Polynomial Multiplier and

Inverter for NTRU

Sanjay Puttaraju
ECE 645
Prof. Gaj
Motivation
NTRU is faster than its major competitor, RSA.
Other features include easy generation of keys,
high speed and low memory requirements.
Finds extensive application in the embedded
market.
Attempted to develop a multiplier and
hardware that computes inverse of a
polynomial.
These independent units find their application in
the NTRU algorithm.
NTRU Background
NTRU is a new Public Key
Cryptosystem (PKCS).
Founded in 1996 as NTRU
Cryptosystem Inc by four Brown
University Mathematicians.
NTRU is short for N-th degree
truncated polynomial ring.
NTRU Algorithm
NTRU Parameters:
N = Polynomials in the truncated
polynomial ring have degree N-1.
(e.g. 167, 251,347, 503)
q = large modulus (e.g. 128, 256)
p = small modulus (e.g. 3)
f, g = small polynomials in the ring.
NTRU Algorithm
Key Generation:
h = pf
q
*g (modulo q)
Public Key = h
Private key = polynomials f and f
p
Encryption:
e = r*h + m (modulo q)
m = message; r = blinding value
NTRU Algorithm
Decryption:
a = f*e (modulo q)
b = a (modulo p)
c = f
p
*b (modulo p)
c = m
Polynomial Multiplier
Processing Unit
Ling Adder for Multiplier
Polynomial Inverter
Inverse of a polynomial is obtained by
performing Extended Euclidean Algorithm
on f(x) and a(x).
Remainder Quotient Auxiliary
f(x)=X
8
+X
6
+X
5
+X+1 0
a(x)=X
4
+1 1
X
2
X
4
+X
2
+X+1 X
4
+X
2
+X+1
1 X
2
X
6
+X
4
+X
3
+X
2
+1
Algorithm: Polynomial
Inversion
Algorithm: Polynomial
Inversion
Polynomial Inverter:
Block Diagram
Modulo 2 to q
conversion
Extended Euclidean
Algorithm
Polynomial Multiplier
f
g,GF2^n
Inverse
F
q
Polynomial Inverter Basic Execution Unit
>>
+
f
g
deg(f)<deg(g) f[0]
Implementation
Environment
Simulation is carried out in the Active
HDL environment, particularly
version 6.2 on a machine working on
Windows XP Platform.
Implementation targets Xilinx
Spartan family of devices,
specifically Spartan- III Xilinx FPGAs.
Results
Overall status:
Written in 85%
Verified through functional simulation in 80%
Verified through timing simulation in 70%
Analyzed in 40%
Status of major functional units:
Processing Row for multiplier written in 100%,
verified through simulation in 100%
Execution Unit for Inverter written in 90%, verified
through simulation in 80%
Processing Unit : Functional
Simulation
Processing Row: Functional
Simulation
Inverter Execution Unit:
Functional Simulation
Problems & Conclusions
Encountered problems with
synchronization of input/output between
different independent blocks.
Inverter could be made generic for
parameters N, p and q.
Extend the operation of the hardware to
perform key generation, encryption and
decryption for NTRU.
Thank You