<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <link href="/css/dist/css/bootstrap.min.css" rel="stylesheet"> <title>Fast Scloud+: A Fast Hardware Implementation for the Unstructured LWE-based KEM - Scloud+</title> <link rel="stylesheet" href="/css/eprint.css?v=10"> <style> a.toggle-open:after { content:' -'; font-weight: 800; } a.toggle-closed:after { content: " ›"; font-weight: 800; } .paper-abstract { white-space: pre-wrap; } #metadata dt { margin-top: 1rem; } #metadata dt + dd { /* gap between dt and first dd */ margin-top: .75rem; } #metadata dd { margin-left: 2rem; } #metadata dd.keywords { padding-bottom: .5rem; } span.authorName { margin-top: .5rem; font-style: italic; } </style> <script> MathJax = { tex: { inlineMath: [['$', '$'], ['\\(', '\\)']], displayMath: [ ['$$','$$'], ["\\[","\\]"] ], processEnvironments: false }, loader: { load: [ "ui/safe", "ui/lazy", ], }, options: { safeOptions: { allow: { URLs: "none", classes: "safe", cssIDs: "safe", styles: "safe", }, }, } }; </script> <script id="MathJax-script" async src="/js/mathjax/tex-chtml.js"></script> <meta name="citation_title" content="Fast Scloud+: A Fast Hardware Implementation for the Unstructured LWE-based KEM - Scloud+"> <meta name="citation_author" content="Jing Tian"> <meta name="citation_author" content="Yaodong Wei"> <meta name="citation_author" content="Dejun Xu"> <meta name="citation_author" content="Kai Wang"> <meta name="citation_author" content="Anyu Wang"> <meta name="citation_author" content="Zhiyuan Qiu"> <meta name="citation_author" content="Fu Yao"> <meta name="citation_author" content="Guang Zeng"> <meta name="citation_journal_title" content="Cryptology ePrint Archive"> <meta name="citation_publication_date" content="2025"> <meta name="citation_pdf_url" content="https://eprint.iacr.org/2025/497.pdf"> <meta property="og:image" content="https://eprint.iacr.org/img/iacrlogo.png"/> <meta property="og:image:alt" content="IACR logo"/> <meta property="og:url" content="https://eprint.iacr.org/2025/497"> <meta property="og:site_name" content="IACR Cryptology ePrint Archive" /> <meta property="og:type" content="article" /> <meta property="og:title" content="Fast Scloud+: A Fast Hardware Implementation for the Unstructured LWE-based KEM - Scloud+" /> <meta property="og:description" content="Scloud+ is an unstructured LWE-based key encapsulation mechanism (KEM) with conservative quantum security, in which ternary secrets and lattice coding are incorporated for higher computational and communication efficiency. However, its efficiencies are still much inferior to those of the structured LWE-based KEM, like ML-KEM (standardized by NIST). In this paper, we present a configurable hardware architecture for Scloud+.KEM to improve the computational efficiency. Many algorithmic and architectural co-optimizations are proposed to reduce the complexity and increase the degree of parallelism. Specially, the matrix multiplications are computed by a block in serial and the block is calculated in one cycle, without using any multipliers. In addition, the random bits all are generated by an unfolded Keccak core, well matched with the data flow required by the block matrix multiplier. The proposed design is coded in Verilog and implemented under the SMIC 40nm LP CMOS technology. The synthesized results show that Scloud+.KEM-128 only costs 23.0 $us$, 24.3 $us$, and 24.6 $us$ in the KeyGen, Encaps, and Decaps stages, respectively, with an area consumption of 0.69 $mm^2$, significantly narrowing the gap with the state-of-the-art of Kyber hardware implementation." /> <meta property="article:section" content="IMPLEMENTATION" /> <meta