Description:RELATED APPLICATION
[0001] The present application claims priority to U.S. Non-Provisional Patent Application No. 17/480,413 filed on 21 September 2021 and titled “SIDE-CHANNEL ROBUST INCOMPLETE NUMBER THEORETIC TRANSFORM FOR CRYSTAL KYBER” the entire disclosure of which is hereby incorporated by reference.

BACKGROUND
[0002] Subject matter described herein relates generally to the field of computer security and more particularly to post-quantum cryptography.
[0003] Crystal-Kyber is a digital key encapsulation mechanism (KEM) based on the difficulty of lattice problems over module lattices that is secure under chosen message attacks. Crystal-Kyber relies in part on a polynomial multiplication using a secret polynomial, which raises the potential for side channel attacks to obtain secret information used in the signature scheme. Accordingly, techniques to protect Crystal-Kyber operations from side channel snooping attacks may find utility, e.g., in computer-based communication systems and methods.

BRIEF DESCRIPTION OF THE DRAWINGS
[0004] The detailed description is described with reference to the accompanying figures.
[0005] Fig. 1 is a schematic illustration of a signing device and a verifying device, in accordance with embodiments.
[0006] Fig. 2 is a schematic illustration of an incomplete number theoretic transform (NTT), in accordance with embodiments.
[0007] Fig. 3 is a schematic illustration of paired coefficient-wise multiplication, in accordance with embodiments.
[0008] Fig. 4 is a schematic illustration of components to implement an incomplete number theoretic transform (NTT) calculation, in accordance with embodiments.
[0009] Fig. 5 is a schematic illustration of a processing structure to implement a number theoretic transform (NTT), in accordance with embodiments
[0010] Fig. 6 is a schematic illustration of a computing architecture which may be adapted to implement hardware acceleration in accordance with some examples.

DETAILED DESCRIPTION
[0011] Described herein are exemplary systems and methods to implement low overheard side channel protection for number theoretic transform (NTT) operations. In the following description, numerous specific details are set forth to provide a thorough understanding of various examples. However, it will be understood by those skilled in the art that the various examples may be practiced without the specific details. In other instances, well-known methods, procedures, components, and circuits have not been illustrated or described in detail so as not to obscure the examples.
, C , Claims:1. An apparatus, comprising:
an input register comprising an input polynomial;
a processing datapath communicatively coupled to the input register comprising a plurality of compute nodes to perform an incomplete number theoretic transform (NTT) algorithm on the input polynomial to generate an output polynomial in NTT format, the plurality of compute nodes comprising:
at least a first NTT circuit comprising a single butterfly circuit to perform a series of butterfly calculations on input data; and
a randomizing circuitry to randomize an order of the series of butterfly calculations.