Architectural support for fast symmetric-key cryptography
John Mcdonald2000, Sigplan Notices
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
The emergence of the Internet as a trusted medium for commerce and communication has made cryptography an essential component of modern information systems. Cryptography provides the mechanisms necessary to implement accountability, accuracy, and confidentiality in communication. As demands for secure communication bandwidth grow, efficient cryptographic processing will become increasingly vital to good system performance.
Related papers
Symmetric Cryptography on RISC-V: Performance Evaluation of Standardized Algorithms
Cryptography
The ever-increasing need for securing computing systems using cryptographic algorithms is spurring interest in the efficient implementation of common algorithms. While the algorithms can be implemented in software using base instruction sets, there is considerable potential to reduce memory cost and improve speed using specialized instructions and associated hardware. However, there is a need to assess the benefits and costs of software implementations and new instructions that implement key cryptographic algorithms in fewer cycles. The primary aim of this paper is to improve the understanding of the performance and cost of implementing cryptographic algorithms for the RISC-V instruction set architecture (ISA) in two cases: software implementations of the algorithms using the rv32i instruction set and using cryptographic instructions supported by dedicated hardware in additional functional units. For both cases, we describe a RISC-V processor with cryptography hardware extensions an...
Exploration of Efficient Symmetric Algorithms
—Security threats have been a major concern as a result of emergence of technology in every aspect including internet market, computational and communication technologies. To solve this issue effective mechanism of ―cryptography‖ is used to ensure integrity, privacy, availability, authentication, computability, identification and accuracy. Cryptology techniques like PKC and SKC are used of data recovery. In current work, we describe exploration of efficient approach of private key architecture on the basis of attributes: effectiveness, scalability, flexibility, reliability and degree of security issues essential for safe wired and wireless communication. The work explores efficient private key algorithm based on security of individual system and scalability under criteria of memory–cpu utilization together with encryption performance .The exploration results in AES as superior over other algorithm. The work opens a new direction over cloud security and internet of things. Keywords— Private key (symmetric cryptosystem SKC); Public Key (Asymmetric cryptosystem PKC); wired communication; Wireless communication; variable key size (VKS).
On-Chip Lookup Tables for Fast Symmetric-Key Encryption
On public communication networks such as the Internet, data confidentiality can be provided by symmetric-key ciphers. One of the most common operations used in symmetric-key ciphers are table lookups. These frequently constitute the largest fraction of the execution time when the ciphers are implemented using a typical RISC-like instruction set. To accelerate these table lookups, we describe a new hardware module, called PTLU (for Parallel Table Lookup), which consists of multiple lookup tables that can be accessed in parallel. A novel combinational circuit included in the module can optionally perform simple logic operations on the data read from the tables. On a single-issue 64-bit RISC processor, PTLU provides maximum speedups of 7.7× for AES and 5.4× for DES. With wordsize scaling, PTLU speedups are significantly higher than that available through more conventional architectural techniques such as superscalar or VLIW execution.
Programming Highly Parallel Reconfigurable Architectures for Symmetric and Asymmetric Cryptographic Applications
Journal of Computers, 2007
Tiled architectures are emerging as an architectural platform that allows high levels of instruction level parallelism. Traditional compiler parallelization techniques are usually employed to generate programs for these architectures. However, for specific application domains, the compiler is not able to effectively exploit the domain knowledge. In this paper, we propose a new programming model that, by means of the definition of software function units, allows domain-specific features to be explicitly modeled, achieving good performances while reducing development times with respect to low-level programming. Identity-based cryptographic algorithms are known to be computationally intensive and difficult to parallelize automatically. Recent advances have led to the adoption of embedded cryptographic coprocessors to speed up both traditional and identity-based public key algorithms. We show the effectiveness of the proposed programming model by applying it to the case of computationally intensive cryptographic algorithms in both identity-based and traditional algorithms. Custom-designed coprocessors have high development costs and times with respect to general purpose or DSP coprocessors. Therefore, the proposed methodology can be effectively employed to reduce time to market while preserving performances. It also represents a starting point for the definition of cryptography-oriented programming languages. We prove that tiled architecture well compare w.r.t. competitors implementations such as StrongARM and FPGAs.
Evaluating The Performance of Symmetric Encryption Algorithms
Int. J. Netw. Secur., 2010
Internet and networks applications are growing very fast, so the needs to protect such applications are increased. Encryption algorithms play a main role in information security systems. On the other side, those algorithms consume a significant amount of computing resources such as CPU time, memory, and battery power. This paper provides evaluation of six of the most common encryption algorithms namely: AES (Rijndael), DES, 3DES, RC2, Blowfish, and RC6. A comparison has been conducted for those encryption algorithms at different settings for each algorithm such as different sizes of data blocks, different data types, battery power consumption, different key size and finally encryption/decryption speed. Experimental results are given to demonstrate the effectiveness of each algorithm.
