Open AccessFPGA-based Accelerator for Post-Quantum Signature Scheme SPHINCS-256
Author(s) -
Dorian Amiet,
Andreas Curiger,
Paul Zbinden
Publication year - 2018
Publication title -
iacr transactions on cryptographic hardware and embedded systems
Language(s) - English
Resource type - Journals
ISSN - 2569-2925
DOI - 10.46586/tches.v2018.i1.18-39
Subject(s) - computer science , field programmable gate array , hash function , cryptography , cryptosystem , public key cryptography , digital signature , elliptic curve digital signature algorithm , quantum computer , computer hardware , signature (topology) , embedded system , computer engineering , quantum , elliptic curve cryptography , computer security , encryption , physics , mathematics , quantum mechanics , geometry
In recent years, a substantial amount of research has been conducted and progress made in the area of quantum computers. Small functional prototypes have already been reported. If they scale as expected, they will eventually be able to break current public-key cryptosystems. The goal of post-quantum cryptography is to develop cryptographic systems that are secure against attacks originating from both quantum and classical computers. Frequently referred post-quantum signature schemes are based on the security of hash functions. A promising candidate in this group is SPHINCS-256. This paper presents the first FPGA-based hardware accelerator for SPHINCS-256. It can be implemented on an entry-level FPGA, occupying roughly 19,000 LUTs, 38,000 FFs and 36 BRAMs. On a Kintex-7 Xilinx FPGA, signing takes 1.53 milliseconds, and verification needs only 65 microseconds. Area and throughput of the accelerator are in a range that outperform today’s widely used RSA signature scheme. The performance can even keep up with ECDSA accelerators. Hence, SPHINCS-256 is a hot candidate to replace RSA and ECDSA in a post-quantum world.