Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Benchmarking and Analysing the NIST PQC Lattice-Based Signature Schemes Standards on the ARM Cortex M7

  • Conference paper
  • First Online:
Progress in Cryptology - AFRICACRYPT 2023 (AFRICACRYPT 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14064))

Included in the following conference series:

Abstract

This paper presents an analysis of the two lattice-based digital signature schemes, Dilithium and Falcon, which have been chosen by NIST for standardisation, on the ARM Cortex M7 using the STM32F767ZI NUCLEO-144 development board. This research is motivated by the ARM Cortex M7 device being the only processor in the Cortex-M family to offer a double precision (i.e., 64-bit) floating-point unit, making Falcon’s implementations, requiring 53 bits of double precision, able to fully run native floating-point operations without any emulation. When benchmarking natively, Falcon shows significant speed-ups between 6.2–8.3x in clock cycles, 6.2-11.8x in runtime, and Dilithium does not show much improvement other than those gained by the slightly faster processor. We then present profiling results of the two schemes on the ARM Cortex M7 to show their respective bottlenecks and operations where the improvements are and can be made. This demonstrates, for example, that some operations in Falcon’s procedures observe speed-ups by an order of magnitude. Finally, since Falcon’s use of floating points is so rare in cryptography, we test the native FPU instructions on 4 different STM32 development boards with the ARM Cortex M7 and also a Raspberry Pi 3 which is used in some of Falcon’s official benchmarking results. We find constant-time irregularities in all of these devices, which makes Falcon insecure on these devices for applications where signature generation can be timed by an attacker.

B. Westerbaan–The research in this paper was carried out while employed at PQShield.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See https://falcon-sign.info/.

  2. 2.

    See the NIST PQC forum: https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/cJxMq0_90gU/m/qbGEs3TXGwAJ.

  3. 3.

    https://www.st.com/en/evaluation-tools/nucleo-f767zi.html.

  4. 4.

    https://dlbeer.co.nz/oss/avstack.html.

  5. 5.

    For example, see the ARM Cortex-M4 Technical Reference Manual https://developer.arm.com/documentation/ddi0439/b/BEHJADED.

  6. 6.

    https://www.quinapalus.com/cm7cycles.html.

  7. 7.

    see for example https://github.com/llvm-mirror/compiler-rt/blob/69445f095c22aac2388f939bedebf224a6efcdaf/lib/builtins/fixdfdi.c#L18.

  8. 8.

    https://blog.cloudflare.com/nist-post-quantum-surprise/.

References

  1. Alagic, G., et al.: Status report on the first round of the NIST post-quantum cryptography standardization process. US Department of Commerce, National Institute of Standards and Technology (2019)

    Google Scholar 

  2. Alagic, G., et al.: Status report on the third round of the NIST post-quantum cryptography standardization process. Technical report, National Institute of Standards and Technology Gaithersburg, MD (2022)

    Google Scholar 

  3. Alagic, G., et al.: status report on the second round of the NIST post-quantum cryptography standardization process. In: NIST, Technical report (2020)

    Google Scholar 

  4. ARM. Arm cortex-m7 processor: Technical reference manual. Revision r1p2 (2018). https://developer.arm.com/documentation/ddi0489/f/programmers-model/instruction-set-summary/binary-compatibility-with-other-cortex-processors

  5. Banerjee, U., Ukyab, T.S., Chandrakasan, A.P.: Sapphire: a configurable crypto-processor for post-quantum lattice-based protocols. IACR TCHES, 2019(4), 17–61, (2019). ISSN: 2569-2925. https://tches.iacr.org/index.php/TCHES/article/view/8344, https://doi.org/10.13154/tches.v2019.i4.17-61

  6. Greconici, D.O.C., Kannwischer, M.J., Sprenkels, A.: Compact dilithium implementations on cortex-M3 and cortex-M4. Cryptology ePrint Archive, Report 2020/1278 (2020). https://eprint.iacr.org/2020/1278

  7. Hulsing, H., et al.: SPHINCS+. Technical report. National Institute of Standards and Technology (2020). https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions

  8. Howe, J., et al.: Exploring parallelism to improve the performance of FrodoKEM in hardware. J. Cryptographic Eng. 11(4), 317–327 (2021). https://doi.org/10.1007/s13389-021-00258-7

    Article  Google Scholar 

  9. Howe, J., et al.: Standard lattice-based key encapsulation on embedded devices. IACR TCHES 2018(3), 372–393 (2018). https://tches.iacr.org/index.php/TCHES/article/view/7279

  10. Paquin, C., Stebila, D., Tamvada, G.: Benchmarking post-quantum cryptography in TLS. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 72–91. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44223-1_5