property="article:modified_time" content="2025-03-16T14:20:17+00:00" /> <meta property="article:published_time" content="2025-03-16T14:20:17+00:00" /> <meta property="article:tag" content="post-quantum cryptography" /> <meta property="article:tag" content="learning with errors" /> <meta property="article:tag" content="lattice code" /> <meta property="article:tag" content="Hardware Implementation" /> <meta property="article:tag" content="ASIC" /> </head> <body> <noscript> <h1 class="text-center">What a lovely hat</h1> <h4 class="text-center">Is it made out of <a href="https://iacr.org/tinfoil.html">tin foil</a>?</h4> </noscript> <div class="fixed-top" id="topNavbar"> <nav class="navbar navbar-custom navbar-expand-lg"> <div class="container px-0 justify-content-between justify-content-lg-evenly"> <div class="order-0 align-items-center d-flex"> <button class="navbar-toggler btnNoOutline" type="button" data-bs-toggle="collapse" data-bs-target="#navbarContent" aria-controls="navbarContent" aria-expanded="false"> <span class="icon-bar top-bar"></span> <span class="icon-bar middle-bar"></span> <span class="icon-bar bottom-bar"></span> </button> <a class="d-none me-5 d-lg-inline" href="https://iacr.org/"><img class="iacrlogo" src="/img/iacrlogo_small.png" alt="IACR Logo" style="max-width:6rem;"></a> </div> <a class="ePrintname order-1" href="/"> <span class="longNavName">Cryptology ePrint Archive</span> </a> <div class="collapse navbar-collapse order-3" id="navbarContent"> <ul class="navbar-nav me-auto ms-2 mb-2 mb-lg-0 justify-content-end w-100"> <li class="ps-md-3 nav-item dropdown"> <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"> Papers </a> <ul class="dropdown-menu me-3" aria-labelledby="navbarDropdown"> <span class="text-dark mx-3" style="white-space:nowrap;">Updates from the last:</span> <li><a class="dropdown-item ps-custom" href="/days/7">7 days</a></li> <li><a class="dropdown-item ps-custom" href="/days/31">31 days</a></li> <li><a class="dropdown-item ps-custom" href="/days/183">6 months</a></li> <li><a class="dropdown-item ps-custom" href="/days/365">365 days</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="/byyear">Listing by year</a></li> <li><a class="dropdown-item" href="/complete">All papers</a></li> <li><a class="dropdown-item" href="/complete/compact">Compact view</a></li> <li><a class="dropdown-item" href="https://www.iacr.org/news/subscribe">Subscribe</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="/citation.html">How to cite</a></li> <li><hr class="dropdown-divider"></li> <li><a class="dropdown-item" href="/rss">Harvesting metadata</a></li> </ul> </li> <li class="ps-md-3 nav-item dropdown"> <a class="nav-link dropdown-toggle" href="#" id="submissionsDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"> Submissions </a> <ul class="dropdown-menu me-3" aria-labelledby="submissionsDropdown"> <li><a class="dropdown-item" href="/submit">Submit a paper</a></li> <li><a class="dropdown-item" href="/revise">Revise or withdraw a paper</a></li> <li><a class="dropdown-item" href="/operations.html">Acceptance and publishing conditions</a></li> </ul> </li> <li class="ps-md-3 nav-item dropdown"> <a class="nav-link dropdown-toggle" href="#" id="aboutDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false"> About </a> <ul class="dropdown-menu me-3" aria-labelledby="aboutDropdown"> <li><a class="dropdown-item" href="/about.html">Goals and history</a></li> <li><a class="dropdown-item" href="/news.html">News</a></li> <li><a class="dropdown-item" href="/stats">Statistics</a></li> <li><a class="dropdown-item" href="/contact.html">Contact</a></li> </ul> </li> </ul> </div> <div class="dropdown ps-md-2 