Efficient FPGA Implementations of LowMC and Picnic

Abstract

Post-quantum cryptography has received increased attention in recent years, in particular, due to the standardization effort by NIST. One of the second-round candidates in the NIST post-quantum standardization project is Picnic, a post-quantum secure signature scheme based on efficient zero-knowledge proofs of knowledge. In this work, we present the first FPGA implementation of Picnic. We show how to efficiently calculate LowMC, the block cipher used as a one-way function in Picnic, in hardware despite the large number of constants needed during computation. We then combine our LowMC implementation and efficient instantiations of Keccak to build the full Picnic algorithm.Additionally, we conform to recently proposed hardware interfaces for post-quantum schemes to enable easier comparisons with other designs. We provide evaluations of our Picnic implementation for both, the standalone design and a version wrapped with a PCIe interface, and compare them to the state-of-the-art software implementations of Picnic and similar hardware designs. Concretely, signing messages on our FPGA takes 0.25 ms for the L1 security level and 1.24 ms for the L5 security level, beating existing optimized software implementations by a factor of 4.

Date
Feb 27, 2020
Location
CT-RSA 2020 – Moscone Center, SF, USA
747 Howard Street, San Francisco, California 94105
Roman Walch
Roman Walch
Co-founder/Lead Cryptographer at TACEO

My main research interests include privacy enhancing technologies (FHE, MPC, ZKP), domain-specific symmetric primitives, and their application to real-world use cases.

Related