14. Aug. 2013 Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu.

Slides:

Advertisements

Similar presentations

FPGA and ASIC Technology Comparison - 1 © 2009 Xilinx, Inc. All Rights Reserved FPGA and ASIC Technology Comparison, Part 2.

Advertisements

FPGA (Field Programmable Gate Array)

Hao wang and Jyh-Charn (Steve) Liu

Subthreshold SRAM Designs for Cryptography Security Computations Adnan Gutub The Second International Conference on Software Engineering and Computer Systems.

Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?

CryptoBlaze: 8-Bit Security Microcontroller. Quick Start Training Agenda What is CryptoBlaze? KryptoKit GF(2 m ) Multiplier Customize CryptoBlaze Attacks.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

Statistical Tools Flavor Side-Channel Collision Attacks

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

A reconfigurable system featuring dynamically extensible embedded microprocessor, FPGA, and customizable I/O Borgatti, M. Lertora, F. Foret, B. Cali, L.

Architectural Improvement for Field Programmable Counter Array: Enabling Efficient Synthesis of Fast Compressor Trees on FPGA Alessandro Cevrero 1,2 Panagiotis.

Graduate Computer Architecture I Lecture 15: Intro to Reconfigurable Devices.

Digital Signal Processing and Field Programmable Gate Arrays By: Peter Holko.

EECE579: Digital Design Flows

Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.

Lecture 26: Reconfigurable Computing May 11, 2004 ECE 669 Parallel Computer Architecture Reconfigurable Computing.

FPGA chips and DSP Algorithms By Emily Fabes. 2 Agenda FPGA Background Reasons to use FPGA’s Advantages and disadvantages of using FPGA’s Sample VHDL.

Design of a Reconfigurable Hardware For Efficient Implementation of Secret Key and Public Key Cryptography.

Configurable System-on-Chip: Xilinx EDK

Technion – Israel Institute of Technology Department of Electrical Engineering High Speed Digital Systems Lab Project performed by: Naor Huri Idan Shmuel.

The Memory/Logic Interface in FPGA’s with Large Embedded Memory Arrays The Memory/Logic Interface in FPGA’s with Large Embedded Memory Arrays Steven J.

Company LOGO Hashing System based on MD5 Algorithm Characterization Students: Eyal Mendel & Aleks Dyskin Instructor: Evgeny Fiksman High Speed Digital.

UCB November 8, 2001 Krishna V Palem Proceler Inc. Customization Using Variable Instruction Sets Krishna V Palem CTO Proceler Inc.

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Introduction to Computer and Network Security Iliano Cervesato 26 August 2008 – Modern Cryptography.

Introduction to FPGA and DSPs Joe College, Chris Doyle, Ann Marie Rynning.

Using FPGAs with Embedded Processors for Complete Hardware and Software Systems Jonah Weber May 2, 2006.

Field Programmable Gate Array (FPGA) Layout An FPGA consists of a large array of Configurable Logic Blocks (CLBs) - typically 1,000 to 8,000 CLBs per chip.

FPGA Based Fuzzy Logic Controller for Semi- Active Suspensions Aws Abu-Khudhair.

Study of AES Encryption/Decription Optimizations Nathan Windels.

Thomas Pöppelmann Hardware Security Group Horst Görtz Institute for IT Security Implementing Lattice-Based Cryptography.

Final presentation Encryption/Decryption on embedded system Supervisor: Ina Rivkin students: Chen Ponchek Liel Shoshan Winter 2013 Part A.

Robust Low Power VLSI R obust L ow P ower VLSI Finding the Optimal Switch Box Topology for an FPGA Interconnect Seyi Ayorinde Pooja Paul Chaudhury.

EKT303/4 PRINCIPLES OF PRINCIPLES OF COMPUTER ARCHITECTURE (PoCA)

Workshop on Cryptographic Hardware and Embedded Systems (CHES 2006) 13/10/2006 1/26 Superscalar Coprocessor for High-speed Curve-based Cryptography K.

A Compact and Efficient FPGA Implementation of DES Algorithm Saqib, N.A et al. In:International Conference on Reconfigurable Computing and FPGAs, Sept.

Ch.9 CPLD/FPGA Design TAIST ICTES Program VLSI Design Methodology Hiroaki Kunieda Tokyo Institute of Technology.

FPGA Run-time Reconfigurable Placement Presentation by Brian Leonard Clemson University 2003 SURE REU Program Advisor: Ron Sass.

1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

Advanced Computer Architecture, CSE 520 Generating FPGA-Accelerated DFT Libraries Chi-Li Yu Nov. 13, 2007.

Decimal Multiplier on FPGA using Embedded Binary Multipliers Authors: H. Neto and M. Vestias Conference: Field Programmable Logic and Applications (FPL),

J. Christiansen, CERN - EP/MIC

Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative.

Better Key Sizes (and Attacks) for LWE-Based Encryption Richard LindnerChris Peikert.

Reconfigurable Computing - Type conversions and the standard libraries John Morris Chung-Ang University The University of Auckland ‘Iolanthe’ at 13 knots.

Introduction to FPGA Created & Presented By Ali Masoudi For Advanced Digital Communication Lab (ADC-Lab) At Isfahan University Of technology (IUT) Department.

Accelerating Homomorphic Evaluation on Reconfigurable Hardware Thomas Pöppelmann, Michael Naehrig, Andrew Putnam, Adrian Macias.

