Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology and Information Security in Latin America

LATINCRYPT 2019: Progress in Cryptology – LATINCRYPT 2019 pp 323–340Cite as

Efficient Cryptography on the RISC-V Architecture

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11774))

Abstract

RISC-V is a promising free and open-source instruction set architecture. Most of the instruction set has been standardized and several hardware implementations are commercially available. In this paper we highlight features of RISC-V that are interesting for optimizing implementations of cryptographic primitives. We provide the first optimized assembly implementations of table-based AES, bitsliced AES, ChaCha, and the Keccak-\(f\)[1600] permutation for the RV32I instruction set. With respect to public-key cryptography, we study the performance of arbitrary-precision integer arithmetic without a carry flag. We then estimate the improvement that can be gained by several RISC-V extensions. These performance studies also serve to aid design choices for future RISC-V extensions and implementations.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://riscv.org/.

  2. 2.

    https://riscv.org/software-status.

  3. 3.

    https://www.sifive.com/boards/hifive1.

  4. 4.

    https://riscv.org/risc-v-cores.

  5. 5.

    https://github.com/XKCP/XKCP.

  6. 6.

    https://groups.google.com/forum/#!forum/riscv-xbitmanip.

  7. 7.

    https://github.com/riscv/riscv-bitmanip.

References

  1. Bernstein, D.J., Chuengsatiansup, C., Lange, T.: Curve41417: Karatsuba revisited. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 316–334. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44709-3_18

    Chapter  Google Scholar 

  2. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: Keccak implementation overview, May 2012. https://keccak.team/files/Keccak-implementation-3.2.pdf

  3. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak sponge function family main document. NIST SHA-3 Submission, October 2008. https://keccak.team/obsolete/Keccak-main-1.0.pdf

  4. Bernstein, D.J.: Cache-timing attacks on AES, April 2005. https://cr.yp.to/antiforgery/cachetiming-20050414.pdf

  5. Bernstein, D.J.: The Poly1305-AES message-authentication code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32–49. Springer, Heidelberg (2005). https://doi.org/10.1007/11502760_3

    Chapter  Google Scholar 

  6. Bernstein, D.J.: ChaCha, a variant of Salsa20. In: The State of the Art of Stream Ciphers - SASC, January 2008. https://cr.yp.to/chacha/chacha-20080120.pdf

  7. Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) SEA 2010. LNCS, vol. 6049, pp. 178–189. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13193-6_16

    Chapter  Google Scholar 

  8. Bernstein, D.J., Schwabe, P.: New AES software speed records. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 322–336. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89754-5_25

    Chapter  Google Scholar 

  9. Düll, M., et al.: High-speed Curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers. Des. Codes Crypt. 77(2), 493–514 (2015)

    Article  MathSciNet  Google Scholar 

  10. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Heidelberg (2002)

    Book  Google Scholar 

  11. Fujii, H., Aranha, D.F.: Curve25519 for the Cortex-M4 and beyond. In: Lange, T., Dunkelman, O. (eds.) LATINCRYPT 2017. LNCS, vol. 11368, pp. 109–127. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-25283-0_6

    Chapter  Google Scholar 

  12. Hülsing, A., Rijneveld, J., Schwabe, P.: ARMed SPHINCS - computing a 41 KB signature in 16 KB of RAM. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016. LNCS, vol. 9614, pp. 446–470. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49384-7_17

    Chapter  Google Scholar 

  13. Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Soviet Phys. Doklady 7, 595–596 (1963). Translated from Doklady Akademii Nauk SSSR 145(2), 293–294 (1962)

    Google Scholar 

  14. Könighofer, R.: A fast and cache-timing resistant implementation of the AES. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 187–202. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79263-5_12

    Chapter  Google Scholar 

  15. Kannwischer, M.J., Rijneveld, J., Schwabe, P.: Faster multiplication in \(\mathbb{Z}_{2^m}[x]\) on Cortex-M4 to speed up NIST PQC candidates. In: Deng, R.H., Gauthier-Umaña, V., Ochoa, M., Yung, M. (eds.) ACNS 2019. LNCS, vol. 11464, pp. 281–301. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-21568-2_14

    Chapter  Google Scholar 

  16. Käsper, E., Schwabe, P.: Faster and Timing-attack resistant AES-GCM. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 1–17. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_1

    Chapter  Google Scholar 

  17. Langley, A., Chang, W.-T., Mavrogiannopoulos, N., Strombergson, J., Josefsson, S.: Internet Engineering Task Force. RFC 7905: ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS), June 2016. https://tools.ietf.org/html/rfc7905

  18. NIST. SHA-3 standard: permutation-based hash and extendable-output functions. FIPS 202, August 2015. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf

  19. Nir, Y., Langley, A.: Internet Research Task Force. RFC 8439: ChaCha20 and Poly1305 for IETF Protocols, June 2018. https://tools.ietf.org/html/rfc8439

  20. Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006). https://doi.org/10.1007/11605805_1

    Chapter  Google Scholar 

  21. RISC-V Foundation. The RISC-V Instruction Set Manual, Volume 1: User-Level ISA, Document Version 2.2, May 2017. https://content.riscv.org/wp-content/uploads/2017/05/riscv-spec-v2.2.pdf

  22. SiFive, Inc.: SiFive FE310-G000 Manual, v2p3, October 2017. https://sifive.cdn.prismic.io/sifive/4d063bf8-3ae6-4db6-9843-ee9076ebadf7_fe310-g000.pdf

  23. SiFive, Inc.: SiFive E31 Core Complex Manual, v2p0, June 2018. https://sifive.cdn.prismic.io/sifive/b06a2d11-19ea-44ec-bf53-3e4c497c7997_sifive-e31-manual-v2p0.pdf

  24. Seo, H., Liu, Z., Longa, P., Hu, Z.: SIDH on ARM: faster modular multiplications for faster post-quantum supersingular isogeny key exchange. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(3), 1–20 (2018). https://tches.iacr.org/index.php/TCHES/article/view/7266

    Google Scholar 

  25. Schwabe, P., Stoffelen, K.: All the AES you need on Cortex-M3 and M4. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 180–194. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69453-5_10

    Chapter  Google Scholar 

  26. Shand, M., Vuillemin, J.: Fast implementations of RSA cryptography. In: Proceedings of IEEE 11th Symposium on Computer Arithmetic, pp. 252–259, June 1993

    Google Scholar 

  27. Wang, W., et al.: XMSS and embedded systems - XMSS hardware accelerators for RISC-V. Cryptology ePrint Archive, Report 2018/1225 (2018). https://eprint.iacr.org/2018/1225

Download references

Author information

Authors and Affiliations

  1. Digital Security Group, Radboud University, Nijmegen, The Netherlands

    Ko Stoffelen

Authors
  1. Ko Stoffelen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ko Stoffelen .

Editor information

Editors and Affiliations

  1. Radboud University Nijmegen, Nijmegen, The Netherlands

    Peter Schwabe

  2. Universidad de Santiago de Chile, Santiago, Chile

    Nicolas Thériault

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Stoffelen, K. (2019). Efficient Cryptography on the RISC-V Architecture. In: Schwabe, P., Thériault, N. (eds) Progress in Cryptology – LATINCRYPT 2019. LATINCRYPT 2019. Lecture Notes in Computer Science(), vol 11774. Springer, Cham. https://doi.org/10.1007/978-3-030-30530-7_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30530-7_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30529-1

  • Online ISBN: 978-3-030-30530-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation