In the domain of lattice cryptography, an emerging field of post-quantum secure cryptography, very few accelerator designs exist that both sufficiently accelerate a particular lattice cryptosystem and provide enough flexibility to accommodate a variety of cryptographic schemes. In this work, we move towards such a design by analyzing lattice cryptography algorithms with respect to their architectural properties. Through our analysis on an Intel Core i7 processor, we show that key operations such as modulo are essential to realizing an efficient design and should be added to the hardware substrate. We also show that while the algorithms are amenable to SIMD (single instruction multiple data) hardware acceleration, they may be limited to ~64-lane designs before diminishing returns.
展开▼