부산대학교 도서관

This article makes a case for accelerating lattice-based postquantum cryptography with memristor-based crossbars. We map the polynomial multiplications in a representative algorithm, SABER, and show that analog dot products can yield 1.7–32.5× performance and energy efficiency improvement compared to recent hardware proposals. We introduce several additional techniques to address the bottlenecks in this initial design. First, we show that software techniques used in SABER that are effective on central processing unit platforms are unhelpful in crossbars. Relying on simpler algorithms further improves our efficiency by 1.3–3.6×. Second, modular arithmetic in SABER offers an opportunity to drop most significant bits, enabling techniques that exploit a few variable-precision analog-to-digital converters (ADCs) and yielding up to 1.8× higher efficiency. Third, to further reduce ADC pressure, we propose a simple analog shift-and-add technique, demonstrating a 1.3–6.3× improvement. Overall, the Xbar-based accelerator for postquantum cryptography (called XCRYPT) achieves 3–15× higher efficiency over the initial design and highlights the importance of algorithm–accelerator co-design.