面向Saber算法的并行乘法器  

作　　者：吕杰 汪鹏君 张会红[1] Lü Jie;WANG Pengjun;ZHANG Huihong(Faculty of Electrical Engineering and Computer Science,Ningbo University,Ningbo 315211,China;College of Electrical and Electronic Engineering,Wenzhou University,Wenzhou 325035,China)

机构地区：[1]宁波大学信息科学与工程学院,浙江宁波315211 [2]温州大学电气与电子工程学院,浙江温州325035

出　　处：《宁波大学学报（理工版）》2022年第6期15-21,共7页Journal of Ningbo University：Natural Science and Engineering Edition

基　　金：国家自然科学基金(62134002,62174121)。

摘　　要：随着量子计算的发展,现有密码系统的安全性将受到严重威胁.Saber算法是抵御量子计算攻击的后量子密码方案之一,但存在多项式商环上模乘占据运算开销过大的问题.鉴此,本文通过对Karatsuba算法和Schoolbook相乘方式的剖析,提出一种面向Saber算法的并行乘法器设计方案.该方案首先利用Karatsuba算法分解模乘运算的关键路径,结合乘法复用和加法替换的策略减少硬件开销,然后采用并行运算电路压缩关键运算路径时长,最后在TSMC 65 nm工艺下,利用Modelsim和DC软件仿真验证.结果表明:该方案运算时长为137个时钟周期,与传统方式相比速度提升46.50%,功耗为87.83 m W,面积为927.32×10^(3)μm^(2).With the development of the quantum computer, the security of modern cryptosystems will be placed under threat. In defending against quantum computing attacks, Saber algorithm becomes one of the schemes in the ongoing post-quantum cryptography standardization project. The bottleneck of Saber is multiplication in polynomial quotient rings, where the multiplication occupies high costs in computation operation. In this paper, a parallel multiplier for Saber is proposed, which is based on analysis of Karatsuba and Schoolbook. Firstly,disassembling the calculated path of polynomial modulo multiplication is carried out by the Karatsuba algorithm,whereby a strategy of combining multiplication reused with addition superseding multiplication is utilized to reduce hardware overhead. Secondly, the critical path is compressed by a parallel structure. Finally, in the TSMC 65 nm process, analysis is conducted using the tools of Modelsim and DC. The results indicate that the designed scheme accomplishes 137 clock cycles’ critical path of an operation, improving 46.5% in speed performance as compared with the conventional method, the power consumption is 87.83 m W and the area overhead is 927.32×10^(3) μm^(2).

关 键 词：后量子密码 Saber算法 Karatsuba算法 Schoolbook相乘方式 并行乘法器 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]