Enhanced Simplified Symmetric Key Encryption Algorithm
Data has become very important not only for individuals but for organizations as well. Data security is the biggest challenge that we care facing currently. Recent successful hacks and data breaches have certainly played an important role in the development of data security related technologies. Cryptography is a well adopted method to ensure that data is secure and confidentiality of user data is maintained. The content owner encrypts the actual data using an encryption key which converts the data into cipher text. The cipher text is an intermediate data which is unreadable form which can be shared amount other users and can be stored in the various storage media. The cipher text can be converted into the actual data using the same encryption key in case of symmetric key encryption or using different key in case of asymmetric key encryption. Currently, the Encryption/Decryption algorithms that exist depend on complex mathematical manipulations. The length of the encryption keys are growing and growing to get more secure and more stronger encryption thus processing throughput and memory consumption requirement is also growing. In this work researchers are focusing on various symmetric key encryption throughput and memory consumption with proposed high speed new algorithm which can be useful for the devices with low memory and processing capabilities. The work sought the possibility to trim down the complicated throughput of symmetric cryptography and ensuring maximum security at the same time.
SEA: A Scalable Encryption Algorithm for Small Embedded Applications
Lecture Notes in Computer Science, 2006
Most present symmetric encryption algorithms result from a tradeoff between implementation cost and resulting performances. In addition, they generally aim to be implemented efficiently on a large variety of platforms. In this paper, we take an opposite approach and consider a context where we have very limited processing resources and throughput requirements. For this purpose, we propose low-cost encryption routines (i.e. with small code size and memory) targeted for processors with a limited instruction set (i.e. AND, OR, XOR gates, word rotation and modular addition). The proposed design is parametric in the text, key and processor size, allows efficient combination of encryption/decryption, "on-the-fly" key derivation and its security against a number of recent cryptanalytic techniques is discussed. Target applications for such routines include any context requiring low-cost encryption and/or authentication.
A Literature Survey on Efficiency and Security of Symmetric Cryptography
2017
Data encryption is widely used to assure security in open networks such as the internet. Each kind of data has its own features; therefore, different techniques should be used to protect confidential data from unauthorized access. Currently, most of the available encryption algorithms are used for text data. However, due to large data size and real time constrains, algorithms that are good for textual data may not be suitable for multimedia data. This Paper is a literature survey about block ciphers encryption algorithm( triple-DES, DES,AES, Blow-Fish).In this Paper I have concentrates on providing a starting point for designing strong, secure, and efficient cryptosystems. Various design issues and algorithms have been described in the paper. Paper explains a new timing evaluation model based on random number generating mechanism is proposed here to analyze the time-consuming of the known block cipher symmetric cryptographic algorithms. In this model for evaluation, there is one eva...
Accelerating Next-Generation Public-Key Cryptosystems on General-Purpose CPUs
IEEE Micro, 2005
The demand for secure communication over the Internet, fueled by e-commerce and mobile applications, is growing. Connecting small, simple devices such as PDAs, mobile phones, and smart cards to the Internet is also a growing trend. Many of these devices require secure connections to ensure that the exchanged information remains confidential and that only authorized persons can access the devices.
Architectures of flexible symmetric key crypto engines—a survey
ACM Computing Surveys, 2013
Throughput, flexibility, and security form the design trilogy of reconfigurable crypto engines; they must be carefully considered without reducing the major role of classical design constraints, such as surface, power consumption, dependability, and cost. Applications such as network security, Virtual Private Networks (VPN), Digital Rights Management (DRM), and pay per view have drawn attention to these three constraints. For more than ten years, many studies in the field of cryptographic engineering have focused on the design of optimized high-throughput hardware cryptographic cores (e.g., symmetric and asymmetric key block ciphers, stream ciphers, and hash functions). The flexibility of cryptographic systems plays a very important role in their practical application. Reconfigurable hardware systems can evolve with algorithms, face up to new types of attacks, and guarantee interoperability between countries and institutions. The flexibility of reconfigurable crypto processors and crypto coprocessors has reached new levels with the emergence of dynamically reconfigurable hardware architectures and tools. Last but not least, the security of systems that handle confidential information needs to be thoroughly evaluated at the design stage in order to meet security objectives that depend on the importance of the information to be protected and on the cost of protection. Usually, designers tackle security problems at the same time as other design constraints and in many cases target only one security objective, for example, a side-channel attack countermeasures, fault tolerance capability, or the monitoring of the device environment. Only a few authors have addressed all three design constraints at the same time. In particular, key management security (e.g., secure key generation and transmission, the use of a hierarchical key structure composed of session keys and master keys) has frequently been neglected to the benefit of performance and/or flexibility. Nevertheless, a few authors propose original processor architectures based on multi-crypto-processor structures and reconfigurable cryptographic arrays. In this article, we review published works on symmetric key crypto engines and present current trends and design challenges.
