Implementation and evaluation of the Xote stream cipher in dataplane in the Tofino programmable hardware
Abstract
This work introduces a novel element reordering technique applied to the Intel Tofino architecture’s packet interpreter, enabling the first-time implementation of the Xote algorithm on programmable data planes, and presents a comprehensive comparative performance analysis of the ChaCha, Forró, and Xote algorithms on this architecture. The results demonstrate that the ChaCha algorithm, when implemented with the proposed reordering technique, achieves higher maximum packet throughput and similar resource utilization compared to the other algorithms, surpassing previously reported results in the literature with a 1.65x increase in maximum throughput.
Keywords:
Cryptography, Stream ciphers, Programmable networks, Network security
References
Bernstein, D. J. (2005). The poly1305-aes message-authentication code. In International workshop on fast software encryption, pages 32–49. Springer.
Bernstein, D. J. (2008). The Salsa20 Family of Stream Ciphers, pages 84–97. Springer-Verlag, Berlin, Heidelberg.
Bernstein, D. J., et al. (2008). Chacha, a variant of salsa20. In Workshop record of SASC, volume 8, pages 3–5. Citeseer.
Chen, X. (2020). Implementing aes encryption on programmable switches via scrambled lookup tables. In Proceedings of the Workshop on Secure Programmable Network Infrastructure, pages 8–14.
Costa, F. G. (2023). Pipo-tg: parameterizable high performance traffic generation.
Coutinho, M. (2023). Design, diffusion, and cryptanalysis of symmetric primitive.
Coutinho, M., Passos, I., Vásquez, J. C. G., Sarkar, S., de Mendonça, F. L., de Sousa Jr, R. T., & Borges, F. (2023). Latin dances reloaded: Improved cryptanalysis against salsa and chacha, and the proposal of forró. Journal of Cryptology, 36(3), 18.
Dworkin, M., Barker, E., Nechvatal, J., Foti, J., Bassham, L., Roback, E., & Dray, J. (2001). Advanced encryption standard (aes).
Francisco, M., Ferreira, B., Ramos, F. M. V., Marin, E., & Signorello, S. (2024). P4chaskey: An efficient mac algorithm for pisa switches. In 7th European P4 Workshop (EuroP4’24).
Gherari, M., Akbari, F. A., Habibi, S., Ali, S. O., Hmitti, Z. A., Kardjadja, Y., Saqib, M., Maia, A. M., Rayani, M., Soyak, E. G., Elbiaze, H., Ercetin, O., Ghamri-Doudane, Y., Glitho, R., & Ajib, W. (2023). A review of the in-network computing and its role in the edge-cloud continuum.
Hauser, F., Häberle, M., Merling, D., Lindner, S., Gurevich, V., Zeiger, F., Frank, R., & Menth, M. (2023). A survey on data plane programming with p4: Fundamentals, advances, and applied research. Journal of Network and Computer Applications, 212, 103561.
Kfoury, E. F., Crichigno, J., & Bou-Harb, E. (2021). An exhaustive survey on p4 programmable data plane switches: Taxonomy, applications, challenges, and future trends. IEEE Access, 9, 87094–87155.
Kreutz, D., Ramos, F. M., Verissimo, P. E., Rothenberg, C. E., Azodolmolky, S., & Uhlig, S. (2014). Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1), 14–76.
Pierini, R., Teixeira, C., Rothenberg, C., & Henriques, M. (2024). Implementação e avaliação da cifra de fluxo forro14 em hardware programável tofino usando a linguagem p4. In Anais do XXIV Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais, pages 399–414. Porto Alegre, RS, Brasil. SBC.
Yoo, S., & Chen, X. (2021). Secure keyed hashing on programmable switches. In Proceedings of the ACM SIGCOMM 2021 Workshop on Secure Programmable Network Infrastructure, pages 16–22.
Yoshinaka, Y., Takemasa, J., Koizumi, Y., & Hasegawa, T. (2022). On implementing chacha on a programmable switch. In Proceedings of the 5th International Workshop on P4 in Europe, pages 15–18.
Bernstein, D. J. (2008). The Salsa20 Family of Stream Ciphers, pages 84–97. Springer-Verlag, Berlin, Heidelberg.
Bernstein, D. J., et al. (2008). Chacha, a variant of salsa20. In Workshop record of SASC, volume 8, pages 3–5. Citeseer.
Chen, X. (2020). Implementing aes encryption on programmable switches via scrambled lookup tables. In Proceedings of the Workshop on Secure Programmable Network Infrastructure, pages 8–14.
Costa, F. G. (2023). Pipo-tg: parameterizable high performance traffic generation.
Coutinho, M. (2023). Design, diffusion, and cryptanalysis of symmetric primitive.
Coutinho, M., Passos, I., Vásquez, J. C. G., Sarkar, S., de Mendonça, F. L., de Sousa Jr, R. T., & Borges, F. (2023). Latin dances reloaded: Improved cryptanalysis against salsa and chacha, and the proposal of forró. Journal of Cryptology, 36(3), 18.
Dworkin, M., Barker, E., Nechvatal, J., Foti, J., Bassham, L., Roback, E., & Dray, J. (2001). Advanced encryption standard (aes).
Francisco, M., Ferreira, B., Ramos, F. M. V., Marin, E., & Signorello, S. (2024). P4chaskey: An efficient mac algorithm for pisa switches. In 7th European P4 Workshop (EuroP4’24).
Gherari, M., Akbari, F. A., Habibi, S., Ali, S. O., Hmitti, Z. A., Kardjadja, Y., Saqib, M., Maia, A. M., Rayani, M., Soyak, E. G., Elbiaze, H., Ercetin, O., Ghamri-Doudane, Y., Glitho, R., & Ajib, W. (2023). A review of the in-network computing and its role in the edge-cloud continuum.
Hauser, F., Häberle, M., Merling, D., Lindner, S., Gurevich, V., Zeiger, F., Frank, R., & Menth, M. (2023). A survey on data plane programming with p4: Fundamentals, advances, and applied research. Journal of Network and Computer Applications, 212, 103561.
Kfoury, E. F., Crichigno, J., & Bou-Harb, E. (2021). An exhaustive survey on p4 programmable data plane switches: Taxonomy, applications, challenges, and future trends. IEEE Access, 9, 87094–87155.
Kreutz, D., Ramos, F. M., Verissimo, P. E., Rothenberg, C. E., Azodolmolky, S., & Uhlig, S. (2014). Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1), 14–76.
Pierini, R., Teixeira, C., Rothenberg, C., & Henriques, M. (2024). Implementação e avaliação da cifra de fluxo forro14 em hardware programável tofino usando a linguagem p4. In Anais do XXIV Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais, pages 399–414. Porto Alegre, RS, Brasil. SBC.
Yoo, S., & Chen, X. (2021). Secure keyed hashing on programmable switches. In Proceedings of the ACM SIGCOMM 2021 Workshop on Secure Programmable Network Infrastructure, pages 16–22.
Yoshinaka, Y., Takemasa, J., Koizumi, Y., & Hasegawa, T. (2022). On implementing chacha on a programmable switch. In Proceedings of the 5th International Workshop on P4 in Europe, pages 15–18.
Published
2025-05-19
How to Cite
PIERINI, Rodrigo A. de A.; TEIXEIRA, Caio; ROTHENBERG, Christian Esteve; HENRIQUES, Marco Amaral.
Implementation and evaluation of the Xote stream cipher in dataplane in the Tofino programmable hardware. In: BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 43. , 2025, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 658-671.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2025.6337.
