RC4-AccSuite: A Hardware Acceleration Suite for RC4-Like Stream Ciphers

We present RC4-AccSuite, a hardware accelerator, which combines the flexibility of an application specific instruction set processor and the performance of an application specific IC for the most widely deployed commercial stream cipher RC4 and its eight prominent variants, including Spritz (CRYPTO-2014 Rump-session). Our carefully designed instruction set architecture reuses combinational and sequential logic at its various pipeline stages and memories, saving up to 41% in terms of area, compared with the individual cores, while the power budget being dictated primarily by the variant used. Moreover, using state replication, noticeable throughput performance enhancement in RC4 variants is achieved. RC4-AccSuite possesses extensibility for future variants of RC4 with little or no tweaking.

[1]  Jens-Peter Kaps,et al.  Comparison of multi-purpose cores of Keccak and AES , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[2]  Rainer Buchty,et al.  Cryptonite - A Programmable Crypto Processor Architecture for High-Bandwidth Applications , 2004, ARCS.

[3]  Alexander Maximov,et al.  New State Recovery Attack on RC4 , 2008, CRYPTO.

[4]  Akashi Satoh,et al.  Unified Hardware Architecture for 128-Bit Block Ciphers AES and Camellia , 2003, CHES.

[5]  Cheng-Wen Wu,et al.  A configurable AES processor for enhanced security , 2005, Proceedings of the ASP-DAC 2005. Asia and South Pacific Design Automation Conference, 2005..

[6]  Anupam Chattopadhyay,et al.  HiPAcc-LTE: An Integrated High Performance Accelerator for 3GPP LTE Stream Ciphers , 2011, INDOCRYPT.

[7]  Bart Preneel,et al.  A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher , 2004, FSE.

[8]  Anupam Chattopadhyay,et al.  Designing integrated accelerator for stream ciphers with structural similarities , 2012, Cryptography and Communications.

[9]  D. Pnevmatikatos,et al.  CCproc : An Efficient Cryptographic Coprocessor , 2008 .

[10]  Rainer Leupers,et al.  LISA: A Uniform ADL for Embedded Processor Modeling, Implementation, and Software Toolsuite Generation , 2008 .

[11]  Subhamoy Maitra,et al.  High-Performance Hardware Implementation for RC4 Stream Cipher , 2013, IEEE Transactions on Computers.

[12]  O. Koufopavlou,et al.  Hardware implementation of the RC4 stream cipher , 2003, 2003 46th Midwest Symposium on Circuits and Systems.

[13]  Serge Vaudenay,et al.  Tornado Attack on RC4 with Applications to WEP & WPA , 2015, IACR Cryptol. ePrint Arch..

[14]  Kimmo Järvinen Sharing Resources Between AES and the SHA-3 Second Round Candidates Fugue and Grøstl , 2010 .

[15]  Bin Zhang,et al.  Distinguishing Attacks on RC4 and A New Improvement of the Cipher , 2013, IACR Cryptol. ePrint Arch..

[16]  Bartosz Zoltak,et al.  VMPC One-Way Function and Stream Cipher , 2004, FSE.

[17]  Andrei Popov,et al.  Prohibiting RC4 Cipher Suites , 2015, RFC.

[18]  María Naya-Plasencia,et al.  Scrutinizing and Improving Impossible Differential Attacks: Applications to CLEFIA, Camellia, LBlock and Simon (Full Version) , 2014, IACR Cryptol. ePrint Arch..

[19]  Ronald L. Rivest,et al.  Spritz - a spongy RC4-like stream cipher and hash function , 2016, IACR Cryptol. ePrint Arch..

[20]  Goutam Paul,et al.  On Some Sequences of the Secret Pseudo-random Index j in RC4 Key Scheduling , 2009, AAECC.

[21]  Guang Gong,et al.  A 32-bit RC4-like Keystream Generator , 2005, IACR Cryptol. ePrint Arch..

[22]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[23]  Goutam Paul,et al.  One Word/Cycle HC-128 Accelerator via State-Splitting Optimization , 2014, INDOCRYPT.

[24]  Kris Gaj,et al.  A high-speed unified hardware architecture for 128 and 256-bit security levels of AES and the SHA-3 candidate Grøstl , 2013, Microprocess. Microsystems.

[25]  Guido Bertoni,et al.  Keccak sponge function family main document , 2009 .

[26]  Goutam Paul,et al.  Analysis of RC4 and Proposal of Additional Layers for Better Security Margin , 2008, IACR Cryptol. ePrint Arch..

[27]  Matthew McKague,et al.  Design and Analysis of RC4-like Stream Ciphers , 2005 .

[28]  A. Chattopadhyay,et al.  Exploring security-performance trade-offs during hardware accelerator design of stream cipher RC4 , 2012, 2012 IEEE/IFIP 20th International Conference on VLSI and System-on-Chip (VLSI-SoC).

[29]  Subhamoy Maitra,et al.  Designing high-throughput hardware accelerator for stream cipher HC-128 , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[30]  R. Sidek,et al.  RC4A stream cipher for WLAN security: A hardware approach , 2008, 2008 International Conference on Electrical and Computer Engineering.

[31]  Todd M. Austin,et al.  CryptoManiac: a fast flexible architecture for secure communication , 2001, Proceedings 28th Annual International Symposium on Computer Architecture.

[32]  Goutam Paul,et al.  CoARX: A coprocessor for ARX-based cryptographic algorithms , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[33]  Martin Hell,et al.  Towards a general RC4-like keystream generator , 2005 .

[34]  Yuhei Nagao,et al.  Hardware Implementation of High Throughput RC4 algorithm , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[35]  Frank Piessens,et al.  All Your Biases Belong to Us: Breaking RC4 in WPA-TKIP and TLS , 2015, USENIX Annual Technical Conference.