    Chapter  MATH  Google Scholar 

  11. Kales, D., Ramacher, S., Rechberger, C., Walch, R., Werner, M.: Efficient FPGA implementations of LowMC and picnic. In: Jarecki, S. (ed.) CT-RSA 2020. LNCS, vol. 12006, pp. 417–441. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40186-3_18

    Chapter  Google Scholar 

  12. Lyubashevsky, V., et al.: CRYSTALS-DILITHIUM. Technical report. National Institute of Standards and Technology (2020). https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions

  13. Liboqs: C library for prototyping and experimenting with quantum-resistant cryptography. https://github.com/open-quantum-safe/liboqs

  14. Marotzke, A.: A constant time full hardware implementation of streamlined NTRU prime. In: Liardet, P.-Y., Mentens, N. (eds.) CARDIS 2020. LNCS, vol. 12609, pp. 3–17. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-68487-7_1

    Chapter  Google Scholar 

  15. NIST. Post-quantum cryptography (2015). https://csrc.nist.gov/projects/post-quantum-cryptography. Accessed 26 June 2023

  16. NIST. Submission requirements and evaluation criteria for the post-quantum cryptography standardization process (2016). https://csrc.nist.gov/CSRC/media/Projects/Post-Quantum-Cryptography/documents/call-for-proposals-final-dec-2016.pdf

  17. Prest, T., et al.: FALCON. Technical report. National Institute of Standards and Technology (2020). https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions

  18. Pornin, T.: New efficient, constant-time implementations of Falcon. Cryptology ePrint Archive, Report 2019/893, 2019. https://eprint.iacr.org/2019/893 (2019)

  19. PQClean: clean, portable, tested implementations of post-quantum cryptography. https://github.com/PQClean/PQClean

  20. PQM4: Post-quantum crypto library for the ARM Cortex-M4. https://github.com/mupq/pqm4

  21. Roy, S.S., Basso, A.: High-speed instruction-set coprocessor for lattice-based key encapsulation mechanism: saber in hardware. In: IACR TCHES 2020(4), 443–466 (2020). ISSN: 2569-2925, https://tches.iacr.org/index.php/TCHES/article/view/8690

  22. Jan Richter-Brockmann and Tim Güneysu. Folding BIKE: Scalable Hardware Implementation for Reconfigurable Devices. Cryptology ePrint Archive, Report 2020/897. https://eprint.iacr.org/2020/897 (2020)

  23. Ricci, S., et al.: Implementing crystals-dilithium signature scheme on fpgas. Cryptology ePrint Archive, Report 2021/108 (2021)

    Google Scholar 

  24. Schwabe, P., et al.: CRYSTALS-KYBER. Technical report. National Institute of Standards and Technology (2020). https://csrc.nist.gov/projects/post-quantum-cryptography/round-3-submissions

  25. SUPERCOP: system for unified performance evaluation related to cryptographic operations and primitives. https://bench.cr.yp.to/supercop.html

  26. Xing, Y., Li, S.: A compact hardware implementation of CCA-secure key exchange mechanism CRYSTALS-KYBER on FPGA. IACR Trans. Cryptographic Hardw. Embed. Syst. 2021(2), 328–356 (2021)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SandboxAQ, Palo Alto, USA

    James Howe

  2. Cloudflare, Amsterdam, The Netherlands

    Bas Westerbaan

Authors
  1. James Howe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bas Westerbaan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to James Howe .

Editor information

Editors and Affiliations

  1. EMSE, Saint-Étienne, France

    Nadia El Mrabet

  2. IBM Research Europe, Rüschlikon, Switzerland

    Luca De Feo

  3. Université de Rennes 1, Rennes Cedex, France

    Sylvain Duquesne

Appendices

A The Dilithium Signature Scheme

The Dilithium signature scheme is provided in Algorithm 1. The algorithms inside these procedures have been omitted for space, but the reader can refer to the specifications for more details [LDK+20].

figure c

B The Falcon Signature Scheme

The Falcon signature scheme is provided in Algorithm 2. The algorithms inside these procedures have been omitted for space, but the reader can refer to the specifications for more details [PFH+20].

figure d

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Howe, J., Westerbaan, B. (2023). Benchmarking and Analysing the NIST PQC Lattice-Based Signature Schemes Standards on the ARM Cortex M7. In: El Mrabet, N., De Feo, L., Duquesne, S. (eds) Progress in Cryptology - AFRICACRYPT 2023. AFRICACRYPT 2023. Lecture Notes in Computer Science, vol 14064. Springer, Cham. https://doi.org/10.1007/978-3-031-37679-5_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-37679-5_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-37678-8

  • Online ISBN: 978-3-031-37679-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation