.1109/LES.2024.3410516",

language = "English",

volume = "16",

pages = "485--488",

journal = "IEEE Embedded Systems Letters",

issn = "1943-0663",

publisher = "IEEE",

number = "4",

}

TY - JOUR

T1 - Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography

AU - Imran, Malik

AU - Khan, Safiullah

AU - Khalid, Ayesha

AU - Rafferty, Ciara

AU - Shah, Yasir Ali

AU - Pagliarini, Samuel

AU - Rashid, Muhammad

AU - O’Neill, Máire

PY - 2024/12/31

Y1 - 2024/12/31

N2 - Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This letter experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: 1) a forward NTT (FNTT) architecture; 2) an inverse NTT (INTT) architecture; and 3) a unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 field-programmable gate array (FPGA) and 28-nm application-specific integrated circuit (ASIC) platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66 × and 3.75 × higher throughput/area and energy/area values, respectively, than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25 × and 1.09 × higher throughput/area and energy/area values, respectively, compared to the UNTT design.

AB - Unifying the forward and inverse operations of the number theoretic transform (NTT) into a single hardware module is a common practice when designing polynomial coefficient multiplier accelerators as used in the post-quantum cryptographic algorithms. This letter experimentally evaluates that this design unification is not always advantageous. In this context, we present three NTT hardware architectures: 1) a forward NTT (FNTT) architecture; 2) an inverse NTT (INTT) architecture; and 3) a unified NTT (UNTT) architecture for computing the FNTT and INTT computations on a single design. We benchmark our throughput/area and energy/area evaluations on Xilinx Virtex-7 field-programmable gate array (FPGA) and 28-nm application-specific integrated circuit (ASIC) platforms. The standalone FNTT and INTT designs, on average on FPGA, exhibit 4.66 × and 3.75 × higher throughput/area and energy/area values, respectively, than the UNTT design. Similarly, the individual FNTT and INTT designs, on average on ASIC, achieve 1.25 × and 1.09 × higher throughput/area and energy/area values, respectively, compared to the UNTT design.

KW - Post-quantum cryptography

KW - number theoretic transform

KW - polynomial multiplication

KW - FPGA

KW - ASIC

KW - Computer architecture

KW - Routing

KW - Hardware

KW - Polynomials

KW - Registers

KW - Field programmable gate arrays

KW - Clocks

KW - post-quantum cryptography

KW - Application-specific integrated circuit (ASIC)

KW - field-programmable gate array (FPGA)

KW - number theoretic transform (NTT)

UR - https://www.scopus.com/pages/publications/85195426343

UR - https://pure.ulster.ac.uk/en/publications/66558060-1c60-4998-9d82-bb442a45c146

U2 - 10.1109/LES.2024.3410516

DO - 10.1109/LES.2024.3410516

M3 - Article

SN - 1943-0663

VL - 16

SP - 485

EP - 488

JO - IEEE Embedded Systems Letters

JF - IEEE Embedded Systems Letters

IS - 4

ER -

Evaluating NTT/INTT Implementation Styles for Post-Quantum Cryptography

Abstract

Bibliographical note

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this