{"id":"https://openalex.org/W3173669294","doi":"https://doi.org/10.46586/tches.v2022.i1.127-151","title":"Multi-moduli NTTs for Saber on Cortex-M3 and Cortex-M4","display_name":"Multi-moduli NTTs for Saber on Cortex-M3 and Cortex-M4","publication_year":2021,"publication_date":"2021-11-19","ids":{"openalex":"https://openalex.org/W3173669294","doi":"https://doi.org/10.46586/tches.v2022.i1.127-151","mag":"3173669294"},"language":"en","primary_location":{"id":"doi:10.46586/tches.v2022.i1.127-151","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i1.127-151","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9292/8858","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tches.iacr.org/index.php/TCHES/article/download/9292/8858","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039577251","display_name":"Amin Abdulrahman","orcid":null},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]},{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Amin Abdulrahman","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany; Max Planck Institute for Security and Privacy, Bochum, Germany","Ruhr University Bochum, Bochum, Germany","Max Planck Institute for Security and Privacy, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany; Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]},{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]},{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063416368","display_name":"Jiun-Peng Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I84653119","display_name":"Academia Sinica","ror":"https://ror.org/05bxb3784","country_code":"TW","type":"facility","lineage":["https://openalex.org/I84653119"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Jiun-Peng Chen","raw_affiliation_strings":["Academia Sinica, Taipei, Taiwan"],"affiliations":[{"raw_affiliation_string":"Academia Sinica, Taipei, Taiwan","institution_ids":["https://openalex.org/I84653119"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079096928","display_name":"Yu\u2010Jia Chen","orcid":"https://orcid.org/0000-0001-7563-4073"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yu-Jia Chen","raw_affiliation_strings":["InfoKeyVault Technology (IKV), Taipei, Taiwan"],"affiliations":[{"raw_affiliation_string":"InfoKeyVault Technology (IKV), Taipei, Taiwan","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025591272","display_name":"Vincent Hwang","orcid":null},"institutions":[{"id":"https://openalex.org/I84653119","display_name":"Academia Sinica","ror":"https://ror.org/05bxb3784","country_code":"TW","type":"facility","lineage":["https://openalex.org/I84653119"]},{"id":"https://openalex.org/I99613584","display_name":"National Taipei University","ror":"https://ror.org/03e29r284","country_code":"TW","type":"education","lineage":["https://openalex.org/I99613584"]},{"id":"https://openalex.org/I16733864","display_name":"National Taiwan University","ror":"https://ror.org/05bqach95","country_code":"TW","type":"education","lineage":["https://openalex.org/I16733864"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Vincent Hwang","raw_affiliation_strings":["Academia Sinica, Taipei, Taiwan; National Taiwan University, Taipei, Taiwan","Academia Sinica, Taipei, Taiwan","National Taiwan University, Taipei, Taiwan"],"affiliations":[{"raw_affiliation_string":"Academia Sinica, Taipei, Taiwan; National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I99613584","https://openalex.org/I16733864"]},{"raw_affiliation_string":"Academia Sinica, Taipei, Taiwan","institution_ids":["https://openalex.org/I84653119"]},{"raw_affiliation_string":"National Taiwan University, Taipei, Taiwan","institution_ids":["https://openalex.org/I16733864"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066102840","display_name":"Matthias J. Kannwischer","orcid":"https://orcid.org/0000-0002-8215-4729"},"institutions":[{"id":"https://openalex.org/I84653119","display_name":"Academia Sinica","ror":"https://ror.org/05bxb3784","country_code":"TW","type":"facility","lineage":["https://openalex.org/I84653119"]},{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE","TW"],"is_corresponding":false,"raw_author_name":"Matthias J. Kannwischer","raw_affiliation_strings":["Max Planck Institute for Security and Privacy, Bochum, Germany; Academia Sinica, Taipei, Taiwan","Max