Requirements and Functionality#

Requirements#

To utilize cuPQC the user needs the following:

  • CUDA Toolkit 12.4 or newer

  • Supported CUDA compiler

  • Supported host compiler (C++17 required)

  • (Optionally) CMake (version 3.20 or greater)

  • x86_64 or Arm64 CPU

  • A NVIDIA GPU with one of the following architectures: 70, 75, 80, 86, 87, 89, 90

Supported Compilers#

CUDA Compilers:

  • NVCC 12.4+ (CUDA Toolkit 12.4 or newer)

Host C++ Compilers:

  • GCC 7+

  • Clang 9+

  • Aarch64-GCC 7+

cuPQC Functionality#

The cuPQC library aims to meet the growing demand for robust cryptographic solutions capable of withstanding the computational capabilities of quantum computers. By utilizing NVIDIA GPUs, cuPQC achieves significant performance improvements, making it a valuable asset for applications requiring both speed and security. Additionally, the library is designed with side-channel security measures to protect against various forms of side-channel attacks.

cuPQC is a Device Extensions libraries and it enables you to perform calculations inside your CUDA kernel. This helps to decrease latency and improve performance of your application when used with other CUDA functions.

Examples of kernels using the library are included in the package as cuPQC samples.

ML-KEM (FIPS-203)#

ML-KEM, or Module-Lattice-Based Key Encapsulation Mechanism, is standardized under FIPS-203 by NIST. The cuPQC library includes highly optimized implementations of the following ML-KEM operations:

  • Key Generation: Efficiently generates cryptographic key pairs.

  • Encapsulation: Securely encapsulates a shared secret.

  • Decapsulation: Recovers the shared secret from the encapsulated data.

The library supports multiple parameter sets to cater to various security levels and performance requirements:

  • ML-KEM-512

  • ML-KEM-768

  • ML-KEM-1024

ML-DSA (FIPS-204)#

ML-DSA, or Module-Lattice-Based Digital Signature Algorithm, is standardized under FIPS-204 by NIST. The cuPQC library offers optimized implementations of the following ML-DSA operations:

  • Key Generation: Generates cryptographic key pairs suitable for digital signatures.

  • Signing: Produces a digital signature for a given message.

  • Verification: Validates the authenticity of a digital signature.

Similar to ML-KEM, the library supports various parameter sets to address different security needs:

  • ML-DSA-44

  • ML-DSA-65

  • ML-DSA-87

Key Features#

  • High Performance: Exploits the parallel processing power of NVIDIA GPUs to accelerate cryptographic operations.

  • Batched Operations: Supports batch processing to enhance throughput and efficiency.

  • Security: Implements NIST-standardized algorithms, ensuring compliance with the latest cryptographic standards.

  • Side-Channel Security: Incorporates measures to protect against side-channel attacks, ensuring the robustness of cryptographic operations.

cuHash Functionality#

The cuHash library offers optimized implementations of the following hash functions:

  • SHA-2: Secure Hash Algorithm 2, including SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256.

  • SHA-3: Secure Hash Algorithm 3, including SHA3-224, SHA3-256, SHA3-384, and SHA3-512.

  • SHAKE: SHA-3 Derivatives, including SHAKE128 and SHAKE256.

cuHash is also a device extensions library, allowing users to write single kernel implementations that include the above hashing algorithms.

See Device Methods for detailed descriptions of each descriptor’s execution and arguments.