Sergio Roldán Lombardía, Fatih Balli, Subhadeep Banik
{"title":"轻六色:AES系列的位串行实现。","authors":"Sergio Roldán Lombardía, Fatih Balli, Subhadeep Banik","doi":"10.1007/s13389-021-00265-8","DOIUrl":null,"url":null,"abstract":"<p><p>Recently, cryptographic literature has seen new block cipher designs such as PRESENT, GIFT or SKINNY that aim to be more lightweight than the current standard, i.e., AES. Even though AES family of block ciphers were designed two decades ago, they still remain as the de facto encryption standard, with AES-128 being the most widely deployed variant. In this work, we revisit the combined one-in-all implementation of the AES family, namely both encryption and decryption of each AES-128/192/256 as a single ASIC circuit. A preliminary version appeared in Africacrypt 2019 by Balli and Banik, where the authors design a byte-serial circuit with such functionality. We improve on their work by reducing the size of the compact circuit to 2268 GE through 1-bit-serial implementation, which achieves 38% reduction in area. We also report stand-alone bit-serial versions of the circuit, targeting only a subset of modes and versions, e.g., AES-192 and AES-256. Our results imply that, in terms of area, AES-192 and AES-256 can easily compete with the larger members of recently designed SKINNY family, e.g., SKINNY-128-256, SKINNY-128-384. Thus, our implementations can be used interchangeably inside authenticated encryption candidates such as SKINNY-AEAD/-HASH, ForkAE or Romulus in place of SKINNY.</p>","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"11 4","pages":"417-439"},"PeriodicalIF":1.5000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1007/s13389-021-00265-8","citationCount":"1","resultStr":"{\"title\":\"Six shades lighter: a bit-serial implementation of the AES family.\",\"authors\":\"Sergio Roldán Lombardía, Fatih Balli, Subhadeep Banik\",\"doi\":\"10.1007/s13389-021-00265-8\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><p>Recently, cryptographic literature has seen new block cipher designs such as PRESENT, GIFT or SKINNY that aim to be more lightweight than the current standard, i.e., AES. Even though AES family of block ciphers were designed two decades ago, they still remain as the de facto encryption standard, with AES-128 being the most widely deployed variant. In this work, we revisit the combined one-in-all implementation of the AES family, namely both encryption and decryption of each AES-128/192/256 as a single ASIC circuit. A preliminary version appeared in Africacrypt 2019 by Balli and Banik, where the authors design a byte-serial circuit with such functionality. We improve on their work by reducing the size of the compact circuit to 2268 GE through 1-bit-serial implementation, which achieves 38% reduction in area. We also report stand-alone bit-serial versions of the circuit, targeting only a subset of modes and versions, e.g., AES-192 and AES-256. Our results imply that, in terms of area, AES-192 and AES-256 can easily compete with the larger members of recently designed SKINNY family, e.g., SKINNY-128-256, SKINNY-128-384. Thus, our implementations can be used interchangeably inside authenticated encryption candidates such as SKINNY-AEAD/-HASH, ForkAE or Romulus in place of SKINNY.</p>\",\"PeriodicalId\":48508,\"journal\":{\"name\":\"Journal of Cryptographic Engineering\",\"volume\":\"11 4\",\"pages\":\"417-439\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2021-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1007/s13389-021-00265-8\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cryptographic Engineering\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s13389-021-00265-8\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2021/6/1 0:00:00\",\"PubModel\":\"Epub\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptographic Engineering","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s13389-021-00265-8","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2021/6/1 0:00:00","PubModel":"Epub","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
Six shades lighter: a bit-serial implementation of the AES family.
Recently, cryptographic literature has seen new block cipher designs such as PRESENT, GIFT or SKINNY that aim to be more lightweight than the current standard, i.e., AES. Even though AES family of block ciphers were designed two decades ago, they still remain as the de facto encryption standard, with AES-128 being the most widely deployed variant. In this work, we revisit the combined one-in-all implementation of the AES family, namely both encryption and decryption of each AES-128/192/256 as a single ASIC circuit. A preliminary version appeared in Africacrypt 2019 by Balli and Banik, where the authors design a byte-serial circuit with such functionality. We improve on their work by reducing the size of the compact circuit to 2268 GE through 1-bit-serial implementation, which achieves 38% reduction in area. We also report stand-alone bit-serial versions of the circuit, targeting only a subset of modes and versions, e.g., AES-192 and AES-256. Our results imply that, in terms of area, AES-192 and AES-256 can easily compete with the larger members of recently designed SKINNY family, e.g., SKINNY-128-256, SKINNY-128-384. Thus, our implementations can be used interchangeably inside authenticated encryption candidates such as SKINNY-AEAD/-HASH, ForkAE or Romulus in place of SKINNY.
期刊介绍:
The Journal of Cryptographic Engineering (JCEN) presents high-quality scientific research on architectures, algorithms, techniques, tools, implementations and applications in cryptographic engineering, including cryptographic hardware, cryptographic embedded systems, side-channel attacks and countermeasures, and embedded security. JCEN serves the academic and corporate R&D community interested in cryptographic hardware and embedded security.JCEN publishes essential research on broad and varied topics including:Public-key cryptography, secret-key cryptography and post-quantum cryptographyCryptographic implementations include cryptographic processors, physical unclonable functions, true and deterministic random number generators, efficient software and hardware architecturesAttacks on implementations and their countermeasures, such as side-channel attacks, fault attacks, hardware tampering and reverse engineering techniquesSecurity evaluation of real-world cryptographic systems, formal methods and verification tools for secure embedded design that offer provable security, and metrics for measuring securityApplications of state-of-the-art cryptography, such as IoTs, RFIDs, IP protection, cyber-physical systems composed of analog and digital components, automotive security and trusted computing
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
