TY - GEN
T1 - The Impact of Hash Primitives and Communication Overhead for Hardware-Accelerated SPHINCS+
AU - Karl, Patrick
AU - Schupp, Jonas
AU - Sigl, Georg
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024
Y1 - 2024
N2 - SPHINCS+ is a signature scheme included in the first NIST post-quantum standard, that bases its security on the underlying hash primitive. As most of the runtime of SPHINCS+ is caused by the evaluation of several hash- and pseudo-random functions, instantiated via the hash primitive, offloading this computation to dedicated hardware accelerators is a natural step. In this work, we evaluate different architectures for hardware acceleration of such a hash primitive with respect to its use-case and evaluate them in the context of SPHINCS+. We attach hardware accelerators for different hash primitives (SHAKE256 and Ascon-Xof for both, full and round-reduced versions) to CPU interfaces having different transfer speeds. We show, that for most use-cases, data transfer determines the overall performance if accelerators are equipped with FIFOs and that reducing the number of rounds in the permutation does not necessarily lead to significant performance improvements when using hardware acceleration.
AB - SPHINCS+ is a signature scheme included in the first NIST post-quantum standard, that bases its security on the underlying hash primitive. As most of the runtime of SPHINCS+ is caused by the evaluation of several hash- and pseudo-random functions, instantiated via the hash primitive, offloading this computation to dedicated hardware accelerators is a natural step. In this work, we evaluate different architectures for hardware acceleration of such a hash primitive with respect to its use-case and evaluate them in the context of SPHINCS+. We attach hardware accelerators for different hash primitives (SHAKE256 and Ascon-Xof for both, full and round-reduced versions) to CPU interfaces having different transfer speeds. We show, that for most use-cases, data transfer determines the overall performance if accelerators are equipped with FIFOs and that reducing the number of rounds in the permutation does not necessarily lead to significant performance improvements when using hardware acceleration.
KW - Ascon
KW - PQC
KW - SPHINCS+
KW - hardware acceleration
KW - post-quantum cryptography
UR - http://www.scopus.com/inward/record.url?scp=85190470681&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-57543-3_12
DO - 10.1007/978-3-031-57543-3_12
M3 - Conference contribution
AN - SCOPUS:85190470681
SN - 9783031575426
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 221
EP - 239
BT - Constructive Side-Channel Analysis and Secure Design - 15th International Workshop, COSADE 2024, Proceedings
A2 - Wacquez, Romain
A2 - Homma, Naofumi
PB - Springer Science and Business Media Deutschland GmbH
T2 - 15th International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2024
Y2 - 9 April 2024 through 10 April 2024
ER -