EE3A1 Computer Hardware and Digital Design

EKT303/4 PRINCIPLES OF PRINCIPLES OF COMPUTER ARCHITECTURE (PoCA)

COARSE GRAINED RECONFIGURABLE ARCHITECTURES 04/18/2014 Aditi Sharma Dhiraj Chaudhary Pruthvi Gowda Rachana Raj Sunku DAY

Development of Programmable Architecture for Base-Band Processing S. Leung, A. Postula, Univ. of Queensland, Australia A. Hemani, Royal Institute of Tech.,

Survey of multicore architectures Marko Bertogna Scuola Superiore S.Anna, ReTiS Lab, Pisa, Italy.

Creating Security using Software and Hardware Bradley Herrup CS297- Security and Programming Languages.

Introduction to Field Programmable Gate Arrays Lecture 1/3 CERN Accelerator School on Digital Signal Processing Sigtuna, Sweden, 31 May – 9 June 2007 Javier.

Architecture and algorithm for synthesizable embedded programmable logic core Noha Kafafi, Kimberly Bozman, Steven J. E. Wilton 2003 Field programmable.

FPGA Field Programmable Gate Arrays Shiraz University of shiraz spring 2012.

KEYNOTE OF THE FUTURE 1: CIARA MOORE CSIT PhD Student QUEEN’S UNIVERSITY BELFAST.

Philipp Gysel ECE Department University of California, Davis

Programmable Logic Devices

Design and Analysis of Low-Power novel implementation of encryption standard algorithm by hybrid method using SHA3 and parallel AES.

Programmable Hardware: Hardware or Software?

Supported in part by NIST/U.S. Department of Commerce

Sorin A. Huss - Technische Universität Darmstadt

Introduction to Programmable Logic

Elliptic Curve Cryptography over GF(2m) on a Reconfigurable Computer:

Survey of Crypto CoProcessor Design

Efficient CRT-Based RSA Cryptosystems

Protect Your Hardware from Hacking and Theft

(Lecture by Hasan Hassan)

Presentation transcript:

14. Aug Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany

Agenda Introduction Ring-LWE Encryption Lattice Processor Results Conclusion 14. Aug

Motivation Advantages of lattices: – Post-quantum security – Security proofs – Versatility Goal of this work: – Provide a simple and reusable hardware building block Starting point to solve more advanced implementation problems Make source code available – Deal with aspects important in practice Ciphertext expansion Error rate 14. Aug

Agenda Introduction Ring-LWE Encryption Lattice Processor Results Conclusion 14. Aug

Recap: Ideal Lattices 14. Aug (*) Other choices are also possible but this one has emerged as standard for security and efficiency. 5

LWE-Encryption 14. Aug x x + ++ x+ [LP11] Richard Lindner, Chris Peikert: Better Key Sizes (and Attacks) for LWE-Based Encryption. CT-RSA

LWE-Encryption 14. Aug

Agenda Introduction Ring-LWE Encryption Lattice Processor Results Conclusion 14. Aug

Reconfigurable Hardware (FPGA) Field Programmable Gate Array (FPGA) – A chip containing programmable logic blocks – Logic blocks are connected by a configurable interconnect – Limited number of dedicated „hard-cores“ like block memory or embedded multipliers (DSPs) are available Hardware is inherently parallel – Time vs. area 14. Aug

The Challenge Ring-LWE encryption and also other schemes (e.g., signature schemes) basically just require polynomial arithmetic – So far results are only available for polynomial multiplication – Temporary values have to be stored – Operations for addition and subtraction are necessary – An easy interface is required Solution: Build a lattice processor/micro-code engine 14. Aug

Lattice Processor 14. Aug

Lattice Processor 14. Aug

Optimizing Encryption 14. Aug

Agenda Introduction Ring-LWE Encryption Lattice Processor Results Conclusion 14. Aug

Results Implemented encryption scheme on Spartan-6 and Virtex-6 for medium security (n=256,q=7681) and high security (n=512, q=12289) Core supports encryption, decryption and key generation Gaussian sampler is bounded with relatively low precision 14. Aug

14. Aug Performance and Resources Post-place-and-route performance on a Virtex-6 LX75T FPGA. 16

Comparison with Previous Work Compared to previous implementation by Göttert et al. from CHES 2012 – Three times slower – Up to 60 times lower area While speed is important the design has to fit onto a reasonably sized FPGAs – Hardware allows parallel placement to make up for lower speed Higher flexibility with one general purpose core (Gen/Enc/Dec) 14. Aug [Göttert et al.] Norman Göttert, Thomas Feller, Michael Schneider, Johannes Buchmann, Sorin A. Huss: On the Design of Hardware Building Blocks for Modern Lattice-Based Encryption Schemes. CHES

14. Aug Comparison with Other Schemes 18

Agenda Introduction Ring-LWE Encryption Lattice Processor Results Conclusion 14. Aug

Future Work and Conclusion 14. Aug Conclusion Flexible building block for a large number of applications in ideal lattice-based cryptography Source code (VHDL) of the encryption scheme/lattice processor available for evaluation at Future Work Side-channel evaluation Bimodal Lattice Signature Scheme (BLISS), Crypto 2013 Performance and resource optimization Implementation and acceleration of high-level constructions like homomorphic encryption or IBE 20

14. Aug Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany Thank You for Your Attention! Any Questions?