| 研究課題/領域番号 |
22K12024
|
|---|
| 研究機関 | 金沢大学 |
|---|
研究代表者 |
Cheng ChenMou 金沢大学, 電子情報通信学系, 研究協力員 (10814840)
|
|---|
| 研究期間 (年度) |
2022-04-01 – 2025-03-31
|
| キーワード | Isogeny cryptography / Domain-specific language / Haskell |
|---|
| 研究実績の概要 |
In this 3-year project, we aim to design and implement a scalable domain-specific hardware accelerator for speeding up isogeny-based cryptography. During the 1st year, we hired a research assistant and built a research team. The team started the research by designing a small domain-specific language (DSL) with a precise semantics to raise the abstraction level for hardware implementers of isogeny-based cryptosystems. We then began to implement the new DSL by deeply embedding it into the Haskell programming language, allowing us to reuse the rich collections of existing libraries in the Haskell ecosystem. Specifically, we leveraged the syntactic hackage, a popular Haskell package for building DSLs [1]. It provides a generic representation of (open) abstract syntax trees, allowing us to express our DSL constructs more easily in Haskell. It also has a wide variety of common utilities for handling and manipulating the resulting abstract syntax trees, simplifying the subsequent effort of compiler construction.
Last but not least, we attended two conferences, IWSEC 2022 and SCIS 2023, in which we communicated preliminary results to and exchanged high-level ideas with experts around the world.
[1] syntactic: Generic representation and manipulation of abstract syntax. https://hackage.haskell.org/package/syntactic
|
| 現在までの達成度 (区分) |
現在までの達成度 (区分)
2: おおむね順調に進展している
理由
Shortly after we began our research project last April, there was a breaking news that SIKE, the only isogeny-based candidate in the 4th round of NIST's PQC competition was broken by two researchers from KU Leuven, Wouter Castryck and Thomas Decru [1]. Fortunately, this did not affect our research project too much, as we planned to spend most of our time and energy on accelerating CSIDH as our benchmark cryptosystem, which has quite a different design from SIKE and thus still remains secure as of today. However, this does mean that we will give up SIKE altogether because it is no longer secure.
[1]. W. Castryck and T. Decru. "An efficient key recovery attack on SIDH." https://eprint.iacr.org/2022/975
|
| 今後の研究の推進方策 |
In the 2nd year, we are going to finish the implementation of our DSL and then implement its (software) compiler in Haskell. We will then implement our yardstick algorithm CSIDH on top of the new DSL and benchmark against existing manual implementations. If the results are positive, then we will summarize our findings in a technical paper and submit it to a suitable conference for publication.
|
| 次年度使用額が生じた理由 |
Our research assistant quit and went abroad to pursue his master's degree, so we could not use all the budget planned to pay for his salary. We will try to find his replacement as soon as possible.
|
