A More Accurate and Robust Binary Ring-LWE Decryption Scheme and Its Hardware Implementation for IoT Devices

Learning with error (LWE) over the ring based on binary distribution (ring-BinLWE) has become a potential Internet-of-Things (IoT) confidentiality solution with its anti-quantum attack properties and uncomplicated calculations. Compared with ring-LWE based on discrete Gaussian distribution, the decryption scheme of ring-LWE based on binary distribution needs to be re-determined due to the asymmetry of the error distribution. The direct application of the ring-LWE decryption function based on discrete Gaussian distribution can cause serious misjudgment. In this article, we propose a more accurate and robust decryption scheme for ring-BinLWE based on 2's complement ring. Compared with the previous decryption function, the re-derived decryption function significantly improves the decoding rate by 50%. Furthermore, based on the proposed decryption function, high-performance, and lightweight hardware architectures for terminal devices in IoT are, respectively, proposed, which are scalable and can be easily adapted to ring-BinLWE hardware deployment with other parameter sets. When the parameter set is n = 256, q = 256, the high-performance implementation consumes 7.6k LUTs, 6.2k FFs, and 2.3k SLICEs on Spartan 6 field-programmable gate array (FPGA) platform. Compared with the previous implementation, our resource overhead increases by only 23% while the decryption accuracy is significantly improved by 50%. The lightweight implementation for parameter set n = 256, q = 256 consumes only 230 LUTs, 338 FFs, and 84 SLICEs on the Spartan 6 FPGA platform. Compared with the previous work, the area x time (AT) is reduced by 47.8%, which is more suitable for deployment on resource-constrained IoT nodes.