A Unified FFT/NTT Design for Efficient NTRU Equation Solving in FALCON Cryptography

• Published in: IEEE International Symposium on Circuits and Systems proceedings pp. 1 - 5
• Main Authors: Liao, Jun-Hao, Cho, Kuan-Ting, Shieh, Ming-Der
• Format: Conference Proceeding
• Language: English
• Published: IEEE 25.05.2025
• Subjects: ASIC; Circuits and systems; Computational efficiency; Cryptography; Digital signatures; FALCON; FFT/IFFT; Frequency synthesizers; Hardware acceleration; Memory management; NTT/INTT; PQC; Quantum computing; Reconfigurable architectures
• ISSN: 2158-1525
• DOI: 10.1109/ISCAS56072.2025.11043318

Post-Quantum Cryptography has garnered significant attention with the rapid development of quantum computing. FALCON, a lattice-based quantum-resistant digital signature scheme, has been standardized. During the key pair generation process, solving the NTRU equation based on Galois theory is required. The simultaneous use of two distinct algebraic structures, \mathbb{Q}[x]/\left( {{x^n} + 1} \right) and \mathbb{Z}[x]/\left( {{x^n} + 1} \right), where n is a power of 2, presents challenges in hardware design. This paper proposes a hardware accelerator specifically customized for FFT/IFFT and NTT/INTT operations on rings under different point numbers. The design incorporates conflict-free scheduling for memory access and the selection of twiddle factors across various radices. The proposed design occupies an area of 0.54 mm 2 and operates at a frequency of 333 MHz based on the synthesis results using 40nm technology. Compared to existing FFT/IFFT design on rings, the proposed one reduces the area requirement of processing elements by 33% without increasing the overall execution time. Moreover, our design supports both 64-bit radix-4 and 128-bit radix-2 NTT/INTT. This solution effectively addresses the two transformations required for key pair generation in FALCON.