Update on Overleaf.

chapters/related-work/main.tex

@@ -61,7 +61,7 @@ \section{Literature on Post-Quantum Characteristics}
 %%% === THERE IS A LARGE CHANGE IN TOPICS HERE === %%%
 The \gls{post-quantum} \gls{kem} \gls{saber} is designed to be serial by nature~\cite{sinha2019}. The design was chosen to attain simplicity and efficiency on constrained devices. The \gls{saber} algorithm relies heavily on the pseduo-random number generation implemented using \gls{shake}-128, which also occupies a significant portion of \gls{saber}'s execution time~\cite{sinha2019}. Some measurements suggest that around 50-70\% of the overall computation time is spent generating pseudo-random numbers~\cite{saber}.
 
-In~\cite{zhu2021}, Zhu et. al. discuss the performance of cryptosystems based on learning with rounding, such as \gls{saber}. In \gls{saber}, one of the main computational bottlenecks is the polynomial multiplication, which cannot be accelerated by using the \gls{ntt} fast multiplication algorithm. This is due to \gls{saber} using a power-of-two modulo and \glspl{ntt} requiring a prime modulo for ciphertexts. When it comes to hardware implementations, it is therefore important to discuss how one may efficiently implement polynomial multiplication without using \gls{ntt}. One may exchange \gls{ntt} with Toom-Cook and Karatsuba algorithms. However, high-speed implementations of Toom-Cook multiplication have been found to add additional overhead. For implementations in hardware, a Karatsuba algorithm may be adopted for accelerating learning with rounding, as found in \gls{saber}. In one implementation, it was found that a 100Mhz hardware implementation required roughly $5.2\mu s$ for encapsulating a key, which was found to be 14 times faster than implementations on a more conventional Intel Core i7 processor. Further efforts have been made to implement \gls{saber} in hardware~\cite{roy2020}. In~\cite{roy2020}, a high-speed instruction-set coprocessor for lattice-based \glspl{kem} is presented. Just like Zhu et. al.~\cite{zhu2021}, Sinha Roy et. al.~\cite{roy2020} also identified that polynomial multiplications plays a performance-critical role in lattice-based public-key cryptography.
+In~\cite{zhu2021}, Zhu et. al. discuss the performance of cryptosystems based on learning with rounding, such as \gls{saber}. In \gls{saber}, one of the main computational bottlenecks is the polynomial multiplication, which cannot be accelerated by using the \gls{ntt} fast multiplication algorithm. This is due to \gls{saber} using a power-of-two modulo and \glspl{ntt} requiring a prime modulo for ciphertexts. When it comes to hardware implementations, it is therefore important to discuss how one may efficiently implement polynomial multiplication without using \gls{ntt}. One may exchange \gls{ntt} with Toom-Cook and Karatsuba algorithms. However, high-speed implementations of Toom-Cook multiplication have been found to add additional overhead. For implementations in hardware, a Karatsuba algorithm may be adopted for accelerating learning with rounding, as found in \gls{saber}. In one implementation, it was found that a 100MHz hardware implementation required roughly 5.2 microseconds for encapsulating a key, which was found to be 14 times faster than implementations on a more conventional Intel Core i7 processor. Further efforts have been made to implement \gls{saber} in hardware~\cite{roy2020}. In~\cite{roy2020}, a high-speed instruction-set coprocessor for lattice-based \glspl{kem} is presented. Just like Zhu et. al.~\cite{zhu2021}, Sinha Roy et. al.~\cite{roy2020} also identified that polynomial multiplications plays a performance-critical role in lattice-based public-key cryptography.
 
 % KYBER
 % KYBER