FPGA Implementations of 256-Bit SNOW Stream Ciphers for Postquantum Mobile Security

Quantum computing is a serious threat for contemporary cryptography and, in order to address this threat, key sizes used for symmetric cryptography should be doubled, most typically from 128 to 256 bits. The third-generation partnership project (3GPP), the standards organization for mobile communications, is currently in the process of adding support for 256-bit keys into future mobile standards for the purpose of confidentiality and integrity protection. The current standard defines three ciphers with 128-bit keys: AES, SNOW 3G, and ZUC. There are two competing stream ciphers for the replacement of the 128-bit SNOW 3G: a 256-bit variant of SNOW 3G and a new design SNOW-V. SNOW-V has superior performance in software platforms. In this article, we investigate the implementations of these ciphers on field-programmable gate arrays (FPGAs) for both confidentiality and integrity protection. We develop optimized architectures and introduce a new parallelization technique that applies to both ciphers and offers significant throughput improvements in particular when the ciphers are used in the integrity protection modes. Our results show that SNOW-V has a significant performance advantage over the 256-bit SNOW 3G also on FPGAs.