← 返回 JSSC 论文列表JSSC 2023第8期Other
A 334 µW 0158 mm 2 ASIC for Post-Quantum Key-Encapsulation Mechanism Saber With
本文提出了一种基于Toom-Cook乘法器的低功耗、小面积Saber后量子加密加速器。
0.158 mm², 334 µW
后量子加密SaberToom-Cook乘法器低功耗小面积
▸创新点1:内存高效跨步Toom-Cook乘法器(方法创新) - 通过优化Toom-Cook算法的内存访问模式,采用跨步计算策略减少中间结果存储需求,相比传统NTT乘法器减少4倍内存使用,实现0.158mm²的业界最小面积。
▸创新点2:延迟插值技术(方法创新) - 在多项式乘法中推迟插值阶段的计算,动态合并冗余操作,降低36.8%的乘法器能耗,同时保持运算正确性。
▸创新点3:时序感知时钟门控与移位加法器协同优化(电路创新) - 通过精确控制乘法器单元的时钟激活周期,结合移位-加法硬件重构,实现118倍动态功耗降低,整体功耗较同类设计下降38%。
▸创新点4:Saber算法专用数据流架构(系统创新) - 针对MLWE算法的访存特征设计规则化存取方案,消除地址计算开销,核心区域中存储器占比降至12%,显著提升能效比。
Abstract
Lattice-based cryptography is a novel approach to
public key cryptography (PKC), of which the mathematical
investigation (so far) resists attacks from quantum computers.
By choosing a module learning with errors (MLWE) algorithm
as the next standard, the National Institute of Standards and
Technology (NIST) follows this approach. The multiplication
of polynomials is the central bottleneck in the computation
of lattice-based cryptography. Because PKC is mostly used to
establish common secret keys