ETRI-Knowledge Sharing Plaform



논문 검색
구분 SCI
연도 ~ 키워드


학술대회 Secure Number Theoretic Transform and Speed Record for Ring-LWE Encryption on Embedded Processors
Cited 3 time in scopus Download 2 time Share share facebook twitter linkedin kakaostory
서화정, Zhe Liu, 박태환, 권혁찬, 이석준, 김호원
International Conference on Information Security and Cryptology (ICISC) 2017, pp.37-50
17HH1700, 자율주행차량을 위한 V2X 서비스 통합 보안 기술 개발, 권혁찬
Compact implementations of the ring variant of the Learning with Errors (Ring-LWE) on the embedded processors have been actively studied due to potential quantum threats. Various Ring-LWE implementation works mainly focused on optimization techniques to reduce the execution timing and memory consumptions for high availability. For this reason, they failed to provide secure implementations against general side channel attacks, such as timing attack. In this paper, we present secure and fastest Ring-LWE encryption implementation on low-end 8-bit AVR processors. We targeted the most expensive operation, i.e. Number Theoretic Transform (NTT) based polynomial multiplication, to provide countermeasures against timing attacks and best performance among similar implementations till now. Our contributions for optimizations are concluded as follows: (1) we propose the Look-Up Table (LUT) based fast reduction techniques for speeding up the modular coefficient multiplication in regular fashion, (2) we use the modular addition and subtraction operations, which are performed in constant timing. With these optimization techniques, the proposed NTT implementation enhances the performance by 18.3??22% than previous works. Finally, our Ring-LWE encryption implementations require only 680,796 and 1,754,064 clock cycles for 128-bit and 256-bit security levels, respectively.
8-bit AVR, Discrete gaussian sampling, Number theoretic transform, Public key encryption, Ring learning with errors, Software implementation, Timing attack
KSP 제안 키워드
256-bit, Best performance, Bit security, Discrete Gaussian Sampling, Embedded processor, High availability, Number theoretic transform, Optimization techniques(OT), Polynomial multiplication, Public-key encryption, Reduction technique