Advertisement

Efficient Implementation of the SHA-512 Hash Function for 8-Bit AVR Microcontrollers

  • Hao Cheng
  • Daniel Dinu
  • Johann GroßschädlEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11359)

Abstract

SHA-512 is a member of the SHA-2 family of cryptographic hash algorithms that is based on a Davies-Mayer compression function operating on eight 64-bit words to produce a 512-bit digest. It provides strong resistance to collision and preimage attacks, and is assumed to remain secure in the dawning era of quantum computers. However, the compression function of SHA-512 is challenging to implement on small 8 and 16-bit microcontrollers because of their limited register space and the fact that 64-bit rotations are generally slow on such devices. In this paper, we present the first highly-optimized Assembler implementation of SHA-512 for the ATmega family of 8-bit AVR microcontrollers. We introduce a special optimization technique for the compression function based on a duplication of the eight working variables so that they can be more efficiently loaded from RAM via the indirect addressing mode with displacement (using the ldd and std instruction). In this way, we were able to achieve high performance without unrolling the main loop of the compression function, thereby keeping the code size small. When executed on an 8-bit AVR ATmega128 microcontroller, the compression function takes slightly less than 60k clock cycles, which corresponds to a compression rate of roughly 467 cycles per byte. The binary code size of the full SHA-512 implementation providing a standard Init-Update-Final (IUF) interface amounts to approximately 3.5 kB.

Keywords

Internet of Things (IoT) Lightweight cryptography AVR microcontroller Software optimization Performance evaluation 

Notes

Acknowledgements

The research described in this paper was supported, in part, by the Internet Privatstiftung Österreich via the Netidee programme.

References

  1. 1.
    Alippi, C., Bogdanov, A., Regazzoni, F.: Lightweight cryptography for constrained devices. In: Proceedings of the 14th International Symposium on Integrated Circuits (ISIC 2014), pp. 144–147. IEEE (2014)Google Scholar
  2. 2.
    Atmel Corporation: 8-bit AVR instruction set. User guide (2008). http://www.atmel.com/dyn/resources/prod_documents/doc0856.pdf
  3. 3.
    Atmel Corporation: 8-bit AVR microcontroller with 128K bytes in-system programmable flash: ATmega128, ATmega128L. Datasheet (2008). http://www.atmel.com/dyn/resources/prod_documents/doc2467.pdf
  4. 4.
    Balasch, J., et al.: Compact implementation and performance evaluation of hash functions in attiny devices. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 158–172. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-37288-9_11CrossRefGoogle Scholar
  5. 5.
    Bernstein, D.J.: Quantum algorithms to find collisions. The cr.yp.to blog (2017). http://blog.cr.yp.to/20171017-collisions.html
  6. 6.
    Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 124–142. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23951-9_9CrossRefGoogle Scholar
  7. 7.
    Brassard, G., Høyer, P., Tapp, A.: Quantum cryptanalysis of hash and claw-free functions. In: Lucchesi, C.L., Moura, A.V. (eds.) LATIN 1998. LNCS, vol. 1380, pp. 163–169. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054319CrossRefGoogle Scholar
  8. 8.
    Cao, X., O’Neill, M.: Application-oriented SHA-256 hardware design for low-cost RFID. In: Proceedings of the 45th IEEE International Symposium on Circuits and Systems (ISCAS 2012), pp. 1412–1415. IEEE (2012)Google Scholar
  9. 9.
    Chailloux, A., Naya-Plasencia, M., Schrottenloher, A.: An efficient quantum collision search algorithm and implications on symmetric cryptography. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 211–240. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70697-9_8CrossRefGoogle Scholar
  10. 10.
    Dinu, D.: Efficient and secure implementations of lightweight symmetric cryptographic primitives. Ph.D. thesis, University of Luxembourg (2017)Google Scholar
  11. 11.
    Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Miller, G.L. (ed.) Proceedings of the 28th Annual ACM Symposium on the Theory of Computing (STOC 1996), pp. 212–219. ACM Press, New York (1996)Google Scholar
  12. 12.
    Gueron, S., Johnson, S., Walker, J.: SHA-512/256. Cryptology ePrint Archive, Report 2010/548 (2010). http://eprint.iacr.org/2010/548
  13. 13.
    Hutter, M., Schwabe, P.: NaCl on 8-bit AVR microcontrollers. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 156–172. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38553-7_9CrossRefGoogle Scholar
  14. 14.
    Josefsson, S., Liusvaara, I.: Edwards-curve digital signature algorithm (EdDSA). Internet Research Task Force, Crypto Forum Research Group, RFC 8032, January 2017Google Scholar
  15. 15.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. Discrete Mathematics and Its Applications. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  16. 16.
    Nascimento, E., López, J., Dahab, R.: Efficient and secure elliptic curve cryptography for 8-bit AVR microcontrollers. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 289–309. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-24126-5_17CrossRefGoogle Scholar
  17. 17.
    National Institute of Standards and Technology (NIST): Secure hash standard (SHS). Federal Information Processing Standards Publication 180–4, August 2015.  https://doi.org/10.6028/NIST.FIPS.180-4
  18. 18.
    National Institute of Standards and Technology (NIST): Report on post-quantum cryptography. Internal Report 8105, April 2016.  https://doi.org/10.6028/NIST.IR.8105
  19. 19.
    Osvik, D.A.: Fast embedded software hashing. Cryptology ePrint Archive, Report 2012/156 (2012). http://eprint.iacr.org/2012/156
  20. 20.
    Weatherley, R.: Arduino Cryptography Library. Source code (2018). http://github.com/rweather/arduinolibs
  21. 21.
    Wenzel-Benner, C., Gräf, J., Pham, J., Kaps, J.-P.: XBX benchmarking results January 2012. In: Proceedings of the 3rd SHA-3 Candidates Conference (2012)Google Scholar
  22. 22.
    Zhou, S., Brown, M.A.: Smart meter deployment in Europe: a comparative case study on the impacts of national policy schemes. J. Clean. Prod. 144, 22–32 (2017)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.CSC and SnTUniversity of LuxembourgEsch-sur-AlzetteLuxembourg
  2. 2.Bradley Department of Electrical and Computer EngineeringVirginia TechBlacksburgUSA

Personalised recommendations