Highly Efficient Architecture of NewHope-NIST on FPGA using Low-Complexity NTT/INTT

• Main Authors: Neng Zhang, Bohan Yang, Chen Chen, Shouyi Yin, Shaojun Wei, Leibo Liu
• Format: Article
• Language: English
• Published: Ruhr-Universität Bochum 2020-03-01
• Series: Transactions on Cryptographic Hardware and Embedded Systems
• Subjects: NewHope; FPGA; post-quantum cryptography; ring learning with errors; number theoretic transform
• Online Access: https://tches.iacr.org/index.php/TCHES/article/view/8544

NewHope-NIST is a promising ring learning with errors (RLWE)-based postquantum cryptography (PQC) for key encapsulation mechanisms. The performance on the field-programmable gate array (FPGA) affects the applicability of NewHope-NIST. In RLWE-based PQC algorithms, the number theoretic transform (NTT) is one of the most time-consuming operations. In this paper, low-complexity NTT and inverse NTT (INTT) are used to implement highly efficient NewHope-NIST on FPGA. First, both the pre-processing of NTT and the post-processing of INTT are merged into the fast Fourier transform (FFT) algorithm, which reduces N and 2N modular multiplications for N-point NTT and INTT, respectively. Second, a compact butterfly unit and an efficient modular reduction on the modulus 12289 are proposed for the low-complexity NTT/INTT architecture, which achieves an improvement of approximately 3× in the area time product (ATP) compared with the results of the state-of-the-art designs. Finally, a highly efficient architecture with doubled bandwidth and timing hiding for NewHope-NIST is presented. The implementation results on an FPGA show that our design is at least 2.5× faster and has 4.9× smaller ATP compared with the results of the state-of-the-art designs of NewHope-NIST on similar platforms.