Performance Evaluation of SHA-2 Standard vs. SHA-3 Finalists on Two Freescale Platforms

Embedded devices are ubiquitously involved in a large variety of security applications which heavily rely on the computation of hash functions. Roughly, two alternatives for speeding up computations co-exist in these resource constrained devices: parallel processing and hardware acceleration. Needles to say, multi-core devices are clearly the next step in embedded systems due to clear technological limitations on single processor frequency. Hardware accelerators are long known to be a cheaper approach for costly cryptographic functions. The authors analysis is focused on the five SHA-3 finalists which are also contrasted to the previous SHA-2 standard and to the widespread MD5. On the hardware side, the authors deploy their implementations on two platforms from Freescale: a S12X core equipped with an XGATE coprocessor and a Kinetis K60 core equipped with a crypto co-processor. These platforms differ significantly in terms of computational power, the first is based on a 16-bit Freescale proprietary architecture while the former relies on a more recent 32-bit Cortex core. The authors' experimental results show mixed performances between the old standard and the new candidates. Some of the new candidates clearly outperform the old standard in terms of both computational speed and memory requirements while others do not. Bottom line, on the 16 bit platform BLAKE and Grostl are the top performers while on the 32-bit platform Keccak, Blake and Skein give the best results.

[1]  Hongjun Wu,et al.  The Hash Function JH , 2009 .

[2]  G. Edward Suh,et al.  Aegis: A Single-Chip Secure Processor , 2007, IEEE Design & Test of Computers.

[3]  Kris Gaj,et al.  Fair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates Using FPGAs , 2010, CHES.

[4]  Peter Schwabe,et al.  Efficient Vector Implementations of AES-Based Designs: A Case Study and New Implemenations for Grøstl , 2013, CT-RSA.

[5]  John Kelsey,et al.  Status Report on the Second Round of the SHA-3 Cryptographic Hash Algorithm Competition , 2011 .

[6]  Tim Güneysu,et al.  Compact Implementation and Performance Evaluation of Hash Functions in ATtiny Devices , 2012, CARDIS.

[7]  Kris Gaj,et al.  Throughput vs. Area Trade-offs in High-Speed Architectures of Five Round 3 SHA-3 Candidates Implemented Using Xilinx and Altera FPGAs , 2011, CHES.

[8]  Kaisa Sere,et al.  Location-Awareness with Action Systems , 2012 .

[9]  D.K. Nilsson,et al.  Secure Firmware Updates over the Air in Intelligent Vehicles , 2008, ICC Workshops - 2008 IEEE International Conference on Communications Workshops.

[10]  Miltiades E. Anagnostou,et al.  Putting Personal Smart Spaces into Context , 2015 .

[11]  Christof Paar,et al.  Embedded Security in Cars , 2006 .

[12]  Paulo S. C. Alencar,et al.  Handbook of Research on Mobile Software Engineering: Design, Implementation, and Emergent Applications , 2012 .

[13]  Yu Sasaki,et al.  Byte slicing Grøstl Optimized Intel AES-NI and 8-bit implementations of the SHA-3 finalist Grøstl , 2011, Proceedings of the International Conference on Security and Cryptography.

[14]  Mourad Gouicem Comparison of seven SHA-3 candidates software implementations on smart cards , 2010, IACR Cryptol. ePrint Arch..

[15]  Bogdan Groza,et al.  Performance improvements for SHA-3 finalists by exploiting microcontroller on-chip parallelism , 2011, 2011 6th International Conference on Risks and Security of Internet and Systems (CRiSIS).

[16]  Doru Ursutiu,et al.  New Tools in Hardware and Software Design Applied for Remote Photovoltaic Laboratory , 2012 .

[17]  Samuel Neves,et al.  BLAKE2: Simpler, Smaller, Fast as MD5 , 2013, ACNS.

[18]  Rainer Buchty,et al.  Cryptonite - A Programmable Crypto Processor Architecture for High-Bandwidth Applications , 2004, ARCS.

[19]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[20]  Kouichi Itoh,et al.  Implementation of Elliptic Curve Cryptographic Coprocessor over GF(2m) on an FPGA , 2000, CHES.

[21]  Florian Mendel,et al.  Symmetric Cryptography , 2009 .

[22]  Andreas Peter Burg,et al.  Investigating the Potential of Custom Instruction Set Extensions for SHA-3 Candidates on a 16-bit Microcontroller Architecture , 2012, IACR Cryptol. ePrint Arch..

[23]  Deian Stefan,et al.  Performance Analysis of the SHA-3 Candidates on Exotic Multi-core Architectures , 2010, CHES.

[24]  Danilo Gligoroski,et al.  Internationally standardized efficient cryptographic hash function , 2011, Proceedings of the International Conference on Security and Cryptography.

[25]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[26]  Johann Großschädl,et al.  Instruction Set Extensions for Fast Arithmetic in Finite Fields GF( p) and GF(2m) , 2004, CHES.

[27]  Stefan M. Petters,et al.  Trustworthy Real-Time Systems , 2012, Advances in Real-Time Systems.

[28]  Stefan Lucks,et al.  The Skein Hash Function Family , 2009 .

[29]  Christof Paar,et al.  Secure In-Vehicle Communication , 2006 .

[30]  Christian Wenzel-Benner,et al.  XBX: eXternal Benchmarking eXtension for the SUPERCOP Crypto Benchmarking Framework , 2010, CHES.

[31]  François Durvaux,et al.  Compact FPGA Implementations of the Five SHA-3 Finalists , 2011, CARDIS.

[32]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.