Projects per year
Abstract
Ascon-p is the core building block of Ascon, the winner in the lightweight category of the CAESAR competition. With Isap, another Ascon-p-based AEAD scheme is currently competing in the 2nd round of the NIST lightweight cryptography standardization project. In contrast to Ascon, Isap focuses on providing hardening/protection against a large class of implementation attacks, such as DPA, DFA, SFA, and SIFA, entirely on mode-level. Consequently, Ascon-p
can be used to realize a wide range of cryptographic computations such as authenticated encryption, hashing, pseudorandom number generation, with or without the need for implementation security, which makes it the perfect choice for lightweight cryptography on embedded devices.
In this paper, we implement Ascon-p
as an instruction extension for RISC-V that is tightly coupled to the processors register file and thus does not require any dedicated registers. This single instruction allows us to realize all cryptographic computations that typically occur on embedded devices with high performance. More concretely, with Isap and Ascon’s family of modes for AEAD and hashing, we can perform cryptographic computations with a performance of about 2 cycles/byte, or about 4 cycles/byte if protection against fault attacks and power analysis is desired.
As we show, our instruction extension requires only 4.7 kGE, or about half the area of dedicated Ascon co-processor designs, and is easy to integrate into low-end embedded devices like 32-bit ARM Cortex-M or RISC-V microprocessors. Finally, we analyze the provided implementation security of Isap, when implemented using our instruction extension.
can be used to realize a wide range of cryptographic computations such as authenticated encryption, hashing, pseudorandom number generation, with or without the need for implementation security, which makes it the perfect choice for lightweight cryptography on embedded devices.
In this paper, we implement Ascon-p
as an instruction extension for RISC-V that is tightly coupled to the processors register file and thus does not require any dedicated registers. This single instruction allows us to realize all cryptographic computations that typically occur on embedded devices with high performance. More concretely, with Isap and Ascon’s family of modes for AEAD and hashing, we can perform cryptographic computations with a performance of about 2 cycles/byte, or about 4 cycles/byte if protection against fault attacks and power analysis is desired.
As we show, our instruction extension requires only 4.7 kGE, or about half the area of dedicated Ascon co-processor designs, and is easy to integrate into low-end embedded devices like 32-bit ARM Cortex-M or RISC-V microprocessors. Finally, we analyze the provided implementation security of Isap, when implemented using our instruction extension.
Original language | English |
---|---|
Title of host publication | Smart Card Research and Advanced Applications - 19th International Conference, CARDIS 2020, Revised Selected Papers |
Subtitle of host publication | 19th International Conference, CARDIS 2020, Virtual Event, November 18–19, 2020, Revised Selected Papers |
Editors | Pierre-Yvan Liardet, Nele Mentens |
Place of Publication | Cham |
Publisher | Springer |
Pages | 53-67 |
Number of pages | 15 |
ISBN (Print) | 978-3-030-68486-0 |
DOIs | |
Publication status | Published - 1 Jan 2021 |
Event | CARDIS 2020: 19th Smart Card Research and Advanced Application Conference - Virtuell, Germany Duration: 18 Nov 2020 → 19 Nov 2020 https://cardis2020.its.uni-luebeck.de/ |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 12609 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | CARDIS 2020 |
---|---|
Abbreviated title | CARDIS |
Country/Territory | Germany |
City | Virtuell |
Period | 18/11/20 → 19/11/20 |
Internet address |
Keywords
- Ascon
- Authenticated encryption
- CV32E40P
- Fault attacks
- Hardware acceleration
- Isap
- Leakage resilience
- RI5CY
- RISC-V
- Side-channels
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science
Fingerprint
Dive into the research topics of 'A Fast and Compact RISC-V Accelerator for Ascon and Friends'. Together they form a unique fingerprint.Projects
- 2 Finished
-
Espresso - Scalable hardware-secured authentication and personalization of intelligent sensor nodes
1/05/18 → 31/10/20
Project: Research project
-