Weizhen Wang,Jun Han,Xu Cheng,Xiaoyang Zeng

DOI: https://doi.org/10.1016/j.mejo.2021.105165

IF: 1.992

2021-01-01

Microelectronics Journal

Abstract:With the prevailing of Internet-of-Things (IoT) technology, information security for ever-growing connected devices is an inevitable issue and gaining more attention. However, implementation of cryptography algorithms on battery-powered IoT devices is challenging due to limited power-budget. In this paper, we present an energy-efficient crypto-coprocessor. This coprocessor is designed with a unified pipelined structure for cryptography primitives of 128-bit or 256-bit data path and supports cryptography algorithms including AES, ECC and SHA. Since the clock tree and the sequential circuits dissipate a large percentage of the chip power, a conditional-charged flip-flop is proposed to reduce the clock tree power. Our design is integrated with an open-sourced RISC-V core as a crypto-extension, and shows both good flexibility and high energy-efficiency. This work is implemented in 28 nm technology and the power consumption for different cryptography applications is evaluated with post-layout simulation. When simulated with NIST prime fields curve P-256 and binary fields curve K-233, the energy consumed for one base point scalar multiplication is 43.54 μJ and 20.40 μJ, respectively. The proposed design consumes 0.0568 nJ/bit and 0.0288 nJ/bit for the AES-GCM mode and the AES-CBC mode, respectively. As for SHA-256, each bit requires 0.0874 nJ. Compared with previous works, this work provides both flexibility and high energy performance.

Zewen Ye,Ruibing Song,Hao Zhang,Donglong Chen,Ray Chak-Chung Cheung,Kejie Huang

DOI: https://doi.org/10.46586/tches.v2024.i2.130-153

2024-01-01

Abstract:Lattice-Based Cryptography (LBC) schemes, like CRYSTALS-Kyber and CRYSTALS-Dilithium, have been selected to be standardized in the NIST Post-Quantum Cryptography standard. However, implementing these schemes in resourceconstrained Internet-of-Things (IoT) devices is challenging, considering efficiency, power consumption, area overhead, and flexibility to support various operations and parameter settings. Some existing ASIC designs that prioritize lower power and area can not achieve optimal performance efficiency, which are not practical for battery-powered devices. Custom hardware accelerators in prior co-processor and processor designs have limited applications and flexibility, incurring significant area and power overheads for IoT devices. To address these challenges, this paper presents an efficient lattice-based cryptography processor with customized Single-Instruction-Multiple-Data (SIMD) instruction. First, our proposed SIMD architecture supports efficient parallel execution of various polynomial operations in 256-bit mode and acceleration of Keccak in 320-bit mode, both utilizing efficiently reused resources. Additionally, we introduce data shuffling hardware units to resolve data dependencies within SIMD data. To further enhance performance, we design a dual-issue path for memory accesses and corresponding software design methodologies to reduce the impact of data load/store blocking. Through a hardware/software co-design approach, our proposed processor achieves high efficiency in supporting all operations in lattice-based cryptography schemes. Evaluations of Kyber and Dilithium show our proposed processor achieves over 10x speedup compared with the baseline RISC-V processor and over 5x speedup versus ARM Cortex M4 implementations, making it a promising solution for securing IoT communications and storage. Moreover, Silicon synthesis results show our design can run at 200 MHz with 2.01 mW for Kyber KEM 512 and 2.13 mW for Dilithium 2, which outperforms state-of-the-art works in terms of PPAP (Performance x Power x Area).

