Efficient Software Implementations of Fantomas
Resumo
We present a series of software implementations of the Fantomas block cipher in resource-constrained ARM devices like the Cortex-M3 and Cortex-M4; and more powerful processors such as the ARM Cortex-A15 and modern Intel platforms. Our implementations span a broad range of characteristics: 32-bit and 64-bit versions, side-channel resistant and vectorized code for NEON and SSE instructions. Our implementations of the algorithm improve the state of the art substantially, both in terms of efficiency or compactness, by making use of novel algorithmic techniques and features specific to the target platform. In particular, our unprotected 32-bit implementation achieves speedups from 35% to 66% in the ARM Cortex-M architecture, while consuming considerably less code size. The vectorized implementations improve performance over the state of the art by 40% in the ARM Cortex-A15 and 50% in the Core i7 Ivy Bridge, setting new speed records for the implementation of the block cipher.
Referências
Barker, E. and Kelsey, J. (2012). NIST SP 800-90A – Recommendation for Random Number Generation Using Deterministic Random Bit Generators.
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., and Wingers, L. (2013).
The simon and speck families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404. http://eprint.iacr.org/2013/404.
Bernstein, D. J. (2004). Cache-timing attacks on AES. URL: http://cr.yp.to/papers.html#cachetiming.
Bernstein, D. J. and Lange, T. (2016). eBACS: ECRYPT Benchmarking of Cryptographic Systems. http://bench.cr.yp.to.
Bonneau, J. and Mironov, I. (2006). Cache-Collision Timing Attacks Against AES, pages 201–215. Springer Berlin Heidelberg, Berlin, Heidelberg.
Borghoff, J., Canteaut, A., Güneysu, T., Kavun, E. B., Knezevic, M., Knudsen, L. R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S. S., and Yalçn, T. (2012). PRINCE – A Low-Latency Block Cipher for Pervasive Computing Applications, pages 208–225. Springer Berlin Heidelberg, Berlin, Heidelberg.
Canteaut, A., Duval, S., and Leurent, G. (2016). Construction of Lightweight S-Boxes Using Feistel and MISTY Structures, pages 373–393. Springer International Publishing, Cham.
Daemen, J. and Rijmen, V. (2002). The advanced encryption standard.
Dinu, D., Corre, Y. L., Khovratovich, D., Perrin, L., Großschädl, J., and Biryukov, A. (2015). Triathlon of lightweight block ciphers for the internet of things. Cryptology ePrint Archive, Report 2015/209. http://eprint.iacr.org/.
Grosso, V., Laurent, G., Standaert, F., Varici, K., Durvaux, F., Gaspar, L., and Kerckhof, S. (2015a). CAESAR candidate SCREAM Side-Channel Resistant Authenticated Encryption with Masking. http://2014.diac.cr.yp.to/slides/leurent-scream.pdf.
Grosso, V., Laurent, G., Standaert, F., Varici, K., Durvaux, F., Gaspar, L., and Kerckhof, S. (2015b). SCREAM Side-Channel Resistant Authenticated Encryption with Masking. https://competitions.cr.yp.to/round2/screamv3.pdf.
Grosso, V., Leurent, G., Standaert, F.-X., and Varc, K. (2015c). LS-Designs: Bitslice Encryption for Efficient Masked Software Implementations, pages 18–37. Springer Berlin Heidelberg, Berlin, Heidelberg.
Hong, D., Lee, J.-K., Kim, D.-C., Kwon, D., Ryu, K. H., and Lee, D.-G. (2014). LEA: A 128-Bit Block Cipher for Fast Encryption on Common Processors, pages 3–27. Springer International Publishing, Cham.
Ishai, Y., Sahai, A., and Wagner, D. (2003). Private Circuits: Securing Hardware against Probing Attacks, pages 463–481. Springer Berlin Heidelberg, Berlin, Heidelberg.
Kocher, P. C. (1996). Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In CRYPTO, volume 1109 of Lecture Notes in Computer Science, pages 104–113. Springer.
Kocher, P. C., Jaffe, J., and Jun, B. (1999). Differential power analysis. In CRYPTO, volume 1666 of Lecture Notes in Computer Science, pages 388–397. Springer.
Leander, G., Minaud, B., and Rønjom, S. (2015). A Generic Approach to Invariant Subspace Attacks: Cryptanalysis of Robin, iSCREAM and Zorro. In EUROCRYPT (1), volume 9056 of Lecture Notes in Computer Science, pages 254–283. Springer.
Piret, G., Roche, T., and Carlet, C. (2012). PICARO – A Block Cipher Allowing Efficient Higher-Order Side-Channel Resistance, pages 311–328. Springer Berlin Heidelberg, Berlin, Heidelberg.
Rivain, M. and Prouff, E. (2010). Provably Secure Higher-Order Masking of AES, pages 413–427. Springer Berlin Heidelberg, Berlin, Heidelberg.
Silva, B. R., Pereira, F. M. Q., and Aranha, D. F. (2016). Sparse representation of implicit flows with applications to side-channel detection. In 25th International Conference on Compiler Construction (CC), pages 110–120. ACM.