2022 Fiscal Year Research-status Report
A domain-specific hardware accelerator for isogeny-based cryptography
| Project/Area Number |
22K12024
|
|---|
| Research Institution | Kanazawa University |
|---|
Principal Investigator |
Cheng ChenMou 金沢大学, 電子情報通信学系, 研究協力員 (10814840)
|
|---|
| Project Period (FY) |
2022-04-01 – 2025-03-31
|
| Keywords | Isogeny cryptography / Domain-specific language / Haskell |
|---|
| Outline of Annual Research Achievements |
In this 3-year project, we aim to design and implement a scalable domain-specific hardware accelerator for speeding up isogeny-based cryptography. During the 1st year, we hired a research assistant and built a research team. The team started the research by designing a small domain-specific language (DSL) with a precise semantics to raise the abstraction level for hardware implementers of isogeny-based cryptosystems. We then began to implement the new DSL by deeply embedding it into the Haskell programming language, allowing us to reuse the rich collections of existing libraries in the Haskell ecosystem. Specifically, we leveraged the syntactic hackage, a popular Haskell package for building DSLs [1]. It provides a generic representation of (open) abstract syntax trees, allowing us to express our DSL constructs more easily in Haskell. It also has a wide variety of common utilities for handling and manipulating the resulting abstract syntax trees, simplifying the subsequent effort of compiler construction.
Last but not least, we attended two conferences, IWSEC 2022 and SCIS 2023, in which we communicated preliminary results to and exchanged high-level ideas with experts around the world.
[1] syntactic: Generic representation and manipulation of abstract syntax. https://hackage.haskell.org/package/syntactic
|
| Current Status of Research Progress |
Current Status of Research Progress
2: Research has progressed on the whole more than it was originally planned.
Reason
Shortly after we began our research project last April, there was a breaking news that SIKE, the only isogeny-based candidate in the 4th round of NIST's PQC competition was broken by two researchers from KU Leuven, Wouter Castryck and Thomas Decru [1]. Fortunately, this did not affect our research project too much, as we planned to spend most of our time and energy on accelerating CSIDH as our benchmark cryptosystem, which has quite a different design from SIKE and thus still remains secure as of today. However, this does mean that we will give up SIKE altogether because it is no longer secure.
[1]. W. Castryck and T. Decru. "An efficient key recovery attack on SIDH." https://eprint.iacr.org/2022/975
|
| Strategy for Future Research Activity |
In the 2nd year, we are going to finish the implementation of our DSL and then implement its (software) compiler in Haskell. We will then implement our yardstick algorithm CSIDH on top of the new DSL and benchmark against existing manual implementations. If the results are positive, then we will summarize our findings in a technical paper and submit it to a suitable conference for publication.
|
| Causes of Carryover |
Our research assistant quit and went abroad to pursue his master's degree, so we could not use all the budget planned to pay for his salary. We will try to find his replacement as soon as possible.
|
