Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security and Privacy in Communication Systems

SecureComm 2021: Security and Privacy in Communication Networks pp 475–491Cite as

Hardware Deployment of Hybrid PQC: SIKE+ECDH

  • Conference paper
  • First Online:

Abstract

In this work, we present a small architecture for quantum-safe hybrid key exchange targeting ECDH and SIKE. This is the first known hardware implementation of ECDH/SIKE-based hybrid key exchange in the literature. We propose new ECDH and EdDSA parameter sets defined over the SIKE primes. As a proof-of-concept, we evaluate SIKEX434, a hybrid PQC scheme composed of SIKEp434 and our proposed ECDH scheme X434 over a new, low-footprint architecture. Both schemes utilize the same 434-bit prime to save area. With only 1663 slices on a small Artix-7 device, our SIKE architecture can compute an entire hybrid key exchange in 320 ms. This is the smallest SIKE architecture in the literature. The hybrid SIKEX434 adds approximately 16% communication overhead and 10% latency overhead over SIKEp434. The additional overhead to support multiple primes indicates the need for new standardized ECC parameters for area-efficient designs in the future.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Adj, G., Cervantes-Vázquez, D., Chi-Domínguez, J.J., Menezes, A., Rodríguez-Henríquez, F.: On the cost of computing isogenies between supersingular elliptic curves. In: Cid, C., Jacobson Jr., M.J. (eds.) Selected Areas in Cryptography - SAC 2018–25th International Conference, Calgary, AB, Canada, August 15–17, 2018, Revised Selected Papers, Lecture Notes in Computer Science, vol. 11349, pp. 322–343. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-030-10970-7_15

  2. Azarderakhsh, R., Jao, D., Kalach, K., Koziel, B., Leonardi, C.: Key compression for isogeny-based cryptosystems. In: Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, pp. 1–10 (2016)

    Google Scholar 

  3. Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted edwards curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389–405. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68164-9_26

    Chapter  Google Scholar 

  4. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77–89 (2012)

    Article  Google Scholar 

  5. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: Keccak Implementation Overview (2012)

    Google Scholar 

  6. Campagna, M., Petcher, A.: Security of hybrid key encapsulation. Cryptology ePrint Archive, Report 2020/1364 (2020). https://eprint.iacr.org/2020/1364

  7. Charles, D.X., Lauter, K.E., Goren, E.Z.: Cryptographic hash functions from expander graphs. J. Cryptol. 22(1), 93–113 (2007). https://doi.org/10.1007/s00145-007-9002-x

    Article  MathSciNet  MATH  Google Scholar 

  8. Chen, L., et al.: Report on Post-Quantum Cryptography. NIST IR 8105 (2016)

    Google Scholar 

  9. Childs, A.M., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8(1), 1–29 (2014)

    Article  MathSciNet  Google Scholar 

  10. Costello, C., Hisil, H.: A simple and compact algorithm for SIDH with arbitrary degree isogenies. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 303–329. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_11

    Chapter  Google Scholar 

  11. Costello, C., Jao, D., Longa, P., Naehrig, M., Renes, J., Urbanik, D.: Efficient compression of SIDH public keys. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 679–706. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56620-7_24

    Chapter  Google Scholar 

  12. Costello, C., Longa, P., Naehrig, M.: Efficient algorithms for supersingular isogeny diffie-hellman. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 572–601. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_21

    Chapter  Google Scholar 

  13. Costello, C., Longa, P., Naehrig, M., Renes, J., Virdia, F.: Improved classical cryptanalysis of SIKE in practice. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 505–534. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45388-6_18

