Fast Modular Multipliers for Supersingular Isogeny-Based Post-Quantum Cryptography

摘要

As one of the postquantum protocol candidates, the supersingular isogeny key encapsulation (SIKE) protocol delivers promising public and secret key sizes over other candidates. Nevertheless, the considerable computations form the bottleneck and limit its practical applications. The modular multiplication operations occupy a large proportion of the overall computations required by the SIKE protocol. The VLSI implementation of the high-speed modular multiplier remains a big challenge. In this article, we propose three improved modular multiplication algorithms based on an unconventional radix for this protocol, all of which cost about 20% fewer computations than the prior art. Besides, a multiprecision scheme is also introduced for the proposed algorithms to improve the scalability in hardware implementation, resulting in three new algorithms. We then present very efficient high-speed constant-time modular multiplier architectures for the six algorithms. It is shown that these new architectures can be extensively pipelined and highly optimized to obtain high throughput and low latency. The field-programmable gate array (FPGA) implementation results show that all proposed multipliers achieve much higher throughput than previous designs, but the increase in resources is relatively small. In addition, the multipliers without the multiprecision scheme have very low latency, which is very friendly to high-speed applications of the SIKE protocol.