{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T14:53:52Z","timestamp":1776783232732,"version":"3.51.2"},"reference-count":31,"publisher":"Association for Computing Machinery (ACM)","issue":"5","funder":[{"name":"Ministry of Education and Research of Germany","award":["16KIS002"],"award-info":[{"award-number":["16KIS002"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2025,9,30]]},"abstract":"<jats:p>SPHINCS+ is a signature scheme included in the first NIST post-quantum standard that bases its security on the underlying hash primitive. As most of the runtime of SPHINCS+ is caused by the evaluation of several hash- and pseudo-random functions, offloading this computation to dedicated hardware accelerators is a natural step. In this work, we evaluate different architectures for hardware acceleration of such a hash primitive with respect to its use-case and evaluate them in the context of SPHINCS+. We attach hardware accelerators for different hash primitives (SHAKE256 and Ascon-Xof for both full and round-reduced versions) to CPU interfaces having different transfer speeds. We show that for most use-cases, data transfer determines the overall performance if accelerators are equipped with FIFOs and that reducing the number of rounds in the permutation does not necessarily lead to significant performance improvements when using hardware acceleration.<\/jats:p>\n          <jats:p>\n            This work extends on a conference paper accepted at COSADE\u201924, first published in\u00a0[\n            <jats:xref ref-type=\"bibr\">19<\/jats:xref>\n            ], and written by the same authors, where different architectures for hardware accelerators of hash functions are benchmarked and evaluated for SPHINCS+ as a case study. In this article, we provide results for additional parameter sets for SPHINCS+ and improve the performance of one of the accelerators by adding an additional RISC-V instruction for faster absorption. We then extend the performance benchmark by including the algorithms CRYSTALS-Kyber, CRYSTALS-Dilithium, and Falcon. Finally, we provide a power\/energy comparison for the accelerators.\n          <\/jats:p>","DOI":"10.1145\/3676965","type":"journal-article","created":{"date-parts":[[2024,7,9]],"date-time":"2024-07-09T07:36:57Z","timestamp":1720510617000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Performance and Communication Cost of Hardware Accelerators for Hashing in Post-Quantum Cryptography"],"prefix":"10.1145","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9476-9651","authenticated-orcid":false,"given":"Patrick","family":"Karl","sequence":"first","affiliation":[{"name":"TUM School of Computation, Information and Technology, Technical University of Munich","place":["Munich, Germany"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4171-1656","authenticated-orcid":false,"given":"Jonas","family":"Schupp","sequence":"additional","affiliation":[{"name":"TUM School of Computation, Information and Technology, Technical University of Munich","place":["Munich, Germany"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3152-941X","authenticated-orcid":false,"given":"Georg","family":"Sigl","sequence":"additional","affiliation":[{"name":"TUM School of Computation, Information and Technology, Technical University Munich","place":["Munich, Germany"]},{"name":"Fraunhofer Institute for Applied and Integrated Security","place":["Munich, Germany"]}]}],"member":"320","published-online":{"date-parts":[[2025,9,14]]},"reference":[{"key":"e_1_3_3_2_2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2022.3215064"},{"key":"e_1_3_3_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/DSD51259.2020.00046"},{"key":"e_1_3_3_4_2","article-title":"SPHINCS+\u2014Submission to the 3rd round of the NIST Post-Quantum Project. v3.1","author":"Aumasson Jean-Philippe","year":"2022","unstructured":"Jean-Philippe Aumasson, Daniel J. Bernstein, Ward Beullens, Christoph Dobraunig, Maria Eichlseder, Scott Fluhrer, Stefan-Lukas Gazdag, Andreas H\u00fclsing, Panos Kampanakis, Stefan K\u00f6lbl, Tanja Lange, Martin M. Lauridsen, Florian Mendel, Ruben Niederhagen, Christian Rechberger, Joost Rijneveld, Peter Schwabe, and Bas Westerbaan. 2022. SPHINCS+\u2014Submission to the 3rd round of the NIST Post-Quantum Project. v3.1. Online. https:\/\/sphincs.org\/data\/sphincs+-r3.1-specification.pdf","journal-title":"Online"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.17-61"},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363229"},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/IPDPSW52791.2021.00034"},{"key":"e_1_3_3_8_2","first-page":"342","article-title":"TurboSHAKE","author":"Bertoni Guido","year":"2023","unstructured":"Guido Bertoni, Joan Daemen, Seth Hoffert, Micha\u00ebl Peeters, Gilles Van Assche, Ronny Van Keer, and Beno\u00eet Viguier. 