A Compact Hardware Implementation of CCA-Secure Key Exchange Mechanism CRYSTALS-KYBER on FPGA

Post-quantum cryptosystems should be prepared before the advent of powerful quantum computers to ensure information secure in our daily life. In 2016 a post-quantum standardization contest was launched by National Institute Standards and Technology (NIST), there have been lots works concentrating on evaluation these candidate protocols, mainly pure software or through hardware-software co-design methodology different platforms. As progresses third round July 2020 with only 7 finalists 8 alternate candidates remained, more dedicated specific hardware designs considered illustrate intrinsic property certain protocol achieve better performance. To this end, we present standalone design CRYSTALS-KYBER, amodule learning-with-errors (MLWE) based key exchange mechanism (KEM) within FPGA platform. Through elaborate scheduling sampling number theoretic transform (NTT) related calculations, decent performance is achieved limited resources. The way that Encode/Decode tweaked Fujisaki-Okamoto are implemented demonstrated detail. Analysis about minimizing memory footprint also given out. summary, realize adaptive chosen ciphertext attack (CCA) Kyber all selectable module dimension k smallest Xilinx Artix-7 device. Our computes key-generation, encapsulation (encryption) decapsulation (decryption reencryption) phase 3768/5079/6668 cycles when = 2, 6316/7925/10049 3, 9380/11321/13908 4, consuming 7412/6785 LUTs, 4644/3981 FFs, 2126/1899 slices, 2/2 DSPs 3/3 BRAMs server/client 6.2/6.0 ns critical path delay, outperforming corresponding high level synthesis (HLS) co-designs large extent.