Using media processors for low-memory AES implementation

Most performance studies of AES make traditional space versus time tradeoffs by allowing large lookup tables to accelerate operations that would normally be calculated by the processor. However, AES is a versatile algorithm and can also be optimised for low-memory use in constrained environments. We investigate the possibility of getting the best of both worlds - an application specific hardware and software solution that has a low dependency on memory yet still executes fast enough to consider for use in production systems. The resulting software is attractive in high level design since it allows AES to be more easily deployed as a composable element in larger systems and scale better as processor speed increases.

[1]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[2]  Bruce Schneier,et al.  Performance Comparison of the AES Submissions , 1999 .

[3]  Nikil D. Dutt,et al.  Efficient utilization of scratch-pad memory in embedded processor applications , 1997, Proceedings European Design and Test Conference. ED & TC 97.

[4]  Ruby B. Lee Subword permutation instructions for two-dimensional multimedia processing in MicroSIMD architectures , 2000, Proceedings IEEE International Conference on Application-Specific Systems, Architectures, and Processors.

[5]  Ruby B. Lee,et al.  Architectural enhancements for fast subword permutations with repetitions in cryptographic applications , 2001, Proceedings 2001 IEEE International Conference on Computer Design: VLSI in Computers and Processors. ICCD 2001.

[6]  Dan Page,et al.  Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel , 2002, IACR Cryptol. ePrint Arch..

[7]  Ruby B. Lee,et al.  PLX: a fully subword-parallel instruction set architecture for fast scalable multimedia processing , 2002, Proceedings. IEEE International Conference on Multimedia and Expo.

[8]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[9]  Kazumaro Aoki,et al.  Fast Implementations of AES Candidates , 2000, AES Candidate Conference.

[10]  A. Murat Fiskiran,et al.  Workload characterization of elliptic curve cryptography and other network security algorithms for constrained environments , 2002, 2002 IEEE International Workshop on Workload Characterization.

[11]  Craig S. K. Clapp,et al.  Instruction-level Parallelism in AES Candidates , 1999 .

[12]  Y. Tsunoo,et al.  Cryptanalysis of Block Ciphers Implemented on Computers with Cache , 2002 .

[13]  Eli Biham,et al.  A Fast New DES Implementation in Software , 1997, FSE.