{"id":"https://openalex.org/W4388958855","doi":"https://doi.org/10.1145/3605769.3623993","title":"Enabling Lattice-Based Post-Quantum Cryptography on the OpenTitan Platform","display_name":"Enabling Lattice-Based Post-Quantum Cryptography on the OpenTitan Platform","publication_year":2023,"publication_date":"2023-11-23","ids":{"openalex":"https://openalex.org/W4388958855","doi":"https://doi.org/10.1145/3605769.3623993"},"language":"en","primary_location":{"id":"doi:10.1145/3605769.3623993","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605769.3623993","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623993","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623993","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050779972","display_name":"Tobias Stelzer","orcid":"https://orcid.org/0009-0007-0058-1107"},"institutions":[{"id":"https://openalex.org/I4210136922","display_name":"Fraunhofer Institute for Applied and Integrated Security","ror":"https://ror.org/03w0bbr97","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210136922","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Tobias Stelzer","raw_affiliation_strings":["Fraunhofer AISEC, Garching, Germany"],"raw_orcid":"https://orcid.org/0009-0007-0058-1107","affiliations":[{"raw_affiliation_string":"Fraunhofer AISEC, Garching, Germany","institution_ids":["https://openalex.org/I4210136922"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004911712","display_name":"Felix Oberhansl","orcid":"https://orcid.org/0000-0002-7822-2880"},"institutions":[{"id":"https://openalex.org/I4210136922","display_name":"Fraunhofer Institute for Applied and Integrated Security","ror":"https://ror.org/03w0bbr97","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210136922","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Felix Oberhansl","raw_affiliation_strings":["Fraunhofer AISEC, Garching, Germany"],"raw_orcid":"https://orcid.org/0000-0002-7822-2880","affiliations":[{"raw_affiliation_string":"Fraunhofer AISEC, Garching, Germany","institution_ids":["https://openalex.org/I4210136922"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102735008","display_name":"Jonas Schupp","orcid":"https://orcid.org/0000-0002-4171-1656"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jonas Schupp","raw_affiliation_strings":["Technical University of Munich, Munich, Germany"],"raw_orcid":"https://orcid.org/0000-0002-4171-1656","affiliations":[{"raw_affiliation_string":"Technical University of Munich, Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037163073","display_name":"Patrick Karl","orcid":"https://orcid.org/0000-0001-9476-9651"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Patrick Karl","raw_affiliation_strings":["Technical University of Munich, Munich, Germany"],"raw_orcid":"https://orcid.org/0000-0001-9476-9651","affiliations":[{"raw_affiliation_string":"Technical University of Munich, Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5050779972"],"corresponding_institution_ids":["https://openalex.org/I4210136922"],"apc_list":null,"apc_paid":null,"fwci":1.3633,"has_fulltext":true,"cited_by_count":8,"citation_normalized_percentile":{"value":0.85167021,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"51","last_page":"60"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7803148031234741},{"id":"https://openalex.org/keywords/post-quantum-cryptography","display_name":"Post-quantum cryptography","score":0.7003140449523926},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.6167280077934265},{"id":"https://openalex.org/keywords/digital-signature","display_name":"Digital signature","score":0.6060661673545837},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5616849064826965},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.43051815032958984},{"id":"https://openalex.org/keywords/lattice-based-cryptography","display_name":"Lattice-based cryptography","score":0.41487038135528564},{"id":"https://openalex.org/keywords/computer-engineering","display_name":"Computer engineering","score":0.3846563696861267},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.33550262451171875},{"id":"https://openalex.org/keywords/quantum-cryptography","display_name":"Quantum cryptography","score":0.3177154064178467},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.30735132098197937},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.302320271730423},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.25631847977638245},{"id":"https://openalex.org/keywords/quantum","display_name":"Quantum","score":0.2221372127532959},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.19692376255989075},{"id":"https://openalex.org/keywords/quantum-information","display_name":"Quantum information","score":0.11561954021453857},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.0937185287475586}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7803148031234741},{"id":"https://openalex.org/C108277079","wikidata":"https://www.wikidata.org/wiki/Q7233576","display_name":"Post-quantum cryptography","level":4,"score":0.7003140449523926},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.6167280077934265},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.6060661673545837},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5616849064826965},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.43051815032958984},{"id":"https://openalex.org/C137660015","wikidata":"https://www.wikidata.org/wiki/Q6497083","display_name":"Lattice-based