ARM architecture optimizations for line-rate PQC communications

Abstract

This paper provides an introduction to the topic of ARM architecture optimization for line-rate post-quantum cryptographic (PQC) operations. In particular, we explore ARMv8 architectures and how to leverage hash functions. As quantum computing threatens traditional public-key infrastructure (PKI), the need for efficient quantum-resistant algorithms grows. The NIST PQC standardization process has chosen (until now) ML-DSA (Crystals-Dilithium) with extendable output functions (XOFs) from the SHA3 standard, specifically SHAKE128 and SHAKE256. Many of these standards have already been included into retail systems, while silicon fabs are providing dedicated PQC accelerators for low-speed systems. This paper and its presentation broadens the scope of XOFs in the Dilithium framework by incorporating alternatives like concatenated fixed variable length hashes such as SHA256, SHA512, ASCON and AES-CTR. Our current investigations lead to substantial performance enhancements when ARMv8 acceleration is applied using single instruction - multiple data (SIMD) instructions via the NEON framework. In particular, we will discuss improvements in the KeyGeneration, Signature, and Verification steps across different security parameterizations of ML-DSA in comparison with the reference code of the standard.