Planck Institute for Security and Privacy, Bochum, Germany","Academia Sinica, Taipei, Taiwan"],"affiliations":[{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany; Academia Sinica, Taipei, Taiwan","institution_ids":["https://openalex.org/I4210096592"]},{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]},{"raw_affiliation_string":"Academia Sinica, Taipei, Taiwan","institution_ids":["https://openalex.org/I84653119"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016631189","display_name":"Bo\u2010Yin Yang","orcid":"https://orcid.org/0000-0002-9362-5282"},"institutions":[{"id":"https://openalex.org/I84653119","display_name":"Academia Sinica","ror":"https://ror.org/05bxb3784","country_code":"TW","type":"facility","lineage":["https://openalex.org/I84653119"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Bo-Yin Yang","raw_affiliation_strings":["Academia Sinica, Taipei, Taiwan"],"affiliations":[{"raw_affiliation_string":"Academia Sinica, Taipei, Taiwan","institution_ids":["https://openalex.org/I84653119"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5039577251"],"corresponding_institution_ids":["https://openalex.org/I4210096592","https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":4.0883,"has_fulltext":true,"cited_by_count":34,"citation_normalized_percentile":{"value":0.94415625,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"127","last_page":"151"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11697","display_name":"Numerical Methods and Algorithms","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11697","display_name":"Numerical Methods and Algorithms","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6607645750045776},{"id":"https://openalex.org/keywords/multiplication","display_name":"Multiplication (music)","score":0.6278777122497559},{"id":"https://openalex.org/keywords/cortex","display_name":"Cortex (anatomy)","score":0.5171508193016052},{"id":"https://openalex.org/keywords/stack","display_name":"Stack (abstract data type)","score":0.514647364616394},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.3963766098022461},{"id":"https://openalex.org/keywords/parallel-computing","display_name":"Parallel computing","score":0.3505275547504425},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.24281811714172363},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12116363644599915},{"id":"https://openalex.org/keywords/neuroscience","display_name":"Neuroscience","score":0.09373685717582703}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6607645750045776},{"id":"https://openalex.org/C2780595030","wikidata":"https://www.wikidata.org/wiki/Q3860309","display_name":"Multiplication (music)","level":2,"score":0.6278777122497559},{"id":"https://openalex.org/C2777348757","wikidata":"https://www.wikidata.org/wiki/Q2346577","display_name":"Cortex (anatomy)","level":2,"score":0.5171508193016052},{"id":"https://openalex.org/C9395851","wikidata":"https://www.wikidata.org/wiki/Q177929","display_name":"Stack (abstract data type)","level":2,"score":0.514647364616394},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.3963766098022461},{"id":"https://openalex.org/C173608175","wikidata":"https://www.wikidata.org/wiki/Q232661","display_name":"Parallel computing","level":1,"score":0.3505275547504425},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.24281811714172363},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12116363644599915},{"id":"https://openalex.org/C169760540","wikidata":"https://www.wikidata.org/wiki/Q207011","display_name":"Neuroscience","level":1,"score":0.09373685717582703},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.46586/tches.v2022.i1.127-151","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i1.127-151","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9292/8858","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:f694151dc838418b80fb71eaddb83137","is_oa":true,"landing_page_url":"https://doaj.org/article/f694151dc838418b80fb71eaddb83137","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2022, Iss 1 (2021)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.46586/tches.v2022.i1.127-151","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i1.127-151","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9292/8858","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.4300000071525574,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3173669294.pdf","grobid_xml":"https://content.openalex.org/works/W3173669294.grobid-xml"},"referenced_works_count":28,"referenced_works":["https://openalex.org/W1607006990","https://openalex.org/W1819199145","https://openalex.org/W2045826589","https://openalex.org/W2061171222","https://openalex.org/W2069441027","https://openalex.org/W2087957223","https://openalex.org/W2113994308","https://openalex.org/W2137147061","https://openalex.org/W2740966734","https://openalex.org/W2953568773","https://openalex.org/W2991385415","https://openalex.org/W3003271350","https://openalex.org/W3014064789","https://openalex.org/W3038049909","https://openalex.org/W3095245686","https://openalex.org/W3111297213","https://openalex.org/W3126636527","https://openalex.org/W3135898413","https://openalex.org/W3159559383","https://openalex.org/W4205630623","https://openalex.org/W4231896027","https://openalex.org/W4233499748","https://openalex.org/W4237773356","https://openalex.org/W4241295125","https://openalex.org/W4254706618","https://openalex.org/W4255669208","https://openalex.org/W4323928058","https://openalex.org/W6922644948"],"related_works":["https://openalex.org/W2380576232","https://openalex.org/W2937054111","https://openalex.org/W2066223521","https://openalex.org/W2036954759","https://openalex.org/W2057797376","https://openalex.org/W2090319426","https://openalex.org/W2506252583","https://openalex.org/W2048249848","https://openalex.org/W1987422982","https://openalex.org/W2029054571"],"abstract_inverted_index":{"The":[0],"U.S.":[1],"National":[2],"Institute":[3],"of":[4,27,34,91,106,123,139,158],"Standards":[5],"and":[6,42,56,202,221],"Technology":[7],"(NIST)":[8],"has":[9,71],"designated":[10],"ARM":[11],"microcontrollers":[12],"as":[13,160],"an":[14,111,144],"important":[15],"benchmarking":[16],"platform":[17],"for":[18,59,82,199,218],"its":[19,43],"Post-Quantum":[20],"Cryptography":[21],"standardization":[22],"process":[23],"(NISTPQC).":[24],"In":[25,48,223],"view":[26],"this,":[28],"we":[29,51,134,188],"explore":[30],"the":[31,35,40,46,49,87,131,155,161,179,186,213,219],"design":[32],"space":[33],"NISTPQC":[36],"finalist":[37],"Saber":[38,84,115,140,211],"on":[39,86,212],"Cortex-M4":[41,88,220],"close":[44],"relation,":[45],"Cortex-M3.":[47,222],"process,":[50],"investigate":[52],"various":[53],"optimization":[54],"strategies":[55],"memory-time":[57],"tradeoffs":[58],"number-theoretic":[60],"transforms":[61],"(NTTs).Recent":[62],"work":[63],"by":[64,192],"[Chung":[65],"et":[66],"al.,":[67],"TCHES":[68],"2021":[69],"(2)]":[70],"shown":[72],"that":[73,198],"NTT":[74,98,214],"multiplication":[75,81,99],"is":[76,110,175],"superior":[77],"compared":[78],"to":[79],"Toom\u2013Cook":[80,102,120,146,164,217],"unprotected":[83,150],"implementations":[85,105,191],"in":[89,103,121,130,194,210,225],"terms":[90,122],"speed.":[92,195],"However,":[93],"it":[94,109],"remains":[95],"unclear":[96],"if":[97,114],"can":[100,118],"outperform":[101,119,189],"masked":[104,172,181],"Saber.":[107],"Additionally,":[108,133],"open":[112],"question":[113],"with":[116],"NTTs":[117,142,229],"stack":[124,159],"usage.":[125],"We":[126,196],"answer":[127],"both":[128,200],"questions":[129],"affirmative.":[132],"present":[135],"a":[136],"Cortex-M3":[137],"implementation":[138,152,165,174,182],"using":[141,183],"outperforming":[143],"existing":[145,190],"implementation.":[147],"Our":[148,170],"stack-optimized":[149,163],"M4":[151,173],"uses":[153],"around":[154],"same":[156],"amount":[157],"most":[162],"while":[166],"being":[167],"33%-41%":[168],"faster.":[169],"speed-optimized":[171],"16%":[176],"faster":[177],"than":[178,216],"fastest":[180],"Toom\u2013Cook.":[184],"For":[185],"Cortex-M3,":[187],"29%-35%":[193],"conclude":[197],"stack-":[201],"speed-optimization":[203],"purposes,":[204],"one":[205],"should":[206],"base":[207],"polynomial":[208],"multiplications":[209],"rather":[215],"particular,":[224],"many":[226],"cases,":[227],"multi-moduli":[228],"perform":[230],"best.":[231]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":8},{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-06T07:47:59.780226","created_date":"2025-10-10T00:00:00"}