Bio: Sujoy Sinha Roy is currently a post-doctoral researcher in the Computer Security and Industrial Cryptography group (COSIC) in the Department of Electrical Engineering, Katholieke Universiteit Leuven, Belgium. He received the M.S degree in computer science and engineering from the Indian Institute of Technology Kharagpur, and the Ph.D. degree in electrical engineering from the Katholieke Universiteit Leuven, Belgium. His research area has been broadly in the field of efficient implementation of public key cryptography.
Talk abstract:
A month ago Google established a landmark in quantum computing by announcing a 72-qubit quantum computer. Quantum computing certainly has the potential to improve our life by performing tasks that are not feasible using today’s computers, such as discovering new drugs and building molecular structures; but it also threatens the existing information security infrastructure. Shor’s algorithm running on a powerful quantum computer can break RSA and elliptic-curve-based cryptographic schemes, which are considered as the two pillars of our present-day public-key infrastructure. The state-of-the-art IBM quantum computer is not powerful enough to break the present-day public-key infrastructure, but the giant leap forecasts, that there might be a powerful quantum computer in the future that will break both schemes. Post-quantum cryptography is a branch of cryptography that focuses on designing schemes that are secure against quantum computing attacks. In recent years, several hard problems from lattice theory have become popular for constructing post-quantum public-key cryptographic schemes. Beside post-quantum cryptography, lattice-problems have been used to construct homomorphic encryption schemes. Homomorphic encryption has applications in privacy-preserving cloud computing: users can upload their encrypted data in the cloud and can still perform computation on the encrypted data. While in theory, lattice-based cryptography offers wide applicability, computational efficiency, and strong security, its real deployment in a wide variety of computing devices and applications faces several challenges. My research is aimed at solving the fundamental problem of implementing cryptography based on hard problems in lattices in hardware and software and on next-generation computing platforms.
In this presentation I will talk about implementation aspects of ring Learning with Errors (ring-LWE) based cryptography. Ring-LWE is a hard problem in lattices. Cryptographic schemes based on the ring-LWE problem perform arithmetic operations in a polynomial ring and require sampling from a discrete Gaussian distribution. I will describe how we designed a lightweight discrete Gaussian sampler based on the Knuth-Yao random walk algorithm. The sampler satisfies a negligible statistical distance to the accurate distribution. For efficient polynomial multiplication, I will show how we used number theoretic transform and performed computational and architectural optimizations to achieve high throughput. From these building blocks, we designed a compact public-key encryption architecture. Next, I will show how we designed countermeasures to protect sensitive information from physical attacks. Physical attacks are a class of attacks that try to break security by observing the physical properties (such as power consumption, electromagnetic radiation etc.) of the computing device. In the end of this presentation, I will briefly describe our experience in designing hardware accelerators for ring-LWE-based homomorphic encryption schemes.