Tung Chou
Research Center for Information Technology and Innovation, Academia Sinica, Taipei, Taiwan

Matthias J. Kannwischer
Max Planck Institute for Security and Privacy, Bochum, Germany; Institute of Information Science, Academia Sinica, Taipei, Taiwan

Bo-Yin Yang
Research Center for Information Technology and Innovation, Academia Sinica, Taipei, Taiwan; Institute of Information Science, Academia Sinica, Taipei, Taiwan

Keywords: Rainbow, NISTPQC, Cortex-M4, MQ signatures, finite field arithmetic

Abstract

We present the first Cortex-M4 implementation of the NISTPQC signature finalist Rainbow. We target the Giant Gecko EFM32GG11B which comes with 512 kB of RAM which can easily accommodate the keys of RainbowI.

We present fast constant-time bitsliced F16 multiplication allowing multiplication of 32 field elements in 32 clock cycles. Additionally, we introduce a new way of computing the public map P in the verification procedure allowing vastly faster signature verification.

Both the signing and verification procedures of our implementation are by far the fastest among the NISTPQC signature finalists. Signing of rainbowIclassic requires roughly 957 000 clock cycles which is 4× faster than the state of the art Dilithium2 implementation and 45× faster than Falcon-512. Verification needs about 239 000 cycles which is 5× and 2× faster respectively. The cost of signing can be further decreased by 20% when storing the secret key in a bitsliced representation.