Weizhen Wang,Jun Han,Zhicheng Xie,Shan Huang,Xiaoyang Zeng

DOI: https://doi.org/10.1109/isocc.2016.7799761

2016-01-01

Abstract:Together with the popularity of internet of things (IoT), the information security in IoT is becoming an urgent issue. In this paper, a cryptographic coprocessor is designed to provide security for IoT sensor nodes. This design incorporates the application-specific instruction set to support popular cryptography algorithms like advanced encryption standard (AES) and elliptic curve cryptography (ECC). The tailored instruction provides good flexibility, high energy efficiency and low latency. Local instruction and data ram is integrated into our coprocessor to reduce the instruction transfer between embedded processor and the coprocessor. Our work was synthesized under TSMC 65 nm technology. The measurement results show that our design consumes 32.7 uJ for each ECC point multiplication and 3 nJ for each AES encryption and decryption when working at 10 MHz.

Sen Yang,Lian Shao,Junke Huang,Wanghui Zou

DOI: https://doi.org/10.3390/electronics12204222

IF: 2.9

2023-10-13

Electronics

Abstract:The security and reliability of data transmission between IoT devices are considered to be major challenges in the development of IoT technology. This paper presents a low-power, low-cost RISC-V processor for IoT applications with an integrated hybrid encryption accelerator, which can achieve efficient and secure encryption and decryption of data transmitted between IoT devices. The hybrid encryption accelerator, which uses the SM3 and the SM4, respectively, as hash and symmetric encryption algorithms, achieves a balance between encryption security, high speed, and key-management convenience. Both the processor and encryption accelerator are designed using the Verilog HDL language and are subsequently implemented and evaluated on both FPGA and ASIC platforms. The performance of the proposed processor and that of the Hummingbird E203 and the XuanTie E902 are compared. It is shown that, on the FPGA platform, the total resource utilization rate is reduced by 39.1~66.2%. In a 90 nm CMOS process, it is shown that the power efficiency of the proposed processor is increased by 10~34.8% and the circuit area is reduced by 32.5~57.1%.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ronghua Lu,Jun Han,Xiaoyang Zeng,Qing Li,Lang Mai,Jia Zhao

DOI: https://doi.org/10.1109/aspdac.2008.4483921

2008-01-01

Abstract:A low-cost cryptographic processor for security embedded system is presented in this paper. The processor, without any assistance of dedicated cryptographic coprocessors, is scalable and very efficient for popular cryptographic algorithms such as RSA/ECC, AES, Hash, etc. Based on SMIC 0.18 um standard CMOS technology, the core circuit of the test chip has only about 32 k gates, and a max frequency of 200 MHz, under which the 1024-bit RSA algorithm takes only 150 ms and the throughout of AES reaches 256 Mbits/s.

Xvpeng Zhang,Bingqiang Liu,Yaqi Zhao,Xiaoyu Hu,Zixuan Shen,Zhaoxia Zheng,Zhenglin Liu,Kwen-Siong Chong,Guoyi Yu,Chao Wang,Xuecheng Zou

DOI: https://doi.org/10.3390/s22239160

IF: 3.9

2022-11-25

Sensors

Abstract:Achieving low-cost and high-performance network security communication is necessary for Internet of Things (IoT) devices, including intelligent sensors and mobile robots. Designing hardware accelerators to accelerate multiple computationally intensive cryptographic primitives in various network security protocols is challenging. Different from existing unified reconfigurable cryptographic accelerators with relatively low efficiency and high latency, this paper presents design and analysis of a reconfigurable cryptographic accelerator consisting of a reconfigurable cipher unit and a reconfigurable hash unit to support widely used cryptographic algorithms for IoT Devices, which require block ciphers and hash functions simultaneously. Based on a detailed and comprehensive algorithmic analysis of both the block ciphers and hash functions in terms of basic algorithm structures and common cryptographic operators, the proposed reconfigurable cryptographic accelerator is designed by reusing key register files and operators to build unified data paths. Both the reconfigurable cipher unit and the reconfigurable hash unit contain a unified data path to implement Data Encryption Standard (DES)/Advanced Encryption Standard (AES)/ShangMi 4 (SM4) and Secure Hash Algorithm-1 (SHA-1)/SHA-256/SM3 algorithms, respectively. A reconfigurable S-Box for AES and SM4 is designed based on the composite field Galois field (GF) GF(((22)2)2), which significantly reduces hardware overhead and power consumption compared with the conventional implementation by look-up tables. The experimental results based on 65-nm application-specific integrated circuit (ASIC) implementation show that the achieved energy efficiency and area efficiency of the proposed design is 441 Gbps/W and 37.55 Gbps/mm2, respectively, which is suitable for IoT devices with limited battery and form factor. The result of delay analysis also shows that the number of delay cycles of our design can be reduced by 83% compared with the state-of-the-art design, which shows that the proposed design is more suitable for applications including 5G/Wi-Fi/ZigBee/Ethernet network standards to accelerate block ciphers and hash functions simultaneously.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Ömer Faruk Irmak,Arda Yurdakul

