Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

updated NTT block to support masking countermeasure for A.y #45

Open
mojtaba-bisheh opened this issue Nov 22, 2024 · 0 comments
Open

updated NTT block to support masking countermeasure for A.y #45

mojtaba-bisheh opened this issue Nov 22, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@mojtaba-bisheh
Copy link
Collaborator

The current masking supports only PWM operation that is followed by INTT operations. Hence, the intermediate results of PWM is not stored in memory.
In the case of A.y, PWM with accumulation needs to happen first and then INTT. Since this is accumulation over several polynomials, we cannot perform INTT on the fly for each PWM operation that happens.
We should update the memory arch to store the intermediate masked data of size (4 coeff * 2 shares * 46 bits * 64 addr) that stores 1 poly at a time and accumulation happens over it with masked PWM. Then INTT is triggered that reads this share memory and performs 1st stage of masking and combines shares and writes to original memory.

Now, NTT should support:
All unmasked operations
Masked PWM
Masked PWMA (accumulation)
Masked INTT
Masked PWM + INTT
@mojtaba-bisheh mojtaba-bisheh added enhancement New feature or request bug Something isn't working and removed enhancement New feature or request labels Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mojtaba-bisheh