Hardware Acceleration for Post-Quantum Cryptography in Resource Constrained Embedded Systems with RISC-V ISEs
Abstract
The imminent rise of practical quantum computing threatens well-established cryptography algorithms for secret key exchange in use today, such as Diffie-Hellman and Elliptic Curve (ECC) based schemes. These algorithms are currently being replaced by quantum-safe Crystals-Kyber, also known as ML-KEM. This work aims to explore hardware acceleration through RISC-V Instruction Set Extensions (ISEs) in a low-end 32-bit core in a comprehensive evaluation comprising performance, energy consumption, memory footprint and die area costs, enabling an efficient implementation of a cryptosystem that can withstand attacks from the emergence of quantum computers and is compliant to modern cryptographic standards and algorithm suites. Three different parametrizations of Kyber symmetric primitives are evaluated: the well-known SHA-3 and AES/SHA-2 based versions, as well as a novel parametrization using Ascon. This work also explores ISE-enhanced implementations of algorithms for authenticated encryption (AEAD) and hash functions at the 128 and 256 bit security levels, evaluating improvements due to the use of specialized instructions in each algorithm.
References
Alkim, E., Evkan, H., Lahr, N., Niederhagen, R., and Petri, R. (2020). ISA Extensions for Finite Field Arithmetic - Accelerating Kyber and NewHope on RISC-V. Cryptology ePrint Archive, Paper 2020/049.
Banerjee, U., Ukyab, T. S., and Chandrakasan, A. P. (2019). Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols. IACR Transactions on Cryptographic Hardware and Embedded Systems.
Dobraunig, C., Eichlseder, M., Mendel, F., and Schläffer, M. (2021). Ascon v1.2: Lightweight Authenticated Encryption and Hashing. Journal of Cryptology.
Fritzmann, C., Sharif, U., Mueller-Gritschneder, D., Reinbrecht, C. R. W., Schlichtmann, U., and Sepúlveda, M. J. (2019). Towards Reliable and Secure Post-Quantum Co-Processors based on RISC-V. Design, Automation & Test in Europe Conference & Exhibition (DATE).
Fritzmann, T., Sigl, G., and Sepúlveda, M. J. (2020). RISQ-V: Tightly Coupled RISC-V Accelerators for Post-Quantum Cryptography. IACR Transactions on Cryptographic Hardware and Embedded Systems.
García-Morchón, Ó., Kumar, S. S., and Sethi, M. (2019). Internet of Things (IoT) Security: State of the Art and Challenges. RFC, 8576:1–50.
Gewehr, C., Luza, L., and Moraes, F. G. (2024). Hardware Acceleration of Crystals-Kyber in Low-Complexity Embedded Systems With RISC-V Instruction Set Extensions. IEEE Access.
Karabulut, E. and Aysu, A. (2020). RANTT: A RISC-V Architecture Extension for the Number Theoretic Transform. International Conference on Field-Programmable Logic and Applications (FPL).
Lee, J., Kim, W., Kim, S., and Kim, J.-H. (2022). Post-Quantum Cryptography Coprocessor for RISC-V CPU Core. International Conference on Electronics, Information, and Communication (ICEIC).
Miteloudi, K., Bos, J., Bronchain, O., Fay, B., and Renes, J. (2023). PQ.V.ALU.E: Post-Quantum RISC-V Custom ALU Extensions on Dilithium and Kyber. Cryptology ePrint Archive, Paper 2023/1505.
Nannipieri, P., Matteo, S. D., Zulberti, L., Albicocchi, F., Saponara, S., and Fanucci, L. (2021). A RISC-V Post Quantum Cryptography Instruction Set Extension for Number Theoretic Transform to Speed-Up CRYSTALS Algorithms. IEEE Access.
NIST (2024). Module-lattice-based key-encapsulation mechanism standard.
NSA (2023). Commercial National Security Algorithm Suite 2.0.
Park, J.-Y., Moon, Y.-H., Lee, W., Kim, S.-H., and Sakurai, K. (2022). A Survey of Polynomial Multiplication With RSA-ECC Coprocessors and Implementations of NIST PQC Round3 KEM Algorithms in Exynos2100. IEEE Access.
Xin, G., Han, J., Yin, T., Zhou, Y., Yang, J., Cheng, X., and Zeng, X. (2020). VPQC: A Domain-Specific Vector Processor for Post-Quantum Cryptography Based on RISC-V Architecture. IEEE Transactions on Circuits and Systems I: Regular Papers.