DOI: https://doi.org/10.48550/arXiv.2009.14685

2020-09-30

Abstract:One of the biggest concerns in IoT is privacy and security. Encryption and authentication need big power budgets, which battery-operated IoT end-nodes do not have. Hardware accelerators designed for specific cryptographic operations provide little to no flexibility for future updates. Custom instruction solutions are smaller in area and provide more flexibility for new methods to be implemented. One drawback of custom instructions is that the processor has to wait for the operation to finish. Eventually, the response time of the device to real-time events gets longer. In this work, we propose a processor with an extended custom instruction for modular multiplication, which blocks the processor, typically, two cycles for any size of modular multiplication when used in Partial Execution mode. We adopted embedded and compressed extensions of RISC-V for our proof-of-concept CPU. Our design is benchmarked on recent cryptographic algorithms in the field of elliptic-curve cryptography. Our CPU with 128-bit modular multiplication operates at 136MHz on ASIC and 81MHz on FPGA. It achieves up to 13x speed up on software implementations while reducing overall power consumption by up to 95\% with 41\% average area overhead over our base architecture.

Hardware Architecture,Cryptography and Security

Utsav Banerjee,Andrew Wright,Chiraag Juvekar,Madeleine Waller,Arvind,Anantha P. Chandrakasan

DOI: https://doi.org/10.1109/JSSC.2019.2915203

2019-07-10

Abstract:This paper presents the first hardware implementation of the Datagram Transport Layer Security (DTLS) protocol to enable end-to-end security for the Internet of Things (IoT). A key component of this design is a reconfigurable prime field elliptic curve cryptography (ECC) accelerator, which is 238x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Our full hardware implementation of the DTLS 1.3 protocol provides 438x improvement in energy-efficiency over software, along with code size and data memory usage as low as 8 KB and 3 KB respectively. The cryptographic accelerators are coupled with an on-chip low-power RISC-V processor to benchmark applications beyond DTLS with up to two orders of magnitude energy savings. The test chip, fabricated in 65 nm CMOS, demonstrates hardware-accelerated DTLS sessions while consuming 44.08 uJ per handshake, and 0.89 nJ per byte of encrypted data at 16 MHz and 0.8 V.

Cryptography and Security

Sumit Singh Dhanda,Brahmjit Singh,Chia-Chen Lin,Poonam Jindal,Deepak Panwar,Tarun Kumar Sharma,Saurabh Agarwal,Wooguil Pak

