摘要
由于量子计算机的飞速发展,现代密码学面临着巨大的挑战。为了实现抗量子计算机攻击的加密,人们提出了许多新的加密方案,并对后量子密码学(Post-Quantum Cryptography,PQC)开展了标准化进程。Leighton-Micali签名(Leighton-Micali sig-nature,LMS)是一种基于哈希的后量子签名方案,其私钥和公钥尺寸都较小,且安全性已被充分研究。LMS被互联网工程小组(Internet Engineering Task Force,IETF)选为PQC签名协议的标准方案,同时被美国国家标准技术局(National Institute of Standards and Technology,NIST)选为一种PQC过渡方案。然而,密钥生成过程中的效率低下,成为了LMS实际应用中的瓶颈。在本文中,我们首次对LMS进行基于FPGA的硬件实现与加速。首先,在不损失安全性的基础上,我们将LMS中的主要哈希函数由SHA2替换为SHA3函数。其次,我们设计了一个软硬件协同系统,将核心的哈希运算用硬件进行实现,该系统在消耗较少资源的前提下,可完成LMS协议的所有过程:密钥生成、签名与验证。该系统为物联网(Internet of things,IoT)场景下资源受限的LMS应用提供了参考。接着,我们提出了一个高速的密钥生成架构来加速LMS。该架构中具有可配置性,支持LMS的所有参数集,内部的哈希模块根据使用场景进行设计与部署,且并行度经过精心设计,以使得架构同时达到低延迟和高硬件利用率。此外,设计中的控制逻辑被设计为在适应不同参数集的情况下保持一定程度的恒定功率,以抵御功率分析攻击。该架构使用Verilog实现,并在Xilinx Zynq UltraScale+MPSoC ZCU104 FPGA平台上实验。实验结果表明,与在Intel(R)Core(TM)i7-6850K 3.60GHz CPU上启用多线程的目前较优软件实现相比,本文中的设计在不同参数配置下可实现55x~2091x的加速;与最新的各平台LMS工作相比,本文中设计可实现超过17x的加速;与相近方案的FPGA工作相比,本文中设计可实现约70x的加速。
Due to the rapid progress made in quantum computers,modern cryptography is facing great challenges.Many digital signature schemes that have resistance to quantum computing are proposed,and the Post-Quantum Cryptography(PQC)standardization is launched.The Leighton-Micali signature(LMS)is a kind of hash-based signature scheme.It has relatively small private and public keys and its security is well-studied.LMS is selected as a standard scheme for the PQC signature protocols by the Internet Engineering Task Force(IETF),and in the meanwhile,it is recommended as one of the transition schemes by the National Institute of Standards and Technology(NIST)before the PQC standardization finishes.However,the low-efficiency in the key generation process forms the bottleneck in practical applications of LMS.In this article,for the first time,the FPGA-based hardware accelerator is introduced for the LMS scheme.Firstly,we replace the main hash function SHA2 with SHA3 without loss of security.Then,we propose a hardware/software co-design,in which the hash function is offloaded to hardware platform.The co-design can achieve all the procedures of LMS:key generation,signature,and verification.It provides a reference for resource-constrained LMS applications under the Internet of Things(IoT)scenario.Moreover,we propose a high-speed key generation architecture to accelerate LMS.The architecture is delicately devised to be scalable,supporting all the parameter sets for the LMS.The internal hash modules are specifically developed and deployed based on the application scenarios,and the degree of parallelism is carefully designed to achieve low latency and high hardware utilization efficiency.Moreover,the control flow is well managed to accommodate different parameter sets with constant power for the consideration of anti-power analysis attacks.We code our design with Verilog language and implement it on the Xilinx Zynq UltraScale+MPSoC ZCU104 FPGA.The experimental results show that,compared with the superior software implementation running on an Intel(R)Core(TM)i7-6850K 3.60GHz CPU with threading enabled,the new design achieves 55x to 2091x speedups in different parameter configurations;compared with the state-of-the-art works of LMS,the design achieves more than 17x speedup on various platforms;compared with the work of similar scheme on FPGA,about 70x speedup is realized.
作者
胡潇
宋逸峰
汪文浩
田静
HU Xiao;SONG Yifeng;WANG Wenhao;TIAN Jing(Department of Electronic Science and Engineering,Nanjing University,Nanjing 210023,China)
出处
《信息安全学报》
CSCD
2021年第6期17-31,共15页
Journal of Cyber Security
基金
国家自然科学基金资助项目(No.61774082)
中央高校基本科研业务费专项资金资助项目(No.021014380065)
江苏省重点科研计划资助项目(No.BE2019003-4)资助。