Abstract
The Number Theoretic Transform (NTT) is a time critical function required by many post-quantum cryptographic protocols based on lattices. For example it is commonly used in the context of the Ring Learning With Errors problem (RLWE), which is a popular basis for post-quantum key exchange, digital signature, and encryption. Here we apply a simple methodology to convert the NTT and its inverse from a mathematically correct (but side-channel vulnerable) description, to an efficient constant-time and side-channel resistant version.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
References
Ring learning with errors parameters (2017). http://www.ringlwe.info/parameters-for-rlwe.html
Alkim, E., Ducas, L., Poppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: 25th Usenix Security Symposium, pp. 327–343 (2016)
Alkim, E., Jakubeit, P., Schwabe, P.: NewHope on ARM Cortex-M. In: Carlet, C., Hasan, M.A., Saraswat, V. (eds.) SPACE 2016. LNCS, vol. 10076, pp. 332–349. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49445-6_19
Barrett, P.: Implementing the Rivest Shamir and Adleman public key encryption algorithm on a standard digital signal processor. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 311–323. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_24
Bernstein, D., Breitner, J., Genkin, D., Bruinderink, L.G., Heninger, N., Lange, T., van Vredendaal, C., Yarom, Y.: Sliding right into disaster: left-to-right sliding windows leak. Cryptology ePrint Archive, Report 2017/627 (2017). http://eprint.iacr.org/2017/627
Fog, A.: Instruction tables: lists of instruction latencies, throughputs and microoperation breakdowns for intel, AMD and VIA CPUs (2017). http://www.agner.org/optimize/
Güneysu, T., Oder, T., Pöppelmann, T., Schwabe, P.: Software speed records for lattice-based signatures. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 67–82. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38616-9_5
Harvey, D.: Faster arithmetic for number-theoretic transforms. J. Symb. Comput. 60, 113–119 (2014)
Longa, P., Naehrig, M.: Speeding up the number theoretic transform for faster ideal lattice-based cryptography. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 124–139. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48965-0_8
Montgomery, P.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)
Pöppelmann, T., Güneysu, T.: Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 139–158. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33481-8_8
Scott, M.: Slothful reduction. Cryptology ePrint Archive, Report 2017/437 (2017). http://eprint.iacr.org/2017/437
Streit, S., De Santis, F.: Post-quantum key exchange on ARMv8-A - a new hope for NEON made simple. Cryptology ePrint Archive, Report 2017/388 (2017). http://eprint.iacr.org/2017/388
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Scott, M. (2017). A Note on the Implementation of the Number Theoretic Transform. In: O'Neill, M. (eds) Cryptography and Coding. IMACC 2017. Lecture Notes in Computer Science(), vol 10655. Springer, Cham. https://doi.org/10.1007/978-3-319-71045-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-71045-7_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-71044-0
Online ISBN: 978-3-319-71045-7
eBook Packages: Computer ScienceComputer Science (R0)