Flexible and Efficient Implementation of CRYSTALS-KYBER SIMD RISC-V Coprocessor Based on Customized Vector Instruction-Set Extension

Abstract

With the development of quantum computers in recent years, the security of traditional public-key encryption algorithms is facing serious threats, and post-quantum cryptography (PQC) algorithms that can resist quantum computer attacks are urgently needed. CRYSTALS-KYBER as the finalized NIST key-encapsulation scheme, is continuously advancing the standardization process. The existing hardware implementations of Kyber mostly use compact architectures to pursue high speed and high performance with the cost of programmability, while most hardware-software co-designs suffer from low parallelism and performance. Aiming at flexibly and efficiently implementing the key encapsulation mechanism (KEM) of Kyber, this work presents a single instruction multiple data (SIMD) Kyber coprocessor that supports the RISC-V instruction-set. A reconfigurable polynomial and logic unit (PLU) is designed, which can accelerate all types of polynomial vector instruction operations, and a dynamic hardware scheduling strategy is proposed to enable different types of instructions to be executed parallelly, improving the coprocessor pipeline throughput. Implemented on the Ultrascale+ FPGA platform and evaluated under SMIC 40nm technology, the proposed coprocessor achieves the fastest computing speed with the lowest power consumption and 3.5×/6.2× improvement in FPGA/ASIC AT product efficiency.