PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers
An optimized AES (Advanced Encryption Standard) implementation of Galois Counter Mode of operation (GCM) on low-end microcontrollers is presented in this paper. Two optimization methods are applied to proposed implementations. First, the AES counter (CTR) mode of operation is speed-optimized and ens...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2020-04-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/10/9/3131 |
| _version_ | 1797569170815057920 |
|---|---|
| author | Kyungho Kim Seungju Choi Hyeokdong Kwon Hyunjun Kim Zhe Liu Hwajeong Seo |
| author_facet | Kyungho Kim Seungju Choi Hyeokdong Kwon Hyunjun Kim Zhe Liu Hwajeong Seo |
| author_sort | Kyungho Kim |
| collection | DOAJ |
| description | An optimized AES (Advanced Encryption Standard) implementation of Galois Counter Mode of operation (GCM) on low-end microcontrollers is presented in this paper. Two optimization methods are applied to proposed implementations. First, the AES counter (CTR) mode of operation is speed-optimized and ensures constant timing. The main idea is replacing expensive AES operations, including AddRound Key, SubBytes, ShiftRows, and MixColumns, into simple look-up table access. Unlike previous works, the look-up table does not require look-up table updates during the entire encryption life-cycle. Second, the core operation of Galois Counter Mode (GCM) is optimized further by using Karatsuba algorithm, compact register utilization, and pre-computed operands. With above optimization techniques, proposed AES-GCM on 8-bit AVR (Alf and Vegard’s RISC processor) architecture from short-term, middle-term to long-term security levels achieved 415, 466, and 477 clock cycles per byte, respectively. |
| first_indexed | 2024-03-10T20:08:06Z |
| format | Article |
| id | doaj.art-110e7e39a3f5414b911ff937bdf49d32 |
| institution | Directory Open Access Journal |
| issn | 2076-3417 |
| language | English |
| last_indexed | 2024-03-10T20:08:06Z |
| publishDate | 2020-04-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj.art-110e7e39a3f5414b911ff937bdf49d322023-11-19T23:07:31ZengMDPI AGApplied Sciences2076-34172020-04-01109313110.3390/app10093131PAGE—Practical AES-GCM Encryption for Low-End MicrocontrollersKyungho Kim0Seungju Choi1Hyeokdong Kwon2Hyunjun Kim3Zhe Liu4Hwajeong Seo5Division of IT Convergence Engineering, Hansung University, Seoul 02876, KoreaDivision of IT Convergence Engineering, Hansung University, Seoul 02876, KoreaDivision of IT Convergence Engineering, Hansung University, Seoul 02876, KoreaDivision of IT Convergence Engineering, Hansung University, Seoul 02876, KoreaNanjing University of Aeronautics and Astronautics, Nanjing 210016, ChinaDivision of IT Convergence Engineering, Hansung University, Seoul 02876, KoreaAn optimized AES (Advanced Encryption Standard) implementation of Galois Counter Mode of operation (GCM) on low-end microcontrollers is presented in this paper. Two optimization methods are applied to proposed implementations. First, the AES counter (CTR) mode of operation is speed-optimized and ensures constant timing. The main idea is replacing expensive AES operations, including AddRound Key, SubBytes, ShiftRows, and MixColumns, into simple look-up table access. Unlike previous works, the look-up table does not require look-up table updates during the entire encryption life-cycle. Second, the core operation of Galois Counter Mode (GCM) is optimized further by using Karatsuba algorithm, compact register utilization, and pre-computed operands. With above optimization techniques, proposed AES-GCM on 8-bit AVR (Alf and Vegard’s RISC processor) architecture from short-term, middle-term to long-term security levels achieved 415, 466, and 477 clock cycles per byte, respectively.https://www.mdpi.com/2076-3417/10/9/3131AESfast software encryptionGalois Counter Mode of operationlow-end microcontrollersside channel attack countermeasure |
| spellingShingle | Kyungho Kim Seungju Choi Hyeokdong Kwon Hyunjun Kim Zhe Liu Hwajeong Seo PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers Applied Sciences AES fast software encryption Galois Counter Mode of operation low-end microcontrollers side channel attack countermeasure |
| title | PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers |
| title_full | PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers |
| title_fullStr | PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers |
| title_full_unstemmed | PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers |
| title_short | PAGE—Practical AES-GCM Encryption for Low-End Microcontrollers |
| title_sort | page practical aes gcm encryption for low end microcontrollers |
| topic | AES fast software encryption Galois Counter Mode of operation low-end microcontrollers side channel attack countermeasure |
| url | https://www.mdpi.com/2076-3417/10/9/3131 |
| work_keys_str_mv | AT kyunghokim pagepracticalaesgcmencryptionforlowendmicrocontrollers AT seungjuchoi pagepracticalaesgcmencryptionforlowendmicrocontrollers AT hyeokdongkwon pagepracticalaesgcmencryptionforlowendmicrocontrollers AT hyunjunkim pagepracticalaesgcmencryptionforlowendmicrocontrollers AT zheliu pagepracticalaesgcmencryptionforlowendmicrocontrollers AT hwajeongseo pagepracticalaesgcmencryptionforlowendmicrocontrollers |