cryptography","level":5,"score":0.41487038135528564},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.3846563696861267},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.33550262451171875},{"id":"https://openalex.org/C144901912","wikidata":"https://www.wikidata.org/wiki/Q471906","display_name":"Quantum cryptography","level":4,"score":0.3177154064178467},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.30735132098197937},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.302320271730423},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.25631847977638245},{"id":"https://openalex.org/C84114770","wikidata":"https://www.wikidata.org/wiki/Q46344","display_name":"Quantum","level":2,"score":0.2221372127532959},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.19692376255989075},{"id":"https://openalex.org/C169699857","wikidata":"https://www.wikidata.org/wiki/Q2122243","display_name":"Quantum information","level":3,"score":0.11561954021453857},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0937185287475586},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3605769.3623993","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605769.3623993","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623993","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security","raw_type":"proceedings-article"},{"id":"pmh:oai:mediatum.ub.tum.de:node/1728810","is_oa":false,"landing_page_url":"http://ashesworkshop.org/home","pdf_url":null,"source":{"id":"https://openalex.org/S4377196330","display_name":"mediaTUM  (Technical University of Munich)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I62916508","host_organization_name":"Technical University of Munich","host_organization_lineage":["https://openalex.org/I62916508"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"ConferencePaper"},{"id":"pmh:oai:publica.fraunhofer.de:publica/464089","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/464089","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"}],"best_oa_location":{"id":"doi:10.1145/3605769.3623993","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605769.3623993","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605769.3623993","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G241743678","display_name":null,"funder_award_id":"16KIS1390","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4388958855.pdf","grobid_xml":"https://content.openalex.org/works/W4388958855.grobid-xml"},"referenced_works_count":14,"referenced_works":["https://openalex.org/W2007466965","https://openalex.org/W2069441027","https://openalex.org/W2142048307","https://openalex.org/W2610744771","https://openalex.org/W2619630761","https://openalex.org/W2952334088","https://openalex.org/W3023478445","https://openalex.org/W3110442239","https://openalex.org/W3195434025","https://openalex.org/W3212142976","https://openalex.org/W3213547738","https://openalex.org/W4225986329","https://openalex.org/W4231286867","https://openalex.org/W4313645570"],"related_works":["https://openalex.org/W4235564189","https://openalex.org/W2411027466","https://openalex.org/W3194469932","https://openalex.org/W2295565109","https://openalex.org/W4385627932","https://openalex.org/W2591713603","https://openalex.org/W3201289751","https://openalex.org/W2895169885","https://openalex.org/W2945072089","https://openalex.org/W4389982864"],"abstract_inverted_index":{"The":[0,22,67],"first":[1],"generation":[2],"of":[3,12,41,49,105,118,121,149,155,166],"post-quantum":[4],"cryptography":[5],"(PQC)":[6],"standards":[7],"by":[8,188],"the":[9,20,39,52,95,103,116,145,167,184,189],"National":[10],"Institute":[11],"Standards":[13],"and":[14,37,74,108,181],"Technology":[15],"(NIST)":[16],"is":[17,27],"just":[18],"around":[19],"corner.":[21],"need":[23,36,61],"for":[24,85,94,133,144],"secure":[25],"implementations":[26],"therefore":[28],"increasing.":[29],"In":[30],"this":[31,35,138],"work,":[32],"we":[33,89,114],"address":[34],"investigate":[38],"integration":[40],"lattice-based":[42,86],"PQC":[43],"into":[44],"an":[45,153],"open-source":[46],"silicon":[47],"root":[48],"trust":[50],"(RoT),":[51],"OpenTitan.":[53],"RoTs":[54],"are":[55],"important":[56],"security":[57,134],"building":[58],"blocks":[59],"that":[60],"to":[62,101],"be":[63],"future-proofed":[64],"with":[65,176,183],"PQC.":[66,87],"OpenTitan":[68,96,190],"features":[69],"multiple":[70],"cryptographic":[71],"hardware":[72,159],"accelerators":[73],"countermeasures":[75,177],"against":[76,178],"physical":[77,179],"attacks,":[78],"but":[79],"does":[80],"not":[81],"offer":[82],"dedicated":[83],"support":[84],"Thus,":[88],"propose":[90],"instruction":[91],"set":[92],"extensions":[93,160,173],"Big":[97],"Number":[98],"Accelerator":[99],"(OTBN)":[100],"improve":[102],"efficiency":[104],"polynomial":[106],"arithmetic":[107],"sampling.":[109],"As":[110],"a":[111],"case":[112],"study":[113],"analyze":[115],"performance":[117],"signature":[119,123],"verification":[120],"digital":[122],"scheme":[124],"Dilithium.":[125],"Our":[126],"implementation":[127],"verifies":[128],"signatures":[129],"within":[130],"997,722":[131],"cycles":[132],"level":[135],"II,":[136],"pushing":[137],"RoT":[139,169],"functionality":[140],"below":[141],"10":[142],"ms":[143],"OpenTitan's":[146],"target":[147],"frequency":[148],"100":[150],"MHz.":[151],"With":[152],"overhead":[154],"242":[156],"kGE,":[157],"our":[158,172],"make":[161],"up":[162],"only":[163],"about":[164],"5%":[165],"total":[168],"area.":[170],"All":[171],"integrate":[174],"seamlessly":[175],"attacks":[180],"comply":[182],"adversary":[185],"model":[186],"chosen":[187],"project":[191]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}