In a new study by MIT researchers presented at the recent International Solid-State Circuits Conference involves a novel cryptography circuit that can be used to protect low-power “internet of things” (IoT) devices in the coming age of quantum computing. The researchers first implemented on commercial microprocessors several NIST lattice-based cryptography schemes from the agency’s first phase. This revealed two bottlenecks for efficiency and performance: generating random numbers and data storage.
According to the paper, generating random numbers is the most important part of all cryptography schemes, because those numbers are used to generate secure encryption keys that can’t be predicted. That’s calculated through a two-part process called “sampling.”
Traditionally, the data are stored on a single two-or four-port random access memory (RAM) device. Multiport devices enable the high data throughput required for encryption schemes, but they take up a lot of space.
For their circuit design, the researchers modified a technique called “number theoretic transform” (NTT), which functions similarly to the Fourier transform mathematical technique that decomposes a signal into the multiple frequencies that make it up. The modified NTT splits vector data and allocates portions across four single-port RAM devices. Each vector can still be accessed in its entirety for sampling as if it were stored on a single multiport device. The benefit is the four single-port REM devices occupy about a third less total area than one multiport device.
The architecture is customizable to accommodate the multiple lattice-based schemes currently being studied in preparation for the day that quantum computers come online. “That might be a few decades from now, but figuring out if these techniques are really secure takes a long time,” says first author Utsav Banerjee, a graduate student in electrical engineering and computer science. “It may seem early, but earlier is always better.” Other authors include: Anantha Chandrakasan, dean of MIT’s School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science, and Abhishek Pathak of the Indian Institute of Technology.
The more complex the computation, the lower the efficiency, and vice versa. In their paper, the researchers detail how to navigate these trade-offs with their adjustable parameters. Next, the researchers plan to tweak the chip to run all the lattice-based cryptography schemes listed in NIST’s second phase. The work was supported by Texas Instruments and the TSMC University Shuttle Program.
Source