Skip to main content
SpringerLink
Log in

Efficient Implementation of the SHA-512 Hash Function for 8-Bit AVR Microcontrollers

  • Conference paper
  • First Online:
Innovative Security Solutions for Information Technology and Communications (SECITC 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11359))

Abstract

SHA-512 is a member of the SHA-2 family of cryptographic hash algorithms that is based on a Davies-Mayer compression function operating on eight 64-bit words to produce a 512-bit digest. It provides strong resistance to collision and preimage attacks, and is assumed to remain secure in the dawning era of quantum computers. However, the compression function of SHA-512 is challenging to implement on small 8 and 16-bit microcontrollers because of their limited register space and the fact that 64-bit rotations are generally slow on such devices. In this paper, we present the first highly-optimized Assembler implementation of SHA-512 for the ATmega family of 8-bit AVR microcontrollers. We introduce a special optimization technique for the compression function based on a duplication of the eight working variables so that they can be more efficiently loaded from RAM via the indirect addressing mode with displacement (using the ldd and std instruction). In this way, we were able to achieve high performance without unrolling the main loop of the compression function, thereby keeping the code size small. When executed on an 8-bit AVR ATmega128 microcontroller, the compression function takes slightly less than 60k clock cycles, which corresponds to a compression rate of roughly 467 cycles per byte. The binary code size of the full SHA-512 implementation providing a standard Init-Update-Final (IUF) interface amounts to approximately 3.5 kB.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A common example of a class of IoT devices with long-term security requirements are smart meters because they are expected to reach lifetimes of between 10 and 25 years (according to [22, Table 2]) without requiring regular maintenance.

References

  1. Alippi, C., Bogdanov, A., Regazzoni, F.: Lightweight cryptography for constrained devices. In: Proceedings of the 14th International Symposium on Integrated Circuits (ISIC 2014), pp. 144–147. IEEE (2014)

    Google Scholar 

  2. Atmel Corporation: 8-bit AVR instruction set. User guide (2008). http://www.atmel.com/dyn/resources/prod_documents/doc0856.pdf

  3. Atmel Corporation: 8-bit AVR microcontroller with 128K bytes in-system programmable flash: ATmega128, ATmega128L. Datasheet (2008). http://www.atmel.com/dyn/resources/prod_documents/doc2467.pdf

  4. Balasch, J., et al.: Compact implementation and performance evaluation of hash functions in attiny devices. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 158–172. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37288-9_11

    Chapter  Google Scholar 

  5. Bernstein, D.J.: Quantum algorithms to find collisions. The cr.yp.to blog (2017). http://blog.cr.yp.to/20171017-collisions.html

  6. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 124–142. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_9

    Chapter  Google Scholar 

  7. Brassard, G., Høyer, P., Tapp, A.: Quantum cryptanalysis of hash and claw-free functions. In: Lucchesi, C.L., Moura, A.V. (eds.) LATIN 1998. LNCS, vol. 1380, pp. 163–169. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054319

    Chapter  Google Scholar 

  8. Cao, X., O’Neill, M.: Application-oriented SHA-256 hardware design for low-cost RFID. In: Proceedings of the 45th IEEE International Symposium on Circuits and Systems (ISCAS 2012), pp. 1412–1415. IEEE (2012)

    Google Scholar 

  9. Chailloux, A., Naya-Plasencia, M., Schrottenloher, A.: An efficient quantum collision search algorithm and implications on symmetric cryptography. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 211–240. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70697-9_8

    Chapter  Google Scholar 

  10. Dinu, D.: Efficient and secure implementations of lightweight symmetric cryptographic primitives. Ph.D. thesis, University of Luxembourg (2017)

    Google Scholar 

  11. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Miller, G.L. (ed.) Proceedings of the 28th Annual ACM Symposium on the Theory of Computing (STOC 1996), pp. 212–219. ACM Press, New York (1996)

    Google Scholar 

  12. Gueron, S., Johnson, S., Walker, J.: SHA-512/256. Cryptology ePrint Archive, Report 2010/548 (2010). http://eprint.iacr.org/2010/548

  13. Hutter, M., Schwabe, P.: NaCl on 8-bit AVR microcontrollers. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 156–172. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38553-7_9

    Chapter  Google Scholar 

  14. Josefsson, S., Liusvaara, I.: Edwards-curve digital signature algorithm (EdDSA). Internet Research Task Force, Crypto Forum Research Group, RFC 8032, January 2017

    Google Scholar 

  15. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. Discrete Mathematics and Its Applications. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  16. Nascimento, E., López, J., Dahab, R.: Efficient and secure elliptic curve cryptography for 8-bit AVR microcontrollers. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 289–309. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24126-5_17

    Chapter  Google Scholar 

  17. National Institute of Standards and Technology (NIST): Secure hash standard (SHS). Federal Information Processing Standards Publication 180–4, August 2015. https://doi.org/10.6028/NIST.FIPS.180-4

  18. National Institute of Standards and Technology (NIST): Report on post-quantum cryptography. Internal Report 8105, April 2016. https://doi.org/10.6028/NIST.IR.8105

  19. Osvik, D.A.: Fast embedded software hashing. Cryptology ePrint Archive, Report 2012/156 (2012). http://eprint.iacr.org/2012/156

  20. Weatherley, R.: Arduino Cryptography Library. Source code (2018). http://github.com/rweather/arduinolibs

  21. Wenzel-Benner, C., Gräf, J., Pham, J., Kaps, J.-P.: XBX benchmarking results January 2012. In: Proceedings of the 3rd SHA-3 Candidates Conference (2012)

    Google Scholar 

  22. Zhou, S., Brown, M.A.: Smart meter deployment in Europe: a comparative case study on the impacts of national policy schemes. J. Clean. Prod. 144, 22–32 (2017)

    Article  Google Scholar 

Download references

Acknowledgements

The research described in this paper was supported, in part, by the Internet Privatstiftung Österreich via the Netidee programme.

Author information

Authors and Affiliations

  1. CSC and SnT, University of Luxembourg, 6, Avenue de la Fonte, 4364, Esch-sur-Alzette, Luxembourg

    Hao Cheng & Johann Großschädl

  2. Bradley Department of Electrical and Computer Engineering, Virginia Tech, Blacksburg, VA, 24061, USA

    Daniel Dinu

Authors
  1. Hao Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Dinu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Johann Großschädl
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Johann Großschädl .

Editor information

Editors and Affiliations

  1. Inria-RBA, Rennes, France

    Jean-Louis Lanet

  2. Bucharest University of Economic Studies, Bucharest, Romania

    Cristian Toma

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cheng, H., Dinu, D., Großschädl, J. (2019). Efficient Implementation of the SHA-512 Hash Function for 8-Bit AVR Microcontrollers. In: Lanet, JL., Toma, C. (eds) Innovative Security Solutions for Information Technology and Communications. SECITC 2018. Lecture Notes in Computer Science(), vol 11359. Springer, Cham. https://doi.org/10.1007/978-3-030-12942-2_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-12942-2_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-12941-5

  • Online ISBN: 978-3-030-12942-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation