Kavach: Lightweight masking techniques for polynomial arithmetic in lattice-based cryptography
نویسندگان
چکیده
Lattice-based cryptography has laid the foundation of various modern-day cryptosystems that cater to several applications, including post-quantum cryptography. For structured lattice-based schemes, polynomial arithmetic is a fundamental part. In instances, performance optimizations come from implementing compact multipliers due small range secret coefficients. However, this optimization does not easily translate side-channel protected implementations since masking requires coefficients be distributed over large range. work, we address problem and propose two novel generalized techniques, one for number theoretic transform (NTT) based another non-NTT-based arithmetic. Both these proposals enable masked multiplication while utilizing retaining property.For demonstration, used proposed technique instantiated schoolbook as well NTT-based multiplication. can utilize in unmasked implementations. The an extra accumulation along with multiplications first-order implementation. cost nothing compared area saved by existing cheap units. We also extensively test resistance design through TVLA guarantee its security.
منابع مشابه
Towards Efficient Arithmetic for Lattice-Based Cryptography on Reconfigurable Hardware
In recent years lattice-based cryptography has emerged as quantum secure and theoretically elegant alternative to classical cryptographic schemes (like ECC or RSA). In addition to that, lattices are a versatile tool and play an important role in the development of efficient fully or somewhat homomorphic encryption (SHE/FHE) schemes. In practice, ideal lattices defined in the polynomial ring Zp[...
متن کاملArithmetic Coding and Blinding for Lattice Cryptography
In this work we apply information theoretically optimal arithmetic coding and a number of novel side-channel blinding countermeasure techniques to create BLZZRD, a practical, compact, and more quantum-resistant variant of the BLISS Ring-LWE Signature Scheme. We show how the hash-based random oracle can be modified to be more secure against quantum preimage attacks while decreasing signature siz...
متن کاملLattice Based Cryptography for Beginners
The purpose of this lecture note is to introduce lattice based cryptography, which is thought to be a cryptosystem of post-quantum age. We have tried to give as many details possible specially for novice on the subject. Something may be trivial to an expert but not to a novice. Many fundamental problems about lattice are thought to be hard even against quantum computer, compared to factorizatio...
متن کاملArithmetic Operators for Pairing-Based Cryptography
Since their introduction in constructive cryptographic applications, pairings over (hyper)elliptic curves are at the heart of an ever increasing number of protocols. Software implementations being rather slow, the study of hardware architectures became an active research area. In this paper, we first study an accelerator for the ηT pairing over F3[x]/(x + x + 2). Our architecture is based on a ...
متن کاملLattice-Based Cryptography
In this chapter we describe some of the recent progress in lattice-based cryptography. Lattice-based cryptographic constructions hold a great promise for post-quantum cryptography, as they enjoy very strong security proofs based on worst-case hardness, relatively efficient implementations, as well as great simplicity. In addition, lattice-based cryptography is believed to be secure against quan...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR transactions on cryptographic hardware and embedded systems
سال: 2023
ISSN: ['2569-2925']
DOI: https://doi.org/10.46586/tches.v2023.i3.366-390