DOI: https://doi.org/10.1109/access.2024.3472650

IF: 3.9

2024-10-12

IEEE Access

Abstract:The most widely used asymmetric cipher is ECC. It can be applied to IoT applications to offer various security services. However, a wide range of sectors have been investigated for applying ECC. The field of elliptic curve cryptographic processors for GF (2191) has received less attention. This study presents a low-resource, high-efficiency architecture for a 191-bit ECC processor. This design uses a novel hybrid Karatsuba multiplier for the multiplication of finite fields. For GF (2191), the Quad-Itoh-Tsuji algorithm has been altered to provide a small-size inversion unit. PlanAhead software synthesizes the CPU, which is then implemented on several Xilinx FPGAs. With savings in slice consumption ranging from 16 to 43 percent, the implemented design is the most restricted compared to the current designs. Compared to previously published designs, it is 3.8–1000 times faster. The elliptic curve scalar multiplication on the Virtex-7 FPGA is computed in s. Additionally, the proposed design achieves savings in area-time products of 77 to 90 percent. It may be beneficial for IoT edge devices. It utilizes 3120 mW of power for the operation. A state-of-the-art comparison based on the figure of merit (FoM) reveals that the proposed design outclasses the newest designs by a large margin. It also exhibits a throughput of 138.121 Kbps.

computer science, information systems,telecommunications,engineering, electrical & electronic

Joseph N. Mamvong,Gokop L. Goteng,Bo Zhou,Yue Gao

DOI: https://doi.org/10.1109/jiot.2020.3033435

IF: 10.6

2021-04-01

IEEE Internet of Things Journal

Abstract:Internet-of-Things (IoT) devices characterized by low power and low processing capabilities do not exactly fit into the provision of existing security techniques due to their constrained nature. Classical security algorithms that are built on complex cryptographic functions often require a level of processing that low-power IoT devices are incapable to effectively achieve due to limited power and processing resources. Consequently, the option for constrained IoT devices lies in either developing new security schemes or modifying existing ones to be more suitable for constrained IoT devices. In this work, an efficient security algorithm for constrained IoT devices, based on the advanced encryption standard, is proposed. We present a cryptanalytic overview of the consequence of complexity reduction together with a supporting mathematical justification, and provisioned a secure element (ATECC608A) as a tradeoff. The ATECC608A doubles for authentication and guarding against implementation attacks on the associated IoT device (ARM Cortex M4 micro-processor) in line with our analysis. The software implementation of the efficient algorithm for constrained IoT devices shows up to 35% reduction in the time it takes to complete the encryption of a single block (16 B) of plain text, in comparison to the currently used standard AES-128 algorithm, and in comparison to current results in literature at 26.6%.

computer science, information systems,telecommunications,engineering, electrical & electronic

Utsav Banerjee,Chiraag Juvekar,Andrew Wright,Arvind,Anantha P. Chandrakasan

DOI: https://doi.org/10.48550/arXiv.1903.04387

2019-03-11

Cryptography and Security

Abstract:This paper presents a reconfigurable cryptographic engine that implements the DTLS protocol to enable end-to-end security for IoT. This implementation of the DTLS engine demonstrates 10x reduction in code size and 438x improvement in energy-efficiency over software. Our ECC primitive is 237x and 9x more energy-efficient compared to software and state-of-the-art hardware respectively. Pairing the DTLS engine with an on-chip RISC-V allows us to demonstrate applications beyond DTLS with up to 2 orders of magnitude energy savings.

Wei Huang,Kaidi You,Suiyu Zhang,Jun Han,Xiaoyang Zeng

DOI: https://doi.org/10.1109/asicon.2009.5351584

2009-01-01

Abstract:This paper proposes a novel unified low cost hardware architecture which can accelerate both RSA and SHA-1. And a scalable and unified crypto function unit is presented to support high performance cryptographic computation in the RISC-like processor. To evaluate the effectiveness of our solution, a low power crypto-processor is proposed to integrate the unified function unit, and the execution time of the 1024 bit RSA is 190 ms and SHA-1 encryption rate reaches 64Mbps. According to the synthesis results based on SMIC 0.13um library, the unified crypto function unit can achieve 196MHz work frequency with the utilization of only 2.6 thousand gates(1).

