TY - GEN
T1 - A masked ring-LWE implementation
AU - Reparaz, Oscar
AU - Roy, Sujoy Sinha
AU - Vercauteren, Frederik
AU - Verbauwhede, Ingrid
PY - 2015/9/1
Y1 - 2015/9/1
N2 - Lattice-based cryptography has been proposed as a postquantum public-key cryptosystem. In this paper, we present a masked ring-LWE decryption implementation resistant to first-order side-channel attacks. Our solution has the peculiarity that the entire computation is performed in the masked domain. This is achieved thanks to a new, bespoke masked decoder implementation. The output of the ring-LWE decryption are Boolean shares suitable for derivation of a symmetric key. We have implemented a hardware architecture of the masked ring-LWE processor on a Virtex-II FPGA, and have performed side channel analysis to confirm the soundness of our approach. The area of the protected architecture is around 2000 LUTs, a 20% increase with respect to the unprotected architecture. The protected implementation takes 7478 cycles to compute, which is only a factor ×2. 6 larger than the unprotected implementation.
AB - Lattice-based cryptography has been proposed as a postquantum public-key cryptosystem. In this paper, we present a masked ring-LWE decryption implementation resistant to first-order side-channel attacks. Our solution has the peculiarity that the entire computation is performed in the masked domain. This is achieved thanks to a new, bespoke masked decoder implementation. The output of the ring-LWE decryption are Boolean shares suitable for derivation of a symmetric key. We have implemented a hardware architecture of the masked ring-LWE processor on a Virtex-II FPGA, and have performed side channel analysis to confirm the soundness of our approach. The area of the protected architecture is around 2000 LUTs, a 20% increase with respect to the unprotected architecture. The protected implementation takes 7478 cycles to compute, which is only a factor ×2. 6 larger than the unprotected implementation.
UR - http://www.scopus.com/inward/record.url?scp=84946053752&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-48324-4_34
DO - 10.1007/978-3-662-48324-4_34
M3 - Conference contribution
AN - SCOPUS:84946053752
SN - 9783662483237
T3 - Lecture Notes in Computer Science
SP - 683
EP - 702
BT - Cryptographic Hardware and Embedded Systems - CHES 2015
A2 - Güneysu, Tim
A2 - Handschuh, Helena
PB - Springer Verlag
T2 - International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2015
Y2 - 13 September 2015 through 16 September 2015
ER -