We present an optimized implementation of the post-quantum Supersingular Isogeny Key Encapsulation (SIKE) for 32-bit ARMv7-A processors supporting NEON engine (i.e., SIMD instruction). Unlike previous SIKE implementations, finite field arithmetic is efficiently implemented in a redundant representation, which avoids carry propagation and pipeline stall. Furthermore, we adopted several state-of-the-art engineering techniques as well as hand-crafted assembly implementation for high performance. Optimized implementations are ported to Microsoft SIKE library written in “a non-redundant representation” and evaluated in high-end 32-bit ARMv7-A processors, such as ARM Cortex-A5, A7, and A15. A full key-exchange execution of SIKEp503 is performed in about 109 million cycles on ARM Cortex-A15 processors (i.e., 54.5 ms @2.0 GHz), which is about 1.58× faster than previous state-of-the-art work presented in CHES’18.

中文翻译：

---

基于 NIST Level-II 冗余编号系统的 32 位 ARM 处理器中的 SIKE

我们为支持 NEON 引擎（即 SIMD 指令）的 32 位 ARMv7-A 处理器提供了后量子超奇异同源密钥封装 (SIKE) 的优化实现。与以前的 SIKE 实现不同，有限域算法以冗余表示有效地实现，从而避免了进位传播和流水线停顿。此外，我们采用了几种最先进的工程技术以及手工组装实现的高性能。优化的实现被移植到以“非冗余表示”编写的 Microsoft SIKE 库，并在高端 32 位 ARMv7-A 处理器（例如 ARM Cortex-A5、A7 和 A15）中进行评估。SIKEp503 的完整密钥交换执行在 ARM Cortex-A15 处理器上执行大约 1.09 亿个周期（即 54.5 ms @2.0 GHz），约为 1。