Acceleration of Lightweight Block Ciphers on Microprocessors - Télécom Paris Accéder directement au contenu
Communication Dans Un Congrès Année : 2019

Acceleration of Lightweight Block Ciphers on Microprocessors

Résumé

Cryptography is a key element to the development of secure communication in embedded environment such as within or between connected cars. In such constrained devices standard cryptographic algorithms have been considered too costly which lead to the emergence of specific Lightweight Block Ciphers (LBC). The lack of standards alongside industry's desire to use uniquely tweaked LBC calls for a generic and efficient implementation of those algorithms. Microprocessors are a part of most of these embedded systems which allows them to implement any of these algorithms but not efficiently way as it lacks specific instructions. For instance, the RiscV is an open source ISA which can be used in these microprocessors and is currently being enhanced by research through extensions. In this work we propose the study of this ISA and the development of an extension for efficient implementation of LBC. From the state of the art [5], [7] we have selected some LBC based on the following criteria: at least a 128-bit key for security and a 64-bit block size to limit the necessary resources. In order to identify useful extensions, we first identified which parts of LBC are slow when implemented in pure software, and how common they are in state of the art LBC. We only studied the datapath of the cipher as we considered the key scheduling to be part of preprocessing. We used a software implementation of each of the studied algorithms to isolate the costly parts of the ciphers. The computation time was evaluated in number of RiscV assembly language instructions. Studied LBC algorithms exhibit 3 main computation steps: • The key addition which is a simple XOR and doesn't require additional instructions • 8 or 16 4x4 Sbox (common for LBC) which can be implemented as LUT and can be accelerated thanks to the addition of a specific (SIMD) LUT instruction • The diffusion is generally not trivial to implement in pure software and as it can be quite different from one algorithm to the other it is not obvious to provide a unique extension to implement it.
Fichier non déposé

Dates et versions

hal-02271470 , version 1 (27-08-2019)

Identifiants

  • HAL Id : hal-02271470 , version 1

Citer

Etienne Tehrani, Tarik Graba, Jean-Luc Danger. Acceleration of Lightweight Block Ciphers on Microprocessors. CryptArchi 2019, Jun 2019, Prague, Poland. ⟨hal-02271470⟩
104 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More