More Web Proxy on the site http://driver.im/

Article

Boosting AES performance on a tiny processor core

Authors:

Stefan Tillich,

Christoph HerbstAuthors Info & Claims

CT-RSA'08: Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology

Pages 170 - 186

Published: 08 April 2008 Publication History

Abstract

Notwithstanding the tremendous increase in performance of desktop computers, more and more computational work is performed on small embedded microprocessors. Particularly, tiny 8-bit microcontrollers are being employed in many different application settings ranging from cars over everyday appliances like doorlock systems or room climate controls to complex distributed setups like wireless sensor networks. In order to provide security for these applications, cryptographic algorithms need to be implemented on these microcontrollers. While efficient implementation is a general optimization goal, tiny embedded systems normally have further demands for low energy consumption, small code size, low RAM usage and possibly also short latency. In this work we propose a small enhancement for 8-bit Advanced Virtual RISC (AVR) cores, which improves the situation for all of these demands for implementations of the Advanced Encryption Standard. Particularly, a single 128-bit block can be encrypted or decrypted in under 1,300 clock cycles. Compared to a fast software implementation, this constitutes an increase of performance by a factor of up to 3.6. The hardware cost for the proposed extensions is limited to about 1.1 kGates.

References

[1]

Atmel Corporation. 8-bit AVR Microcontroller with 128K Bytes In-System Programmable Flash (August 2007), http://www.atmel.com/dyn/resources/prod documents/doc2467.pdf

[2]

Bertoni, G., Breveglieri, L., Roberto, F., Regazzoni, F.: Speeding Up AES By Extending a 32-Bit Processor Instruction Set. In: Proceedings of the 17th IEEE International Conference on Application-specific Systems, Architectures and Processors (ASAP 2006), pp. 275-282. IEEE Computer Society Press, Los Alamitos (2006).

Digital Library

[3]

Buchty, R.: Cryptonite -- A Programmable Crypto Processor Architecture for High-Bandwidth Applications. Ph.d. thesis, Technische Universität München, LRR (September 2002), http://tumb1.biblio.tu-muenchen.de/publ/diss/in/2002/buchty.pdf

[4]

Burke, J., McDonald, J., Austin, T.: Architectural Support for Fast Symmetric-Key Cryptography. In: ASPLOS-IX Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems, Cambridge, MA, USA, 2000, November 12-15, pp. 178-189. ACM Press, New York (2000).

Digital Library

[5]

Canright, D.: A Very Compact S-Box for AES. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 441-455. Springer, Heidelberg (2005).

Digital Library

[6]

Chia, C.-C., Wang, S.-S.: Efficient Design of an Embedded Microcontroller for Advanced Encryption Standard. In: Proceedings of the 2005 Workshop on Consumer Electronics and Signal Processing (WCEsp 2005) (2005), http://www.mee.chu.edu.tw/labweb/WCEsp2005/96.pdf

[7]

Daemen, J., Rijmen, V.: The Design of Rijndael. In: Information Security and Cryptography, Springer, Heidelberg (2002).

[8]

Dhem, J.-F.: Design of an efficient public-key cryptographic library for RISC-based smart cards. PhD thesis, Université Catholique de Louvain, Louvain-la-Neuve, Belgium (May 1998).

[9]

Eberle, H., Wander, A., Gura, N., Chang-Shantz, S., Gupta, V.: Architectural Extensions for Elliptic Curve Cryptography over GF(2^m) on 8-bit Microprocessors. In: Proceedings of the 16th IEEE International Conference on Application-specific Systems, Architectures and Processors (ASAP 2005), July 2005, pp. 343-349. IEEE Computer Society Press, Los Alamitos (2005).

Digital Library

[10]

Elbirt, A.J.: Fast and Efficient Implementation of AES via Instruction Set Extensions. In: Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW 2007), May 2007, vol. 1, pp. 396-403. IEEE Computer Society Press, Los Alamitos (2007).

