TY - GEN
T1 - Optimizing HQC using Frobenius Additive FFT on a RISC-V-based System-on-Chip
AU - Ras, Antonio
AU - Loiseau, Antoine
AU - Carmona, Mikaël
AU - Pontié, Simon
AU - Renault, Guénaël
AU - Smith, Benjamin
AU - Valea, Emanuele
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025/1/1
Y1 - 2025/1/1
N2 - HQC is a quantum-resistant cryptographic key encapsulation mechanism, recently selected by NIST as a future standard. Polynomial multiplication is one of the most critical operations in HQC. Due to side-channel security concerns, the previously-used sparse-dense method was recently replaced by classical dense-dense multiplication implemented using Karatsuba's algorithm. This change has made polynomial multiplication the primary performance bottleneck, accounting for approximately 95% of the total execution time. This paper presents an alternative polynomial multiplication technique for HQC: the Frobenius Additive Fast Fourier Transform (FAFFT), which provides significant algorithmic-level performance improvements. We also present ANDROMEDA, the first state-of-the-art hardware implementation of FAFFT, and evaluate its performance impact by integrating our solution in a resourceconstrained RISC-V-based System-on-Chip scenario. Experimental results show that our solution improves HQC performance by approximately 9.64 × and 19.22 × across its security levels, making HQC more practical for real-world deployment.
AB - HQC is a quantum-resistant cryptographic key encapsulation mechanism, recently selected by NIST as a future standard. Polynomial multiplication is one of the most critical operations in HQC. Due to side-channel security concerns, the previously-used sparse-dense method was recently replaced by classical dense-dense multiplication implemented using Karatsuba's algorithm. This change has made polynomial multiplication the primary performance bottleneck, accounting for approximately 95% of the total execution time. This paper presents an alternative polynomial multiplication technique for HQC: the Frobenius Additive Fast Fourier Transform (FAFFT), which provides significant algorithmic-level performance improvements. We also present ANDROMEDA, the first state-of-the-art hardware implementation of FAFFT, and evaluate its performance impact by integrating our solution in a resourceconstrained RISC-V-based System-on-Chip scenario. Experimental results show that our solution improves HQC performance by approximately 9.64 × and 19.22 × across its security levels, making HQC more practical for real-world deployment.
KW - FAFFT
KW - FPGA
KW - HQC
KW - Hardware Acceleration
KW - Polynomial Multiplication
KW - Post-Quantum Cryptography
KW - RISC-V
UR - https://www.scopus.com/pages/publications/105030545858
U2 - 10.1109/DSD67783.2025.00089
DO - 10.1109/DSD67783.2025.00089
M3 - Conference contribution
AN - SCOPUS:105030545858
T3 - Proceedings - 2025 28th Euromicro Conference on Digital System Design, DSD 2025
SP - 608
EP - 615
BT - Proceedings - 2025 28th Euromicro Conference on Digital System Design, DSD 2025
A2 - Casini, Daniel
A2 - Cazorla, Francisco J.
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 28th Euromicro Conference on Digital System Design, DSD 2025
Y2 - 10 September 2025 through 12 September 2025
ER -