    Chapter  Google Scholar 

  14. Couveignes, J.M.: Hard Homogeneous Spaces. Cryptology ePrint Archive, Report 2006/291 (2006)

    Google Scholar 

  15. De Feo, L., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209–247 (2014)

    MathSciNet  MATH  Google Scholar 

  16. Edwards, H.M.: A normal form for elliptic curves. Bull. Am. Math. Soc. 44, 393–422 (2007)

    Article  MathSciNet  Google Scholar 

  17. Faz-Hernández, A., López, J., Ochoa-Jiménez, E., Rodríguez-Henríquez, F.: A faster software implementation of the supersingular isogeny diffie-hellman key exchange protocol. IEEE Trans. Comput. 67(11), 1622–1636 (2018)

    Article  MathSciNet  Google Scholar 

  18. Feo, L.D.: Mathematics of Isogeny Based Cryptography. CoRR, abs/1711.04062 (2017)

    Google Scholar 

  19. Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 63–91. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_3

    Chapter  Google Scholar 

  20. Galbraith, S.D., Petit, C., Silva, J.: Identification protocols and signature schemes based on supersingular isogeny problems. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 3–33. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_1

    Chapter  Google Scholar 

  21. Gélin, A., Wesolowski, B.: Loop-abort faults on supersingular isogeny cryptosystems. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 93–106. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59879-6_6

    Chapter  Google Scholar 

  22. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, STOC 1996, pages 212–219, New York, NY, USA. Association for Computing Machinery (1996)

    Google Scholar 

  23. Hamburg, M.: Ed448-goldilocks, a new elliptic curve. Cryptology ePrint Archive, Report 2015/625 (2015). https://eprint.iacr.org/2015/625

  24. Jao, D., et al.: Supersingular isogeny key encapsulation. Submission to the NIST Post-Quantum Standardization Project (2017)

    Google Scholar 

  25. Jao, D., Soukharev, V.: Isogeny-based quantum-resistant undeniable signatures. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 160–179. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11659-4_10

    Chapter  MATH  Google Scholar 

  26. Josefsson, S., Liusvaara, I.: Edwards-curve digital signature algorithm (eddsa). RFC 8032, 1–60 (2017)

    Google Scholar 

  27. Koziel, B., Ackie, A.B., Khatib, R.E., Azarderakhsh, R., Kermani, M.M.: Sike’d up: fast hardware architectures for supersingular isogeny key encapsulation. IEEE Trans. Circ. Syst. I Reg. Papers 67(12), 4842–4854 (2020)

    Article  MathSciNet  Google Scholar 

  28. Koziel, B., Azarderakhsh, R., Jao, D.: An exposure model for supersingular isogeny diffie-hellman key exchange. In: Smart, N.P. (ed.) CT-RSA 2018. LNCS, vol. 10808, pp. 452–469. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76953-0_24

    Chapter  Google Scholar 

  29. Koziel, B., Azarderakhsh, R., Jao, D.: Side-channel attacks on quantum-resistant supersingular isogeny Diffie-Hellman. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 64–81. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_4

    Chapter  Google Scholar 

  30. Koziel, B., Azarderakhsh, R., Jao, D., Mozaffari-Kermani, M.: On fast calculation of addition chains for isogeny-based cryptography. In: Chen, K., Lin, D., Yung, M. (eds.) Inscrypt 2016. LNCS, vol. 10143, pp. 323–342. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54705-3_20

    Chapter  Google Scholar 

  31. Koziel, B., Azarderakhsh, R., Mozaffari-Kermani, M.: Fast hardware architectures for supersingular isogeny diffie-hellman key exchange on FPGA. In: Dunkelman, O., Sanadhya, S.K. (eds.) INDOCRYPT 2016. LNCS, vol. 10095, pp. 191–206. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49890-4_11

    Chapter  Google Scholar 

  32. Koziel, B., Azarderakhsh, R., Mozaffari-Kermani, M.: A high-performance and scalable hardware architecture for isogeny-based cryptography. IEEE Trans. Comput. 67(11), 1594–1609 (2018)

    Article  MathSciNet  Google Scholar 

  33. Koziel, B., Azarderakhsh, R., Mozaffari-Kermani, M., Jao, D.: Post-quantum cryptography on FPGA based on isogenies on elliptic curves. IEEE Trans. Circ. Syst. I Reg. Papers 64(1), 86–99 (2017)

