Secure Number Theoretic Transform and Speed Record for Ring-LWE Encryption on Embedded Processors

Compact implementations of the ring variant of the Learning with Errors (Ring-LWE) on the embedded processors have been actively studied due to potential quantum threats. Various Ring-LWE implementation works mainly focused on optimization techniques to reduce the execution timing and memory consumptions for high availability. For this reason, they failed to provide secure implementations against general side channel attacks, such as timing attack. In this paper, we present secure and fastest Ring-LWE encryption implementation on low-end 8-bit AVR processors. We targeted the most expensive operation, i.e. Number Theoretic Transform (NTT) based polynomial multiplication, to provide countermeasures against timing attacks and best performance among similar implementations till now. Our contributions for optimizations are ⋆ This research of Hwajeong Seo was supported by the MSIT(Ministry of Science and ICT), Korea, under the ITRC(Information Technology Research Center) support program(IITP-2017-2014-0-00743) supervised by the IITP(Institute for Information & communications Technology Promotion). This work of Hyeokchan Kwon and Sokjoon Lee was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIT). [B0717-160097, Development of V2X Service Integrated Security Technology for Autonomous Driving Vehicle]. This research of Taehwan Park and Howon Kim was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIT) (No.2012-0-00265, Development of high performance IoT device and Open Platform with Intelligent Software)