FPGA-based Accelerator for Post-Quantum Signature Scheme SPHINCS-256

Authors

  • Dorian Amiet IMES Institut für Mikroelektronik und Embedded Systems HSR Hochschule für Technik, 8640 Rapperswil
  • Andreas Curiger Securosys SA, 8005 Zürich
  • Paul Zbinden IMES Institut für Mikroelektronik und Embedded Systems HSR Hochschule für Technik, 8640 Rapperswil

DOI:

https://doi.org/10.13154/tches.v2018.i1.18-39

Keywords:

FPGA architecture, digital signature, post-quantum cryptography, SPHINCS-256, computer science

Abstract

In recent years, a substantial amount of research has been conducted and progress made in the area of quantum computers. Small functional prototypes have already been reported. If they scale as expected, they will eventually be able to break current public-key cryptosystems. The goal of post-quantum cryptography is to develop cryptographic systems that are secure against attacks originating from both quantum and classical computers. Frequently referred post-quantum signature schemes are based on the security of hash functions. A promising candidate in this group is SPHINCS-256. This paper presents the first FPGA-based hardware accelerator for SPHINCS-256. It can be implemented on an entry-level FPGA, occupying roughly 19,000 LUTs, 38,000 FFs and 36 BRAMs. On a Kintex-7 Xilinx FPGA, signing takes 1.53 milliseconds, and verification needs only 65 microseconds. Area and throughput of the accelerator are in a range that outperform today’s widely used RSA signature scheme. The performance can even keep up with ECDSA accelerators. Hence, SPHINCS-256 is a hot candidate to replace RSA and ECDSA in a post-quantum world.

Published

2018-02-14

Issue

Section

Articles

How to Cite

FPGA-based Accelerator for Post-Quantum Signature Scheme SPHINCS-256. (2018). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2018(1), 18-39. https://doi.org/10.13154/tches.v2018.i1.18-39