A Comprehensive Framework for Fair and Efficient Benchmarking of Hardware Implementations of Lightweight Cryptography

In this paper, we propose a comprehensive framework for fair and efficient benchmarking of hardware implementations of lightweight cryptography (LWC). Our framework is centered around the hardware API (Application Programming Interface) for the implementations of lightweight authenticated ciphers, hash functions, and cores combining both functionalities. The major parts of our API include the minimum compliance criteria, interface, and communication protocol supported by the LWC core. The proposed API is intended to meet the requirements of all candidates submitted to the NIST Lightweight Cryptography standardization process, as well as all CAESAR candidates and current authenticated cipher and hash function standards. In order to speed-up the development of hardware implementations compliant with this API, we are making available the LWC Development Package and the corresponding Implementer’s Guide. Equipped with these resources, hardware designers can focus on implementing only a core functionality of a given algorithm. The development package facilitates the communication with external modules, full verification of the LWC core using simulation, and generation of optimized results. The proposed API for lightweight cryptography is a superset of the CAESAR Hardware API, endorsed by the organizers of the CAESAR competition, which was successfully used in the development of over 50 implementations of Round 2 and Round 3 CAESAR candidates. The primary extensions include support for optional hash functionality and the development of cores resistant against side-channel attacks. Similarly, the LWC Development Package is a superset of the part of the CAESAR Development Package responsible for support of Use Case 1 (lightweight) CAESAR candidates. The primary extensions include support for hash functionality, increasing the flexibility of the code shared among all candidates, as well as extended support for the detection of errors preventing the correct operation of cores during experimental testing. Overall, our framework supports (a) fair ranking of candidates in the NIST LWC standardization process from the point of view of their efficiency in hardware before and after the implementation of countermeasures against side-channel attacks, (b) ability to perform benchmarking within the limited time devoted to Round 2 and any subsequent rounds of the NIST LWC standardization process, (c) compatibility among implementations of the same algorithm by different designers and (d) fast deployment of the best algorithms in real-life applications.

[1]  Kris Gaj,et al.  A universal hardware API for authenticated ciphers , 2015, 2015 International Conference on ReConFigurable Computing and FPGAs (ReConFig).

[2]  Takeshi Sugawara,et al.  Fair and Consistent Hardware Evaluation of Fourteen Round Two SHA-3 Candidates , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[3]  Kris Gaj,et al.  Improved Lightweight Implementations of CAESAR Authenticated Ciphers , 2018, 2018 IEEE 26th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM).

[4]  John Pham,et al.  Lightweight Implementations of SHA-3 Candidates on FPGAs , 2011, INDOCRYPT.

[5]  Jens-Peter Kaps,et al.  Evaluation of the CAESAR hardware API for lightweight implementations , 2017, 2017 International Conference on ReConFigurable Computing and FPGAs (ReConFig).

[6]  Georg Sigl,et al.  Experimental Power and Performance Evaluation of CAESAR Hardware Finalists , 2018, 2018 International Conference on ReConFigurable Computing and FPGAs (ReConFig).

[7]  Kris Gaj,et al.  Minerva: Automated hardware optimization tool , 2017, 2017 International Conference on ReConFigurable Computing and FPGAs (ReConFig).

[8]  Kris Gaj,et al.  Comprehensive Evaluation of High-Speed and Medium-Speed Implementations of Five SHA-3 Finalists Using Xilinx and Altera FPGAs , 2012, IACR Cryptol. ePrint Arch..

[9]  Kris Gaj,et al.  Face-off Between the CAESAR Lightweight Finalists: ACORN vs. Ascon , 2018, 2018 International Conference on Field-Programmable Technology (FPT).

[10]  William P. Marnane,et al.  FPGA Implementations of the Round Two SHA-3 Candidates , 2010, 2010 International Conference on Field Programmable Logic and Applications.

[11]  Kris Gaj,et al.  CAESAR Hardware API , 2016, IACR Cryptol. ePrint Arch..

[12]  Kris Gaj,et al.  Comparison of cost of protection against differential power analysis of selected authenticated ciphers , 2018, 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[13]  Georg Sigl,et al.  The CAESAR-API in the real world — Towards a fair evaluation of hardware CAESAR candidates , 2018, 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[14]  Elena Trichina,et al.  Combinational Logic Design for AES SubByte Transformation on Masked Data , 2003, IACR Cryptol. ePrint Arch..

[15]  Kris Gaj,et al.  Fair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates Using FPGAs , 2010, CHES.

[16]  Vincent Rijmen,et al.  Threshold Implementations Against Side-Channel Attacks and Glitches , 2006, ICICS.