Welcome to the resource topic for 2020/1158
Title:
Don’t throw your nonces out with the bathwater: Speeding up Dilithium by reusing the tail of y
Authors: Daan Sprenkels, Bas Westerbaan
Abstract:We suggest a small change to the Dilithium signature scheme, that allows one to reuse computations between rejected nonces, for a speed-up in signing time. The modification is based on the idea that, after rejecting on a too large \|\mathbf{r}_0\|_\infty, not all elements of the nonce \mathbf{y} are spent. We swap the order of the checks; and if this \mathbf{r}_0-check fails, we only need to resample y_1. We provide a proof that shows that the modification does not affect the security of the scheme. We present measurements of the performance of the modified scheme on AVX2, Cortex M4, and Cortex M3, which show a speed-up ranging from 11% for Dilithium2 on M3 to 22% for Dilithium3 on AVX2.
ePrint: https://eprint.iacr.org/2020/1158
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .