Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives
Energy efficiency is critical in battery-driven devices, and designing energyoptimal symmetric-key ciphers is one of the goals for the use of ciphers in such environments. In the paper by Banik et al. (IACR ToSC 2018), stream ciphers were identified as ideal candidates for low-energy solutions. One...
Guardado en:
| Autores principales: | , , , , , , |
|---|---|
| Formato: | article |
| Lenguaje: | EN |
| Publicado: |
Ruhr-Universität Bochum
2021
|
| Materias: | |
| Acceso en línea: | https://doaj.org/article/08ccd34348fc4fa2bb76f975170c1807 |
| Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| id |
oai:doaj.org-article:08ccd34348fc4fa2bb76f975170c1807 |
|---|---|
| record_format |
dspace |
| spelling |
oai:doaj.org-article:08ccd34348fc4fa2bb76f975170c18072021-12-03T14:38:30ZPerfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives10.46586/tosc.v2021.i4.36-732519-173Xhttps://doaj.org/article/08ccd34348fc4fa2bb76f975170c18072021-12-01T00:00:00Zhttps://tosc.iacr.org/index.php/ToSC/article/view/9328https://doaj.org/toc/2519-173X Energy efficiency is critical in battery-driven devices, and designing energyoptimal symmetric-key ciphers is one of the goals for the use of ciphers in such environments. In the paper by Banik et al. (IACR ToSC 2018), stream ciphers were identified as ideal candidates for low-energy solutions. One of the main conclusions of this paper was that Trivium, when implemented in an unrolled fashion, was by far the most energy-efficient way of encrypting larger quantity of data. In fact, it was shown that as soon as the number of databits to be encrypted exceeded 320 bits, Trivium consumed the least amount of energy on STM 90 nm ASIC circuits and outperformed the Midori family of block ciphers even in the least energy hungry ECB mode (Midori was designed specifically for energy efficiency). In this work, we devise the first heuristic energy model in the realm of stream ciphers that links the underlying algebraic topology of the state update function to the consumptive behaviour. The model is then used to derive a metric that exhibits a heavy negative correlation with the energy consumption of a broad range of stream cipher architectures, i.e., the families of Trivium-like, Grain-like and Subterranean-like constructions. We demonstrate that this correlation is especially pronounced for Trivium-like ciphers which leads us to establish a link between the energy consumption and the security guarantees that makes it possible to find several alternative energy-optimal versions of Trivium that meet the requirements but consume less energy. We present two such designs Trivium-LE(F) and Trivium-LE(S) that consume around 15% and 25% less energy respectively making them the to date most energy-efficient encryption primitives. They inherit the same security level as Trivium, i.e., 80-bit security. We further present Triad-LE as an energy-efficient variant satisfying a higher security level. The simplicity and wide applicability of our model has direct consequences for the conception of future hardware-targeted stream ciphers as for the first time it is possible to optimize for energy during the design phase. Moreover, we extend the reach of our model beyond plain encryption primitives and propose a novel energy-efficient message authentication code Trivium-LE-MAC. Andrea CaforioSubhadeep BanikYosuke TodoWilli MeierTakanori IsobeFukang LiuBin ZhangRuhr-Universität BochumarticleLightweight CryptographyStream CipherHardwareLow Energy EncryptionTriviumGrainComputer engineering. Computer hardwareTK7885-7895ENIACR Transactions on Symmetric Cryptology, Vol 2021, Iss 4 (2021) |
| institution |
DOAJ |
| collection |
DOAJ |
| language |
EN |
| topic |
Lightweight Cryptography Stream Cipher Hardware Low Energy Encryption Trivium Grain Computer engineering. Computer hardware TK7885-7895 |
| spellingShingle |
Lightweight Cryptography Stream Cipher Hardware Low Energy Encryption Trivium Grain Computer engineering. Computer hardware TK7885-7895 Andrea Caforio Subhadeep Banik Yosuke Todo Willi Meier Takanori Isobe Fukang Liu Bin Zhang Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives |
| description |
Energy efficiency is critical in battery-driven devices, and designing energyoptimal symmetric-key ciphers is one of the goals for the use of ciphers in such environments. In the paper by Banik et al. (IACR ToSC 2018), stream ciphers were identified as ideal candidates for low-energy solutions. One of the main conclusions of this paper was that Trivium, when implemented in an unrolled fashion, was by far the most energy-efficient way of encrypting larger quantity of data. In fact, it was shown that as soon as the number of databits to be encrypted exceeded 320 bits, Trivium consumed the least amount of energy on STM 90 nm ASIC circuits and outperformed the Midori family of block ciphers even in the least energy hungry ECB mode (Midori was designed specifically for energy efficiency).
In this work, we devise the first heuristic energy model in the realm of stream ciphers that links the underlying algebraic topology of the state update function to the consumptive behaviour. The model is then used to derive a metric that exhibits a heavy negative correlation with the energy consumption of a broad range of stream cipher architectures, i.e., the families of Trivium-like, Grain-like and Subterranean-like constructions. We demonstrate that this correlation is especially pronounced for Trivium-like ciphers which leads us to establish a link between the energy consumption and the security guarantees that makes it possible to find several alternative energy-optimal versions of Trivium that meet the requirements but consume less energy. We present two such designs Trivium-LE(F) and Trivium-LE(S) that consume around 15% and 25% less energy respectively making them the to date most energy-efficient encryption primitives. They inherit the same security level as Trivium, i.e., 80-bit security. We further present Triad-LE as an energy-efficient variant satisfying a higher security level. The simplicity and wide applicability of our model has direct consequences for the conception of future hardware-targeted stream ciphers as for the first time it is possible to optimize for energy during the design phase. Moreover, we extend the reach of our model beyond plain encryption primitives and propose a novel energy-efficient message authentication code Trivium-LE-MAC.
|
| format |
article |
| author |
Andrea Caforio Subhadeep Banik Yosuke Todo Willi Meier Takanori Isobe Fukang Liu Bin Zhang |
| author_facet |
Andrea Caforio Subhadeep Banik Yosuke Todo Willi Meier Takanori Isobe Fukang Liu Bin Zhang |
| author_sort |
Andrea Caforio |
| title |
Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives |
| title_short |
Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives |
| title_full |
Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives |
| title_fullStr |
Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives |
| title_full_unstemmed |
Perfect Trees: Designing Energy-Optimal Symmetric Encryption Primitives |
| title_sort |
perfect trees: designing energy-optimal symmetric encryption primitives |
| publisher |
Ruhr-Universität Bochum |
| publishDate |
2021 |
| url |
https://doaj.org/article/08ccd34348fc4fa2bb76f975170c1807 |
| work_keys_str_mv |
AT andreacaforio perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives AT subhadeepbanik perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives AT yosuketodo perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives AT willimeier perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives AT takanoriisobe perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives AT fukangliu perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives AT binzhang perfecttreesdesigningenergyoptimalsymmetricencryptionprimitives |
| _version_ |
1718373128600551424 |