Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


A Flexible Shared Hardware Accelerator for NIST-Recommended Algorithms CRYSTALS-Kyber and CRYSTALS-Dilithium with SCA Protection

November 30, 2022


Abubakr Abdulgadir - PQSecure Technologies


NIST recently decided upon a set of cryptographic algorithms for future standardization. These algorithms are built upon hard problems which are believed to be resistant to quantum cryptanalysis, unlike RSA and ECC which are trivially broken by a quantum computer running Shor’s algorithm. Cryptographic operations are computationally intense, and therefore are often offloaded to dedicated hardware in order to improve performance and reduce energy usage. However, different applications have different needs for performance and cost trade-offs, so it is beneficial to have a variety of performance options for hardware acceleration. In this work we present a flexible hardware architecture for selected algorithms, Kyber and Dilithium. Our architecture includes separate instances optimized for either Kyber and Dilithium as well as a combined architecture which support both algorithms in one design. Further, the design can be instantiated at three levels of performance: lightweight, mid-range, and high performance. We also present a masked implementation for the Kyber-only implementation which protects against first order differential power analysis attacks and timing attacks. The masked implementation requires 2.5× more LUTs and 6.5× more clock cycles for decapsulation.

Event Details



Related Topics

Security and Privacy: post-quantum cryptography

Created November 23, 2022, Updated December 06, 2022