2023. TurboSHAKE. IACR Cryptology ePrint Archive (2023), 342. https:\/\/eprint.iacr.org\/2023\/342.","journal-title":"IACR Cryptology ePrint Archive"},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"e_1_3_3_10_2","unstructured":"Christoph Dobraunig Maria Eichlseder Florian Mendel and Martin Schl\u00e4ffer. 2021. Ascon v1.2. https:\/\/ascon.iaik.tugraz.at\/specification.html"},{"key":"e_1_3_3_11_2","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2018.i1.238-268"},{"key":"e_1_3_3_12_2","article-title":"Falcon: Fast-fourier lattice-based compact signatures over NTRU","volume":"36","author":"Fouque Pierre-Alain","year":"2018","unstructured":"Pierre-Alain Fouque, Jeffrey Hoffstein, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Prest, Thomas Ricosset, Gregor Seiler, William Whyte, and Zhenfei Zhang. 2018. Falcon: Fast-fourier lattice-based compact signatures over NTRU. Submission to the NIST\u2019s Post-Quantum Cryptography Standardization Process 36 (2018). https:\/\/falcon-sign.info\/falcon.pdf","journal-title":"Submission to the NIST\u2019s Post-Quantum Cryptography Standardization Process"},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.23919\/DATE.2019.8715173"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2020.i4.239-280"},{"key":"e_1_3_3_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2017.2654506"},{"key":"e_1_3_3_16_2","doi-asserted-by":"crossref","first-page":"173","DOI":"10.1007\/978-3-642-38553-7_10","volume-title":"Progress in Cryptology (AFRICACRYPT \u201913)","author":"H\u00fclsing Andreas","year":"2013","unstructured":"Andreas H\u00fclsing. 2013. W-OTS+\u2014Shorter signatures for hash-based signature schemes. In Progress in Cryptology (AFRICACRYPT \u201913), Amr Youssef, Abderrahmane Nitaj, and Aboul Ella Hassanien (Eds.). Springer, Berlin, 173\u2013188."},{"key":"e_1_3_3_17_2","article-title":"pqm4: Benchmarking NIST Additional Post-Quantum Signature Schemes on Microcontrollers","author":"Kannwischer Matthias J.","year":"2024","unstructured":"Matthias J. Kannwischer, Markus Krausz, Richard Petri, and Shang-Yi Yang. 2024. pqm4: Benchmarking NIST Additional Post-Quantum Signature Schemes on Microcontrollers. Cryptology ePrint Archive, Paper 2024\/112. https:\/\/eprint.iacr.org\/2024\/112","journal-title":"Cryptology ePrint Archive, Paper 2024\/112"},{"key":"e_1_3_3_18_2","unstructured":"Matthias J. Kannwischer Joost Rijneveld Peter Schwabe and Ko Stoffelen. [n. d.]. PQM4: Post-quantum crypto library for the ARM Cortex-M4. https:\/\/github.com\/mupq\/pqm4 as of commit 918f379."},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3579092"},{"key":"e_1_3_3_20_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-57543-3_12"},{"key":"e_1_3_3_21_2","unstructured":"Dustin Moody. 2022. NIST PQC: Looking into the Future. https:\/\/csrc.nist.gov\/Presentations\/2022\/nist-pqc-looking-into-the-future"},{"key":"e_1_3_3_22_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.204.ipd"},{"key":"e_1_3_3_23_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.203.ipd"},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.205.ipd"},{"key":"e_1_3_3_25_2","unstructured":"National Institute of Standards and Technology. 2022. Call for Additional Digital Signature Schemes for the Post-Quantum Cryptography Standardization Process. https:\/\/csrc.nist.gov\/Projects\/pqc-dig-sig\/standardization"},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology. 2022. Status Report on the Third Round of the NIST Post-Quantum Cryptography Stadardization Process. 10.6028\/NIST.IR.8413-upd1","DOI":"10.6028\/NIST.IR.8413-upd1"},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.202"},{"key":"e_1_3_3_28_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-68376-3_9"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-68487-7_4"},{"key":"e_1_3_3_30_2","doi-asserted-by":"publisher","DOI":"10.6028\/nist.ir.8454"},{"key":"e_1_3_3_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/3560834.3563831"},{"key":"e_1_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2020.i3.269-306"}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3676965","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,15]],"date-time":"2025-09-15T04:16:01Z","timestamp":1757909761000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3676965"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,14]]},"references-count":31,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2025,9,30]]}},"alternative-id":["10.1145\/3676965"],"URL":"https:\/\/doi.org\/10.1145\/3676965","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"value":"1539-9087","type":"print"},{"value":"1558-3465","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,9,14]]},"assertion":[{"value":"2024-03-03","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-06-18","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-09-14","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}