We have recently released two preprints on Round5:
“Shorter Messages and Faster Post-Quantum Encryption with Round5 on Cortex M” by M.-J. Saarinen, S. Bhattacharya, O. Garcia-Morchon, R. Rietman, L. Tolhuizen, and Z. Zhang. IACR ePrint 2018/723, To appear in CARDIS’18, November 2018.
“Round5: Compact and Fast Post-Quantum Public-Key Encryption” by S. Bhattacharya, O. Garcia-Morchon, T. Laarhoven, R. Rietman, M.-J. Saarinen, L. Tolhuizen, and Z. Zhang. IACR ePrint 2018/725, Submitted for publication, August 2018.
Unfortunately these papers are slighlty out of date since the final parameters are not used. We plan to compile the official NIST submission tweak around November 2018.
Round5 is currently the fastest post-quantum encryption algorithm in all NIST security classes where it is implemented. It also has the shortest public keys and messages of any lattice-based NIST PQC candidate. The Isogeny-based proposal SIKE requires 15-35% less bytes for key establishment but is hundreds of times slower, making it impractical for many applications.
In addition to being the orignal author of Hila5, and designer of key components of Round5, I wrote the fast C implementation reported in the paper “Shorter Messages..”, above. It is available at https://github.com/mjosaarinen/r5nd_tiny.
Here is a simple engineering and security comparison for key establishment use case on Cortex M4. All of the compared algorithms are at NIST Category 3.