A Survey on Authenticated Encryption--ASIC Designer’s Perspective
Journal
ACM Computing Surveys (CSUR)
Date Issued
2017-12-06
Author(s)
Mihajloska Trpcheska, Hristina
Bilge Kavun, Elif
Yalcin, Tolga
Abstract
Authenticated encryption (AE) has been a vital operation in cryptography due to its
ability to provide confidentiality, integrity, and authenticity at the same time. Its use has soared
in parallel with widespread use of the Internet and has led to several new schemes. There have
been studies investigating software performance of various schemes. However, the same is yet to be done for hardware. We present a comprehensive survey of hardware (specifically ASIC) performance of the most commonly used AE schemes in the literature. These schemes include encrypt-thenMAC combination, block cipher based AE modes, and the recently-introduced permutation-based AE scheme. For completeness, we implemented each scheme with various standardized block ciphers and/or hash algorithms, and their lightweight versions. Our evaluation targets minimizing the timearea product while maximizing the throughput on an ASIC platform. We used 45 nm NANGATE Open Cell Library for syntheses. We present area, speed, time-area product, throughput, and power figures for both standard and lightweight versions of each scheme. We also provide an unbiased discussion on the impact of the structure and complexity of each scheme on hardware implementation.
Our results reveal 13-30% performance boost in permutation-based AE compared to conventional
schemes and they can be used as a benchmark in the ongoing AE competition CAESAR.
ability to provide confidentiality, integrity, and authenticity at the same time. Its use has soared
in parallel with widespread use of the Internet and has led to several new schemes. There have
been studies investigating software performance of various schemes. However, the same is yet to be done for hardware. We present a comprehensive survey of hardware (specifically ASIC) performance of the most commonly used AE schemes in the literature. These schemes include encrypt-thenMAC combination, block cipher based AE modes, and the recently-introduced permutation-based AE scheme. For completeness, we implemented each scheme with various standardized block ciphers and/or hash algorithms, and their lightweight versions. Our evaluation targets minimizing the timearea product while maximizing the throughput on an ASIC platform. We used 45 nm NANGATE Open Cell Library for syntheses. We present area, speed, time-area product, throughput, and power figures for both standard and lightweight versions of each scheme. We also provide an unbiased discussion on the impact of the structure and complexity of each scheme on hardware implementation.
Our results reveal 13-30% performance boost in permutation-based AE compared to conventional
schemes and they can be used as a benchmark in the ongoing AE competition CAESAR.
Subjects
File(s)![Thumbnail Image]()
Loading...
Name
2019-739.pdf
Size
1.91 MB
Format
Adobe PDF
Checksum
(MD5):96bc9a7e916ebcc60b69dacebd342f39