text-right order-2 order-lg-last"> <button class="btn btnNoOutline" type="button" id="dropdownMenuButton1" data-bs-toggle="dropdown" aria-expanded="false"> <img src="/img/search.svg" class="searchIcon" alt="Search Button"/> </button> <div id="searchDd" class="dropdown-menu dropdown-menu-end p-0" aria-labelledby="dropdownMenuButton1"> <form action="/search" method="GET"> <div class="input-group"> <input id="searchbox" name="q" type="search" class="form-control" autocomplete="off"> <button class="btn btn-secondary border input-group-append ml-2"> Search </button> </div> </form> <div class="ms-2 p-1 d-none"><a href="/search">Advanced search</a></div> </div> </div> </div> </nav> </div> <main id="eprintContent" class="container px-3 py-4 p-md-4"> <div class="row mt-4"> <div class="col-md-7 col-lg-8 pe-md-5"> <h4>Paper 2025/497</h4> <h3 class="mb-3">Fast Scloud+: A Fast Hardware Implementation for the Unstructured LWE-based KEM - Scloud+</h3> <div class="author"><span class="authorName">Jing Tian</span><span class="affiliation">, Nanjing University</span></div> <div class="author"><span class="authorName">Yaodong Wei</span><span class="affiliation">, Nanjing University</span></div> <div class="author"><span class="authorName">Dejun Xu</span><span class="affiliation">, Nanjing University</span></div> <div class="author"><span class="authorName">Kai Wang</span><span class="affiliation">, Nanjing University</span></div> <div class="author"><span class="authorName">Anyu Wang</span><span class="affiliation">, Tsinghua University</span></div> <div class="author"><span class="authorName">Zhiyuan Qiu</span><span class="affiliation">, Shandong Institute of Blockchain</span></div> <div class="author"><span class="authorName">Fu Yao</span><span class="affiliation">, Huawei Technologies</span></div> <div class="author"><span class="authorName">Guang Zeng</span><span class="affiliation">, Huawei Technologies</span></div> <h5 class="mt-3">Abstract</h5> <p style="white-space: pre-wrap;">Scloud+ is an unstructured LWE-based key encapsulation mechanism (KEM) with conservative quantum security, in which ternary secrets and lattice coding are incorporated for higher computational and communication efficiency. However, its efficiencies are still much inferior to those of the structured LWE-based KEM, like ML-KEM (standardized by NIST). In this paper, we present a configurable hardware architecture for Scloud+.KEM to improve the computational efficiency. Many algorithmic and architectural co-optimizations are proposed to reduce the complexity and increase the degree of parallelism. Specially, the matrix multiplications are computed by a block in serial and the block is calculated in one cycle, without using any multipliers. In addition, the random bits all are generated by an unfolded Keccak core, well matched with the data flow required by the block matrix multiplier. The proposed design is coded in Verilog and implemented under the SMIC 40nm LP CMOS technology. The synthesized results show that Scloud+.KEM-128 only costs 23.0 $us$, 24.3 $us$, and 24.6 $us$ in the KeyGen, Encaps, and Decaps stages, respectively, with an area consumption of 0.69 $mm^2$, significantly narrowing the gap with the state-of-the-art of Kyber hardware implementation.