We have recently released a couple of preprints on Round5:
“Round5: Compact and Fast Post-Quantum Public-Key Encryption” by H. Baan, S. Bhattacharya, S. Fluhrer, O. Garcia-Morchon, T. Laarhoven, R. Rietman, M-J. Saarinen, L. Tolhuizen, and Z. Zhang. To appear in proceedings of PQCrypto ‘19, January 2019.
“Shorter Messages and Faster Post-Quantum Encryption with Round5 on Cortex M” by M.-J. Saarinen, S. Bhattacharya, O. Garcia-Morchon, R. Rietman, L. Tolhuizen, and Z. Zhang. To appear in proceedings of CARDIS ‘18, November 2018.
Round5 is currently the fastest post-quantum encryption algorithm in all NIST security classes where it is implemented. It also has the shortest public keys and messages of any lattice-based NIST PQC candidate. The Isogeny-based proposal SIKE requires 15-35% less bytes for key establishment but is hundreds of times slower, making it impractical for many applications.
In addition to being the orignal author of Hila5, and designer of key components of Round5, I wrote the fast C implementation reported in the paper “Shorter Messages..”, above. It is available at https://github.com/mjosaarinen/r5nd_tiny.
Here is a simple engineering and security comparison for key establishment use case on Cortex M4. All of the compared algorithms are at NIST Category 3.