    Article  Google Scholar 

  34. Koziel, B., Jalali, A., Azarderakhsh, R., Jao, D., Mozaffari-Kermani, M.: NEON-SIDH: efficient implementation of supersingular isogeny diffie-hellman key exchange protocol on ARM. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 88–103. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48965-0_6

    Chapter  Google Scholar 

  35. Langley, A., Hamburg, M., Turner, S.: Elliptic curves for security. RFC 7748, 1–22 (2016)

    Google Scholar 

  36. Liu, W., Ni, J., Liu, Z., Liu, C., O’Neill, M.: Optimized modular multiplication for supersingular isogeny diffie-hellman. IEEE Trans. Comput. 68(8), 1249–1255 (2019)

    Article  MathSciNet  Google Scholar 

  37. Massolino, P.M.C., Longa, P., Renes, J., Batina, L.: A compact and scalable hardware/software co-design of SIKE. Cryptology ePrint Archive, Report 2020/040 (2020). https://eprint.iacr.org/2020/040

  38. Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)

    Article  MathSciNet  Google Scholar 

  39. Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. In: Mathematics of Computation, pp. 243–264 (1987)

    Google Scholar 

  40. Rostovtsev, A., Stolbunov, A.: Public-key cryptosystem based on isogenies. Cryptology ePrint Archive, Report 2006/145 (2006)

    Google Scholar 

  41. Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science (FOCS 1994), pp. 124–134 (1994)

    Google Scholar 

  42. Sutter, G., Deschamps, J.P., Imaña, J.L.: Modular multiplication and exponentiation architectures for fast RSA cryptosystem based on digit serial computation. IEEE Trans. Ind. Electroni. 58(7), 3101–3109 (2011)

    Article  Google Scholar 

  43. Ti, Y.B.: Fault attack on supersingular isogeny cryptosystems. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 107–122. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59879-6_7

    Chapter  Google Scholar 

  44. Yoo, Y., Azarderakhsh, R., Jalali, A., Jao, D., Soukharev, V.: A post-quantum digital signature scheme based on supersingular isogenies. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 163–181. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70972-7_9

    Chapter  Google Scholar 

Download references

Acknowledgment

This work has been funded by a DoD contract W911NF2010328 granted to PQSecure Technologies.

Author information

Authors and Affiliations

  1. PQSecure Technologies LLC, Boca Raton, FL, USA

    Reza Azarderakhsh, Rami Elkhatib, Brian Koziel & Brandon Langenberg

Authors
  1. Reza Azarderakhsh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rami Elkhatib
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Brian Koziel
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Brandon Langenberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reza Azarderakhsh .

Editor information

Editors and Affiliations

  1. Télécom SudParis, Institut Polytechnique de Paris, Palaiseau, France

    Joaquin Garcia-Alfaro

  2. University of Kent Canterbury, Canterbury, Kent, UK

    Shujun Li

  3. University of Washington, Seattle, WA, USA

    Radha Poovendran

  4. Télécom SudParis, Institut Polytechnique de Paris, Palaiseau, France

    Hervé Debar

  5. Google Inc., New York, NY, USA

    Moti Yung

Ethics declarations

Intellectual Property Disclosure

Some of these techniques may be covered by US and/or international patents.

Rights and permissions

Reprints and permissions

Copyright information

© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Azarderakhsh, R., Elkhatib, R., Koziel, B., Langenberg, B. (2021). Hardware Deployment of Hybrid PQC: SIKE+ECDH. In: Garcia-Alfaro, J., Li, S., Poovendran, R., Debar, H., Yung, M. (eds) Security and Privacy in Communication Networks. SecureComm 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 399. Springer, Cham. https://doi.org/10.1007/978-3-030-90022-9_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-90022-9_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-90021-2

  • Online ISBN: 978-3-030-90022-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation