Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Cryptographic Algorithms on the GA144 Asynchronous Multi-Core Processor

Implementation and Side-Channel Analysis

  • 355 Accesses

  • 2 Citations

Abstract

Pervasive computing has turned many ordinary commodity products to smart and digital computing devices. Though these devices are mostly equipped with low-cost processors offering limited computing power, they are often requested to handle user-sensitive data. This evidently calls for the integration of different security services that typically involves computationally expensive cryptography. In this context, lightweight cryptographic constructions came recently up to minimize the computational burden on such constrained devices. Unfortunately, many of those constructions were too simplistic to preserve long-lasting confidence in their security. Therefore we aim for another approach in this work and implement standardized and well-established cryptography on an alternative, lightweight platform, namely an asynchronous GA144 ultra-low-powered multi-core processor with 144 tiny cores. We demonstrate that symmetric and asymmetric cryptography such as AES and RSA can be realized on this low-end device. With energy consumption being as low as 0.63 μJ and 22.3 mJ, this platform achieves a performance of 38 μs and 462.9 ms per AES and RSA operation, respectively.This translates to an energy consumption and computation time that is significantly lower than many lightweight implementations reported so far. We finally emphasize that this low-power and asynchronous operation of cryptography does not eliminate the threat of physical attacks, in particular power attacks. We evaluate the side-channel resistance of our design and identified that less than 5,000 measurements are already sufficient to fully recover the 128-bit key of the unprotected AES implementation.

This is a preview of subscription content, log in to check access.

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14

Notes

  1. 1.

    Note that using a known key for profiling a device is a standard practice in side-channel research

  2. 2.

    This characteristic could likely also be used to carry out a timing attack, however, we did not further investigate this issue for the purposes of the present article.

References

  1. 1.

    Brier, E., Clavier, C., Olivier, F. (2004). Correlation power analysis with a leakage model. In M. Joye & J.-J. Quisquater (Eds.), Cryptographic hardware and embedded systems – CHES’04, LNCS (Vol. 3156, pp. 16–29). Springer.

  2. 2.

    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P. (1999). Towards sound approaches to counteract power-analysis attacks. In M. Wiener (Ed.), Advances in cryptology–CRYPTO’99, LNCS (Vol. 1666, pp. 398–412. Springer).

  3. 3.

    Chen, J.-H., Shieh, M.-D., Lin, W.-C. (2010). A high-performance unified-field reconfigurable cryptographic processor. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 18(8), 1145–1158.

  4. 4.

    Coron, J.-S., & Goubin, L. (2000). On boolean and arithmetic masking against differential power analysis. In C. K. Koç & C. Paar (Eds.), Cryptographic hardware and embedded systems – CHES’00, LNCS (Vol. 1965, pp. 231–237). Springer.

  5. 5.

    Eisenbarth, T., Gong, Z., Güneysu, T., Heyse, S., Indesteege, S., Kerckhof, S., Koeune, F., Nad, T., Plos, T., Regazzoni, F., et al. (2012). Compact implementation and performance evaluation of block ciphers in ATtiny devices. Progress in Cryptology-AFRICACRYPT, 2012, 172–187.

  6. 6.

    Fournier, J.J.A., Moore, S.W., Li, H., Mullins, R.D., Taylor, G.S. (2003). Security evaluation of asynchronous circuits. In C.D. Walter, Ç.K. Koç, C. Paar (Eds.) CHES, Lecture notes in computer science (Vol. 2779, pp. 137–151). Springer.

  7. 7.

    Goodman, J., & Chandrakasan, A.P. (2001). An energy-efficient reconfigurable public-key cryptography processor. IEEE Journal of Solid-State Circuits, 36(11), 1808–1820.

  8. 8.

    GreenArrays(2014). DB001 - F18A technology reference. http://www.greenarraychips.com/home/documents/greg/DB001-110412-F18A.pdf.

  9. 9.

    GreenArrays(2014). DB002 - G144A12 chip reference. http://www.greenarraychips.com/home/documents/greg/DB002-110705-G144A12.pdf.

  10. 10.

    GreenArrays(2014). PB003 - F18A computers. http://www.greenarraychips.com/home/documents/greg/PB003-110412-F18A.pdf.

  11. 11.

    GreenArrays(2014). PB004 - F18A I/O and peripherals. http://www.greenarraychips.com/home/documents/greg/PB004-110412-F18A-IO.pdf.

  12. 12.

    Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S. (2004). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In Cryptographic hardware and embedded systems-CHES 2004 (pp. 925–943).

  13. 13.

    Hamalainen, P., Alho, T., Hannikainen, M., Hamalainen, T.D. (2006). Design and implementation of low-area and low-power AES encryption hardware core. In 9th EUROMICRO conference on digital system design: architectures, methods and tools, 2006. DSD 2006. (pp. 577–583). IEEE.

  14. 14.

    Kaps, J.-P., & Sunar, B. (2006). Energy comparison of AES and SHA-1 for ubiquitous computing. In Emerging directions in embedded and ubiquitous computing (pp. 372–381).

  15. 15.

    Kocher, P.C., Jaffe, J., Jun, B. (1999). Differential power analysis. In Advances in cryptology – CRYPTO’99, LNCS (pp. 388–397). Springer.

  16. 16.

    Kung, H., & Leiserson, C. (1980). Algorithms for VLSI processor arrays. In Introduction to VLSI systems (pp. 271–292).

  17. 17.

    Langer EMV-Technik(2013). Details of near field probe set RF 2. Website as of April. http://www.langer-emv.de/en/produkte/prod_rf2.htm.

  18. 18.

    Liu, B., & Baas, B. (2013). Parallel AES encryption engines for many-core processor arrays. IEEE Transactions on Computers, 62(3), 536–547.

  19. 19.

    Liu, Z., Großschädl, J., Kizhvatov, I. (2010). Efficient and side-channel resistant RSA implementation for 8-bit AVR microcontrollers. In Workshop on the security of the internet of things-SOCIOT.

  20. 20.

    Mangard, S., Oswald, E., Popp, T. (2007). Power analysis attacks: revealing the secrets of smart cards. Springer.

  21. 21.

    Menezes, A., Van Oorschot, P., Vanstone, S. (1996). Handbook of applied cryptography. CRC.

  22. 22.

    Moradi, A., Barenghi, A., Kasper, T., Paar, C. (2011). On the vulnerability of FPGA bitstream encryption against power analysis attacks: extracting keys from Xilinx Virtex-II FPGAs. In ACM CCS’11 (pp. 111–124). ACM.

  23. 23.

    Moradi, A., Kasper, M., Paar, C. (2012). Black-box side-channel attacks highlight the importance of countermeasures - an analysis of the xilinx virtex-4 and virtex-5 bitstream encryption mechanism. In CT-RSA’12, LNCS, (Vol. 7178, pp. 1–18). Springer.

  24. 24.

    Moradi, A., Oswald, D., Paar, C., Swierczynski, P. (2013). Side-channel attacks on the bitstream encryption mechanism of Altera Stratix II: facilitating black-box analysis using software reverse-engineering. In Proceedings of the ACM/SIGDA international symposium on field programmable gate arrays – FPGA’13 (pp. 91–100), New York: ACM.

  25. 25.

    NIST(2014). FIPS PUB 197: advanced encryption standard. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.

  26. 26.

    Oswald, D., & Paar, C. (2011). Breaking Mifare DESFire MF3ICD40: Power analysis and templates in the real world. In Cryptographic hardware and embedded systems – CHES’11, LNCS (Vol. 6917, pp. 207–222). Springer.

  27. 27.

    Oswald, D., Strobel, D., Schellenberg, F., Kasper, T., Paar, C. (2013). When reverse-engineering meets side-channel analysis – digital lockpicking in practice, SAC’13. to appear.

  28. 28.

    Pico Technology(2008). PicoScope 5200 USB PC oscilloscopes. http://www.picotech.com/picoscope5200-specifications.html.

  29. 29.

    Rivain, M., & Prouff, E. (2010). Provably secure higher-order masking of AES. In S. Mangard & F.-X. Standaert (Eds.), Cryptographic Hardware and Embedded Systems – CHES’10, LNCS (Vol. 6225, pp. 413–427). Springer.

  30. 30.

    Schneider, T., von Maurich, I., Güneysu, T. (2013). Efficient implementation of cryptographic primitives on the GA144 multi-core architecture. In ASAP (pp. 67–74). IEEE.

  31. 31.

    Skorobogatov, S., & Woods, C. (2012). Breakthrough silicon scanning discovers backdoor in military chip. In E. Prouff & P. Schaumont (Eds.), Cryptographic hardware and embedded systems – CHES’12, LNCS (Vol. 7428, pp. 23–40). Springer.

  32. 32.

    Truong, D., Cheng, W., Mohsenin, T., Yu, Z., Jacobson, A., Landge, G., Meeuwsen, M., Watnik, C., Tran, A., Xiao, Z., Work, E., Webb, J., Mejia, P., Baas, B. (2009). A 167-processor computational platform in 65 nm CMOS. IEEE Journal of Solid-State Circuits, 44(4), 1130–1144.

  33. 33.

    Wander, A.S., Gura, N., Eberle, H., Gupta, V., Shantz, S.C. (2005). Energy analysis of public-key cryptography for wireless sensor networks. In Third IEEE international conference on pervasive computing and communications, 2005. PerCom 2005 (pp. 324–328). IEEE.

  34. 34.

    Wang, H., & Li, Q. (2006). Efficient implementation of public key cryptosystems on mote sensors (short paper). In Information and communications security (pp. 519–528).

  35. 35.

    Weisstein, E.W.(2010). Variance. Mathworld - A Wolfram web resource. http://mathworld.wolfram.com/Variance.html.

  36. 36.

    Zhang, F., Dojen, R., Coffey, T. (2011). Comparative performance and energy consumption analysis of different AES implementations on a wireless sensor network node. International Journal of Sensor Networks, 10(4), 192–201.

Download references

Acknowledgments

This work was supported in part by grant 01ME12025 SecMobil of the German Federal Ministry of Economics and Technology and by the DFG Research Training Group GRK 1817/1.

Author information

Correspondence to Ingo von Maurich.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Schneider, T., von Maurich, I., Güneysu, T. et al. Cryptographic Algorithms on the GA144 Asynchronous Multi-Core Processor. J Sign Process Syst 77, 151–167 (2014). https://doi.org/10.1007/s11265-014-0872-5

Download citation

Keywords

  • GA144
  • Asynchronous processor
  • Low-power
  • AES
  • RSA
  • Implementation
  • Multi-core
  • Side-channel analysis