Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
common
crypto_kem
hostside
libopencm3 @ ca43a73
.gitignore
.gitmodules
Makefile
README.md
speed.c
stack.c
stm32f405x6.ld
test.c

README.md

nttm4

This code package contains the software accompanying the paper "Memory-Efficient High-Speed Implementation of Kyber on Cortex-M4". The paper is available at https://kannwischer.eu/papers/2019_nttm4.pdf.

It has also been merged into pqm4 by https://github.com/mupq/pqm4/pull/80

Setup

The setup is mostly similar to https://github.com/mupq/pqm4. After having installed all the dependences run

git clone --recurse-submodules  https://github.com/mupq/nttm4
cd nttm4
cd libopencm3 && make &  cd ..
make 

Testing and Benchmarking

Running make will produce the binaries bin/{test, speed, stack}_kyber{512,768,1024}_m4round{1,2}.bin, where:

Type

  • test provides basic funcionality testing (i.e., checks that both parties derive the same shared secret)
  • speed benchmarkes the schemes and outputs cycles counts (Table 2 in the paper)
  • stack measures the stack usage (Table 3 in the paper)

Parameter Set

  • kyber512, kyber768, and kyber1024 refer to the different parameter sets of Kyber aiming for NIST security level 1, 3, and 5 respectively.

Version

Results

The following tables contain the results of Table 2 and Table 3 of the paper and were obtained with arm-none-eabi-gcc 8.3.0.

Speed [clock cycles]

parameter set version KeyGen Encaps Decaps
kyber512 Round 1 575k 763k 730k
kyber512 Round 2 499k 634k 597k
kyber768 Round 1 946k 1167k 1117k
kyber768 Round 2 947k 1113k 1059k
kyber1024 Round 1 1483k 1753k 1698k
kyber1024 Round 2 1525k 1732k 1653k

Stack [bytes]

parameter set version KeyGen Encaps Decaps
kyber512 Round 1 2632 2672 2736
kyber512 Round 2 3136 2720 2744
kyber768 Round 1 3072 3120 3176
kyber768 Round 2 3648 3232 3248
kyber1024 Round 1 3520 3568 3624
kyber1024 Round 2 4160 3752 3776
You can’t perform that action at this time.