Shuai Wang,Jun Han,Yang Li,Yifan Bo,Xiaoyang Zeng

DOI: https://doi.org/10.1109/CICC.2013.6658438

2013-01-01

Abstract:The wireless access point (AP) devices of the next generation demand low-latency, high-security, and flexible authentication and authorization for heterogeneous clients. This makes it necessary to implement the high-complexity public-key ciphers efficiently on programmable processors. Therefore, this paper presents a quad-core processor that accelerates public-key computations by enabling high-speed parallel task processing. A test chip (1.925x3 um(2)) of the proposed processor is implemented in 65nm process. This chip is superior to the powerful platforms like Nvidia GPU and AMD Opteron workstation with regard to the performance: 0.13ms for the decryption of RSA-1024 and 0.095ms for the scalar multiplication of ECC-256 in F-p.

Zhe Liu,Reza Azarderakhsh,Howon Kim,Hwajeong Seo

DOI: https://doi.org/10.1007/978-3-319-62024-4_6

2017-01-01

Abstract:ARM NEON architecture has occupied a significant share of high-end Internet of Things platforms such as mini computer, tablet and smartphone markets due to its low cost and high performance. This paper studies efficient techniques of lattice-based cryptography on ARM processor and presents the first implementation of ring-LWE encryption on ARM NEON architecture. We propose a vectorized version of Iterative Number Theoretic Transform (NTT) for high-speed computation and present a 32-bit variant of SAMS2 technique, original from Liu et al. in CHES2015, for fast reduction. Subsequently, we present a full-fledged implementation of Ring-LWE by taking advantage of proposed and previous optimization techniques. Ultimately, our ring-LWE implementation requires only 145 k clock cycles for encryption and 32.8 k cycles for decryption for $$n=256$$. These results are more than 17.6 times faster than the fastest ECC implementation on ARM NEON with same security level.

Yuhao Xi,Zhendong Zhang,Yuze Wang,Wen Wang,Xiaoxia Han,Weidong Wang,Peng Liu

DOI: https://doi.org/10.1109/icicm56102.2022.10011247

2022-01-01

Abstract:In today’s silicon design, there are far more processors than the main ones. Domain-specific accelerators and coprocessors are widely used to continuing to increase the performance and energy efficiency of computing systems. Focused on the security domain, this paper presents a heterogeneous ASIC SoC built with the most popular open-source RISC-V ISA, a coprocessor providing the trusted execution environment for confidential computing and an energy efficient rule-based password generation accelerator. Thanks to its continuously completing ecosystem, the RISC-V core provides application interfaces and task management for the whole SoC, through which we validated the security mechanism for confidential computing in the coprocessor and tested the performance of the password generation accelerator. In addition to verifying the functionality of our design in GlobalFoundries 22FDX technology, the evaluation results also show that our password recovery system is able to process about 0.97 passwords per cycle at 500 MHz and is $25.4 \times$ more energy efficient than that of FPGA implementation.

Khai-Minh Ma,Duc-Hung Le,Cong-Kha Pham,Trong-Thuc Hoang

DOI: https://doi.org/10.3390/fi15050186

2023-05-20

Future Internet

Abstract:The security of Internet of Things (IoTs) devices in recent years has created interest in developing implementations of lightweight cryptographic algorithms for such systems. Additionally, open-source hardware and field-programable gate arrays (FPGAs) are gaining traction via newly developed tools, frameworks, and HDLs. This enables new methods of creating hardware and systems faster, more simply, and more efficiently. In this paper, the implementation of a system-on-chip (SoC) based on a 32-bit RISC-V processor with lightweight cryptographic accelerator cores in FPGA and an open-source integrating framework is presented. The system consists of a 32-bit VexRiscv processor, written in SpinalHDL, and lightweight cryptographic accelerator cores for the PRINCE block cipher, the PRESENT-80 block cipher, the ChaCha stream cipher, and the SHA3-512 hash function, written in Verilog HDL and optimized for low latency with fewer clock cycles. The primary aim of this work was to develop a customized SoC platform with a register-controlled bus suitable for integrating lightweight cryptographic cores to become compact embedded systems that require encryption functionalities. Additionally, custom firmware was developed to verify the functionality of the SoC with all integrated accelerator cores, and to evaluate the speed of cryptographic processing. The proposed system was successfully implemented in a Xilinx Nexys4 DDR FPGA development board. The resources of the system in the FPGA were low with 11,830 LUTs and 9552 FFs. The proposed system can be applicable to enhancing the security of Internet of Things systems.

