Optimized Polynomial Multiplier Architectures for Post-Quantum KEM Saber

Sujoy Sinha Roy, Andrea Basso

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Saber is one of the four finalists in the ongoing NIST post-quantum cryptography standardization project. A significant portion of Saber's computation time is spent on computing polynomial multiplications in polynomial rings with powers-of-two moduli. We propose several optimization strategies for improving the performance of polynomial multiplier architectures for Saber, targeting different hardware platforms and diverse application goals. We propose two high-speed architectures that exploit the smallness of operand polynomials in Saber and can achieve great performance with a moderate area consumption. We also propose a lightweight multiplier that consumes only 541 LUTs and 301 FFs on a small Artix-7 FPGA.
Original languageEnglish
Title of host publication2021 58th ACM/IEEE Design Automation Conference (DAC)
Publication statusPublished - 2021
Event58th Design Automation Conference - San Francisco, United States
Duration: 5 Dec 20219 Dec 2021


Conference58th Design Automation Conference
Abbreviated titleDAC 2021
Country/TerritoryUnited States
CitySan Francisco


  • lattice-based cryptography
  • Post-quantum cryptography
  • Hardware acceleration
  • Saber KEM


Dive into the research topics of 'Optimized Polynomial Multiplier Architectures for Post-Quantum KEM Saber'. Together they form a unique fingerprint.

Cite this