Compact and Low-Latency FPGA-Based Number Theoretic Transform Architecture for CRYSTALS Kyber Postquantum Cryptography Scheme

Abstract

In the modern era of the Internet of Things (IoT), especially with the rapid development of quantum computers, the implementation of postquantum cryptography algorithms in numerous terminals allows them to defend against potential future quantum attack threats. Lattice-based cryptography can withstand quantum computing attacks, making it a viable substitute for the currently prevalent classical public-key cryptography technique. However, the algorithm’s significant time complexity places a substantial computational burden on the already resource-limited chip in the IoT terminal. In lattice-based cryptography algorithms, the polynomial multiplication on the finite field is well known as the most time-consuming process. Therefore, investigations into efficient methods for calculating polynomial multiplication are essential for adopting these quantum-resistant lattice-based algorithms on a low-profile IoT terminal. Number theoretic transform (NTT), a variant of fast Fourier transform (FFT), is a technique widely employed to accelerate polynomial multiplication on the finite field to achieve a subquadratic time complexity. This study presents an efficient FPGA-based implementation of number theoretic transform for the CRYSTAL Kyber, a lattice-based public-key cryptography algorithm. Our hybrid design, which supports both forward and inverse NTT, is able run at high frequencies up to 417 MHz on a low-profile Artix7-XC7A100T and achieve a low latency of 1.10μs while achieving state-of-the-art hardware efficiency, consuming only 541-LUTs, 680 FFs, and four 18 Kb BRAMs. This is made possible thanks to the newly proposed multilevel pipeline butterfly unit architecture in combination with employing an effective coefficient accessing pattern.