</p> </div> <div id="metadata" class="col-md-5 col-lg-4 ps-md-5 mt-4 mt-md-0"> <h5>Metadata</h5> <dl> <dt> Available format(s) </dt> <dd> <a class="btn btn-sm btn-outline-dark" href="/2025/497.pdf"> <img class="icon" src="/img/file-pdf.svg">PDF</a> </dd> <dt>Category</dt> <dd><a href="/search?category=IMPLEMENTATION"><small class="badge category category-IMPLEMENTATION">Implementation</small></a></dd> <dt>Publication info</dt> <dd>Preprint. </dd> <dt>Keywords</dt> <dd class="keywords"><a href="/search?q=post-quantum%20cryptography" class="me-2 badge bg-secondary keyword">post-quantum cryptography</a><a href="/search?q=learning%20with%20errors" class="me-2 badge bg-secondary keyword">learning with errors</a><a href="/search?q=lattice%20code" class="me-2 badge bg-secondary keyword">lattice code</a><a href="/search?q=Hardware%20Implementation" class="me-2 badge bg-secondary keyword">Hardware Implementation</a><a href="/search?q=ASIC" class="me-2 badge bg-secondary keyword">ASIC</a></dd> <dt>Contact author(s)</dt> <dd><span class="font-monospace"> tianjing<span class="obfuscate"> &#64; </span>nju edu cn<br>yaodongwei<span class="obfuscate"> &#64; </span>smail nju edu cn<br>xudejun<span class="obfuscate"> &#64; </span>smail nju edu cn<br>wang_kai<span class="obfuscate"> &#64; </span>smail nju edu cn<br>anyuwang<span class="obfuscate"> &#64; </span>tsinghua edu cn<br>qiuzhiyuan<span class="obfuscate"> &#64; </span>sdibc cn<br>yaofu3<span class="obfuscate"> &#64; </span>huawei com<br>zengguang13<span class="obfuscate"> &#64; </span>huawei com </span> </dd> <dt>History</dt> <dd>2025-03-17: approved</dd> <dd>2025-03-16: received</dd> <dd><a rel="nofollow" href="/archive/versions/2025/497">See all versions</a></dd> <dt>Short URL</dt> <dd><a href="https://ia.cr/2025/497">https://ia.cr/2025/497</a></dd> <dt>License</dt> <dd><a rel="license" target="_blank" href="https://creativecommons.org/licenses/by-nc/4.0/"> <img class="licenseImg" src="/img/license/CC_BY_NC.svg" alt="Creative Commons Attribution-NonCommercial" title="Creative Commons Attribution-NonCommercial"><br> <small>CC BY-NC</small> </a> </dd> </dl> </div> </div> <p class="mt-4"><strong>BibTeX</strong> <button id="bibcopy" class="ms-2 btn btn-sm btn-outline-dark" aria-label="Copy to clipboard" onclick="copyBibtex()"> <img src="/img/copy-outline.svg" class="icon">Copy to clipboard</button></p> <pre id="bibtex"> @misc{cryptoeprint:2025/497, author = {Jing Tian and Yaodong Wei and Dejun Xu and Kai Wang and Anyu Wang and Zhiyuan Qiu and Fu Yao and Guang Zeng}, title = {Fast Scloud+: A Fast Hardware Implementation for the Unstructured {LWE}-based {KEM} - Scloud+}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/497}, year = {2025}, url = {https://eprint.iacr.org/2025/497} } </pre> <script> var bibcopy; function triggerTooltip() { console.log('setting tooltip'); } window.onload = triggerTooltip; function copyBibtex() { let range = document.createRange(); range.selectNode(document.getElementById('bibtex')); window.getSelection().removeAllRanges(); window.getSelection().addRange(range); document.execCommand('copy'); window.getSelection().removeAllRanges(); let bibcopy = document.getElementById('bibcopy'); let copyTooltip = new bootstrap.Tooltip(bibcopy, {trigger: 'manual', title: 'Copied!'}); copyTooltip.show(); setTimeout(function() { copyTooltip.dispose(); }, 2000); } </script> </main> <div class="container-fluid mt-auto" id="eprintFooter"> <a href="https://iacr.org/"> <img id="iacrlogo" src="/img/iacrlogo_small.png" class="img-fluid d-block mx-auto" alt="IACR Logo"> </a> <div class="colorDiv"></div> <div class="alert alert-success w-75 mx-auto"> Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content. </div> </div> <script src="/css/bootstrap/js/bootstrap.bundle.min.js"></script> <script> var topNavbar = document.getElementById('topNavbar'); if (topNavbar) { document.addEventListener('scroll', function(e) { if (window.scrollY > 100) { topNavbar.classList.add('scrolled'); } else { topNavbar.classList.remove('scrolled'); } }) } </script> </body> </html>