Weihan Xu,Yongkang Xu,Guanting Huo,Yang,Yufeng Jin

DOI: https://doi.org/10.1109/csnt54456.2022.9787655

2022-01-01

Abstract:With the arrival of the 5G era, IoT develops and promotes rapidly and the security issues of IoT are concerned increasingly. SHA256 and SM3 are significant hash encryption algorithms that can improve the security of IoT systems. This paper proves the equivalence between partial Boolean functions of these two encryption algorithms and designs a shared security encryption circuit that can support SM3 and SHA256 modes. Compared with the traditional design, the area of this design decreases by 17.3%. To improve the speed and reduce power consumption, this design is optimized by precomputation and reducing the signal update frequency. The precomputation part shortens the critical path and increases the maximum frequency and throughput successfully. The power optimization part also improves energy efficiency. After function verification, this design can encrypt the original message correctly and efficiently and is synthesized based on the 65nm LVt process library of SMIC.

Yongkang Xu,Feng Deng,Weihan Xu,Guanting Huo,Yang,Yufeng Jin,Xiaole Cui

DOI: https://doi.org/10.1109/iaeac54830.2022.9929737

2022-01-01

Abstract:In modern systems-on-chip, cryptographic coprocessors bring more flexibility to design, not only accelerating the encryption process but also compressing design resources by sharing algorithm units. A high- performance unified coprocessor for AES-128 and SM4 encryption is proposed in this paper. On the one hand, based on the similarities between the two types of algorithms, the multiplicative inverse (MI) unit of the Sbox is realized in the composite field, and by sharing the reconfigurable Sbox logic (RCSL), the hardware resource consumption of circuits compatible with both algorithms is reduced. On the other hand, global pipeline technology based on shared-RCSL is used to improve the throughput of the coprocessor. In TSMC 65nm 1.08V CMOS technology, compared to the synthesized results of independently AES-128 and SM4, the area and power at 500MHz of the unified coprocessor are reduced by 42% and 43%, respectively.

Utsav Banerjee,Anantha P. Chandrakasan

DOI: https://doi.org/10.1109/LSSC.2021.3124074

2022-01-19

Abstract:We present the first BLS12-381 elliptic curve pairing crypto-processor for Internet-of-Things (IoT) security applications. Efficient finite field arithmetic and algorithm-architecture co-optimizations together enable two orders of magnitude energy savings. We implement several countermeasures against timing and power side-channel attacks. Our crypto-processor is programmable to provide the flexibility to accelerate various elliptic curve and pairing-based protocols such as signature aggregation and functional encryption.

Cryptography and Security,Networking and Internet Architecture

Zhibo Wang,Yongpan Liu,Yinan Sun,Yang Li,Daming Zhang,Huazhong Yang

DOI: https://doi.org/10.1109/ISCAS.2015.7169143

2015-01-01

Abstract:With the fast development of Internet of Things (IoTs) in recent years, many IoT applications, such as structure health monitoring, surveillance camera and etc, require both extensive computation for burst-mode signal processing as well as ultra low power continuous operations. However, most of conventional IoT processors focus on ultra low power consumption and cannot satisfy those demands. This paper proposes a novel energy-efficient heterogenous dual-core processor, which includes both an ultra low power near-threshold CoreL and a fast CoreH to meet those emerging requirements. Furthermore, an optimal framework is proposed to realize energy efficient task mapping and scheduling. The processor is fabricated and its energy consumption in low power mode is as low as 7.7pJ/ cycle and outperforms related work. Detailed analysis under several real applications shows that up to 2.62x energy efficiency improvements can be achieved without deadline miss compared with the high-performance-only signle core architecture.