Design strategies and modified descriptions to optimize cipher FPGA implementations: Fast and compact results for DES and triple-DES
Lecture Notes in Computer Science, 2003
In this paper, we propose a new mathematical DES description that allows us to achieve optimized implementations in term of ratio T hroughput/Area. First, we get an unrolled DES implementation that works at data rates of 21.3 Gbps (333 MHz), using Virtex-II technology. In this design, the plaintext, the key and the mode (encryption/decrytion) can be changed on a cycle-by-cycle basis with no dead cycles. In addition, we also propose sequential DES and triple-DES designs that are currently the most efficient ones in term of resources used as well as in term of throughput. Based on our DES and triple-DES results, we also set up conclusions for optimized FPGA design choices and possible improvement of cipher implementations with a modified structure description.
Performance Evaluation of Lightweight Advanced Encryption Standard Hardware Implementation
International Journal of Recent Technology and Engineering (IJRTE), 2019
Advanced Encryption Standard (AES) is one of the most secured encryption algorithm because of its robustness and complexity. Because of its complexity, AES has slow computation. This paper presents a Lightweight Advanced Encryption Standard (LAES) design by replacing the MixColumn transformation of the traditional AES with a 128-bit permutation to lessen its computational complexity. Implementation of hardware cryptographic encryption aims to find the best trade-off between throughput and resource utilization. The proposed design is synthesized on various Field Programmable Gate Array (FPGA) devices and achieves the maximum clock frequency of 480.50 MHz with the highest throughput of 6.15 Gbps when synthesized on Virtex 7 XC7VX690T. The results on other devices show a higher throughput, better performance efficiency, and lesser area utilization when compared to the existing AES hardware implementation.
Performance Evaluation of Symmetric Encryption Algorithms
2008
Internet and networks applications are growing very fast, so the needs to protect such applications are increased. Encryption algorithms play a main role in information security systems. On the other side, those algorithms consume a significant amount of computing resources such as CPU time, memory, and battery power. This paper provides evaluation of six of the most common encryption algorithms namely: AES (Rijndael), DES, 3DES, RC2, Blowfish, and RC6. A comparison has been conducted for those encryption algorithms at different settings for each algorithm such as different sizes of data blocks, different data types ,battery power consumption, different key size and finally encryption/decryption speed. Simulation results are given to demonstrate the effectiveness of each algorithm. .
A structure for fast data encryption
2008
Fast Data Encryption (FDE) is a new symmetric block cipher which has a DES-like structure. FDE has been designed with an increased key length, increased key scheduling complexity and an improved round function which can be executed in parallel. FDE uses eight Substitution Boxes (S-boxes) in the round function to provide confusion. In this paper, we present the FDE structure and an algorithm to construct a set of strong S-boxes. Eight suitable S-boxes from this set are suggested for use with FDE.
Performance Evaluation of Symmetric Cryptography Algorithms : A Survey 1
2013
Network and Internet applications are growing very fast, since the need to secure these applications are very fast. For this purpose cryptography algorithms (symmetric & Asymmetric) are proposed. These algorithms consume a significant amount of computing resources like CPU processing time, Memory, Battery power, and throughput. The performances of cryptography algorithms are different in different environments. Different cryptography algorithm faced different issues like battery consumption, CPU Processing Speed, and Memory according to their Algorithm and key generation process. Here in this survey paper we discuss about the symmetric cryptographic algorithms and their performance in context of power consumption issues, Memory and CPU processing time.
Optimization and Benchmark of Cryptographic Algorithms on Network Processors
IEEE Micro, 2004
As requirements for communication security grow, cryptographic processing becomes another type of application domain. However, cryptographic algorithms are all computationally intensive. This work compares and analyzes architectural characteristics of many widespread cryptographic algorithms on the Intel IXP2800 network processor. It also investigates several implementation and optimization principles that can improve overall performance. The results reported here are applicable to other network processors because they have similar components and architectures.
Efficient Hardware Design and Implementation of AES Cryptosystem
2010
We propose an efficient hardware architecture design & implementation of Advanced Encryption Standard (AES)-Rijndael cryptosystem. The AES algorithm defined by the National Institute of Standard and Technology (NIST) of United States has been widely accepted. The cryptographic algorithms can be implemented with software or built with pure hardware. However Field Programmable Gate Arrays (FPGA) implementation offers quicker solution and can be easily upgraded to incorporate any protocol changes. This contribution investigates the AES encryption and decryption cryptosystem with regard to FPGA and Very High Speed Integrated Circuit Hardware Description language (VHDL). Optimized and Synthesizable VHDL code is developed for the implementation of both 128bit data encryption and decryption process. Xilinx ISE 8.1 software is used for simulation. Each program is tested with some of the sample vectors provided by NIST and output results are perfect with minimal delay. The throughput reaches...
Related topics
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.