Digital Library

[11]

Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES Implementation on a Grain of Sand. IEE Proceedings on Information Security 152(1), 13-20 (2005).

[12]

Gonzalez, R.E.: Xtensa: A Configurable and Extensible Processor. IEEE Micro 20(2), 60-70 (2000).

Digital Library

[13]

McGregor, J.P., Lee, R.B.: Architectural Enhancements for Fast Subword Permutations with Repetitions in Cryptographic Applications. In: Proceedings of the International Conference on Computer Design (ICCD 2001), September 2001, pp. 453-461. IEEE, Los Alamitos (2001).

Digital Library

[14]

Nadehara, K., Ikekawa, M., Kuroda, I.: Extended Instructions for the AES Cryptography and their Efficient Implementation. In: IEEE Workshop on Signal Processing Systems (SIPS 2004), Austin, Texas, USA, October 2004, pp. 152-157. IEEE Press, Los Alamitos (2004).

[15]

Nahum, E., O'Malley, S., Orman, H., Schroeppel, R.: Towards High Performance Cryptographic Software. In: Third IEEE Workshop on the Architecture and Implementation of High Performance Communication Subsystems, 1995 (HPCS 1995), August 1995, pp. 69-72. IEEE, Los Alamitos (1995).

[16]

National Institute of Standards and Technology (NIST). FIPS-197: Advanced Encryption Standard (November 2001), http://www.itl.nist.gov/fipspubs/

[17]

Ravi, S., Raghunathan, A., Potlapally, N., Sankaradass, M.: System design methodologies for a wireless security processing platform. In: DAC 2002: Proceedings of the 39th Conference on Design Automation, pp. 777-782. ACM Press, New York (2002).

Digital Library

[18]

Rinne, S., Eisenbarth, T., Paar, C.: Performance Analysis of Contemporary Light-Weight Block Ciphers on 8-bit Microcontrollers (June 2007), http://www.crypto.ruhr-uni-bochum.de/imperia/md/content/texte/ publications/conferences/lw_speed2007.pdf

[19]

Shi, Z., Lee, R.B.: Bit Permutation Instructions for Accelerating Software Cryptography. In: Proceedings of the 11th IEEE International Conference on Application-specific Systems, Architectures and Processors (ASAP 2000), pp. 138-148. IEEE, Los Alamitos (2000).

Digital Library

[20]

Tillich, S., Feldhofer, M., Großschädl, J.: Area, Delay, and Power Characteristics of Standard-Cell Implementations of the AES S-Box. In: Vassiliadis, S., Wong, S., Hämäläinen, T.D. (eds.) SAMOS 2006. LNCS, vol. 4017, pp. 457-466. Springer, Heidelberg (2006).

Digital Library

[21]

Tillich, S., Großschädl, J.: Instruction Set Extensions for Efficient AES Implementation on 32-bit Processors. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 270-284. Springer, Heidelberg (2006).

Digital Library

[22]

Tillich, S., Großschädl, J.: Power-Analysis Resistant AES Implementation with Instruction Set Extensions. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 303-319. Springer, Heidelberg (2007).

Digital Library

[23]

Tillich, S., Großschädl, J.: VLSI Implementation of a Functional Unit to Accelerate ECC and AES on 32-bit Processors. In: Carlet, C., Sunar, B. (eds.) WAIFI 2007. LNCS, vol. 4547, pp. 40-54. Springer, Heidelberg (2007).

Digital Library

[24]

Wolkerstorfer, J.: An ASIC Implementation of the AES-MixColumn operation. In: Rössler, P., Döderlein, A. (eds.) Austrochip 2001, pp. 129-132 (2001); ISBN 3-9501517-0-2.

[25]

Wu, L., Weaver, C., Austin, T.: CryptoManiac: A Fast Flexible Architecture for Secure Communication. In: ISCA 2001: Proceedings of the 28th annual international symposium on Computer architecture, pp. 110-119. ACM Press, New York (2001).

