Latest Research

Home>Latest Research>AxRLWE: A Multi-level Approximate Ring-LWE Co-processor for Lightweight IoT Applications

October 22, 2021

Return to Latest Research

AxRLWE: A Multi-level Approximate Ring-LWE Co-processor for Lightweight IoT Applications

D. -e. -S. Kundi, A. Khalid, S. Bian, C. Wang, M. O’Neill and W. Liu, “AxRLWE: A Multi-level Approximate Ring-LWE Co-processor for Lightweight IoT Applications,” in IEEE Internet of Things Journal, doi: 10.1109/JIOT.2021.3122276.

This work presents a multi-level approximation exploration undertaken on the Ring-Learning-with-Errors (R-LWE) based Public-key Cryptographic (PKC) schemes that belong to quantum-resilient cryptography algorithms. Among the various quantum-resilient cryptography schemes proposed in the currently running NIST’s Post-quantum Cryptography (PQC) standardization plan, the lattice based LWE schemes have emerged as the most viable and preferred class for the IoT applications due to their compact area and memory footprint compared to other alternatives. However, compared to the classical schemes used today, R-LWE is much harder a challenge to fit on embedded IoT (end-node) devices, due to their stricter resource constraints (lower area, memory, energy budgets) as well as their limited computational capabilities. To the best of our knowledge, this is the first endeavour exploring the inherent approximate nature of LWE problem to undertake a multi-level Approximate R-LWE (AxRLWE) architecture with respective security estimates opt for lightweight IoT devices. Undertaking AxRLWE on Field Programmable Gate Arrays (FPGAs), we benchmarked a 64% area reduction cost compared to earlier accurate R-LWE designs at the cost of reduced quantum-security. For the Application Specific Integrated Circuits (ASICs) with 45nm CMOS technology, AxRLWE was benchmarked to fit well within the same area-budget of lightweight ECC processor and consume a third of energy compared to special class of R-Binary LWE (R-BLWE) designs being proposed for an IoT, with better security level.