Research Article
Hardware Deployment of Hybrid PQC: SIKE+ECDH
@INPROCEEDINGS{10.1007/978-3-030-90022-9_26, author={Reza Azarderakhsh and Rami Elkhatib and Brian Koziel and Brandon Langenberg}, title={Hardware Deployment of Hybrid PQC: SIKE+ECDH}, proceedings={Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6--9, 2021, Proceedings, Part II}, proceedings_a={SECURECOMM PART 2}, year={2021}, month={11}, keywords={Hybrid cryptosystem Isogeny-based cryptography Elliptic curve cryptography Field-programmable gate array}, doi={10.1007/978-3-030-90022-9_26} }- Reza Azarderakhsh
Rami Elkhatib
Brian Koziel
Brandon Langenberg
Year: 2021
Hardware Deployment of Hybrid PQC: SIKE+ECDH
SECURECOMM PART 2
Springer
DOI: 10.1007/978-3-030-90022-9_26
Abstract
In this work, we present a small architecture for quantum-safe hybrid key exchange targeting ECDH and SIKE. This is the first known hardware implementation of ECDH/SIKE-based hybrid key exchange in the literature. We propose new ECDH and EdDSA parameter sets defined over the SIKE primes. As a proof-of-concept, we evaluate SIKEX434, a hybrid PQC scheme composed of SIKEp434 and our proposed ECDH scheme X434 over a new, low-footprint architecture. Both schemes utilize the same 434-bit prime to save area. With only 1663 slices on a small Artix-7 device, our SIKE architecture can compute an entire hybrid key exchange in 320 ms. This is the smallest SIKE architecture in the literature. The hybrid SIKEX434 adds approximately 16% communication overhead and 10% latency overhead over SIKEp434. The additional overhead to support multiple primes indicates the need for new standardized ECC parameters for area-efficient designs in the future.