Digital Library

Cited By

Regazzoni FIenne PFanucci LTeich J(2016)Instruction set extensions for secure applicationsProceedings of the 2016 Conference on Design, Automation & Test in Europe10.5555/2971808.2972165(1529-1534)Online publication date: 14-Mar-2016
https://dl.acm.org/doi/10.5555/2971808.2972165
Bossuet LGrand MGaspar LFischer VGogniat G(2013)Architectures of flexible symmetric key crypto engines—a surveyACM Computing Surveys10.1145/2501654.250165545:4(1-32)Online publication date: 30-Aug-2013
https://dl.acm.org/doi/10.1145/2501654.2501655
Groß HPlos T(2012)On using instruction-set extensions for minimizing the hardware-implementation costs of symmetric-key algorithms on a low-resource microcontrollerProceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues10.1007/978-3-642-36140-1_11(149-164)Online publication date: 2-Jul-2012
https://dl.acm.org/doi/10.1007/978-3-642-36140-1_11
Show More Cited By

Boosting AES performance on a tiny processor core

Recommendations

An ultra-high throughput and fully pipelined implementation of AES algorithm on FPGA

We propose high throughput AES implementations in ECB and CTR modes.S-box is efficiently implemented by combining memory and non-memory based approaches.We achieve area-delay efficient multipliers and multiplicative inverters in GF(28).We employ loop-...
A tightly coupled finite field arithmetic hardware in an FPGA-based embedded processor core for elliptic curve cryptography

This work presents the implementation of a tightly-coupled hardware architectural enhancement to the Altera FPGA-based Nios II embedded processor. The goal is to accelerate finite field arithmetic operations in the binary fields of F<SUB align=right&...
Instruction set extensions for efficient AES implementation on 32-bit processors
CHES'06: Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems

Secure communication over public networks like the Internet requires the use of cryptographic algorithms as basic building blocks. Most cryptographic workloads pose a considerable burden on devices like PDAs, cell phones, and sensor nodes, which are ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

CT-RSA'08: Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology

April 2008

437 pages

ISBN:3540792627

Editor:
Tal Malkin
Columbia University, Department of Computer Science, New York, NY

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 08 April 2008

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
5
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Regazzoni FIenne PFanucci LTeich J(2016)Instruction set extensions for secure applicationsProceedings of the 2016 Conference on Design, Automation & Test in Europe10.5555/2971808.2972165(1529-1534)Online publication date: 14-Mar-2016
https://dl.acm.org/doi/10.5555/2971808.2972165
Bossuet LGrand MGaspar LFischer VGogniat G(2013)Architectures of flexible symmetric key crypto engines—a surveyACM Computing Surveys10.1145/2501654.250165545:4(1-32)Online publication date: 30-Aug-2013
https://dl.acm.org/doi/10.1145/2501654.2501655
Groß HPlos T(2012)On using instruction-set extensions for minimizing the hardware-implementation costs of symmetric-key algorithms on a low-resource microcontrollerProceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues10.1007/978-3-642-36140-1_11(149-164)Online publication date: 2-Jul-2012
https://dl.acm.org/doi/10.1007/978-3-642-36140-1_11
Plos TGroß HFeldhofer M(2010)Implementation of symmetric algorithms on a synthesizable 8-bit microcontroller targeting passive RFID tagsProceedings of the 17th international conference on Selected areas in cryptography10.5555/1964441.1964453(114-129)Online publication date: 12-Aug-2010
https://dl.acm.org/doi/10.5555/1964441.1964453
Osvik DBos JStefan DCanright D(2010)Fast software AES encryptionProceedings of the 17th international conference on Fast software encryption10.5555/1876089.1876096(75-93)Online publication date: 7-Feb-2010
https://dl.acm.org/doi/10.5555/1876089.1876096

View Options

View options

Media

Figures

Other

Tables

View Table of Contents