Evaluation of software implementation of lightweight block cipher RECTANGLE on X86 and X64 platforms

doi:10.7523/j.issn.2095-6134.2015.06.014

Abstract

Abstract:

Lightweight cipher has attracted much attention from the cipher community. Nowadays it is a trend to design lightweight cipher which performs well in both hardware and software. Although several theoretical and practical studies have been reported in the field of software implementation of lightweight cipher, it is still difficult to make a fair comparison of software implementation among different lightweight ciphers. In this paper we firstly present an approach of bitslice implementation of RECTANGLE, and then give its evaluation of software performance on X64 and X86 platforms. On 2.9 GHZ Intel(core) i5-4570s CPU, RECTANGLE achieves 34.2 cycles/byte for encryption and 30.9 cycles/byte for decryption for one block; on SSE instruction it achieves 5.2 cycles/byte for encryption and 5.1 cycles/byte for decryption; and on AVX instruction it achieves 2.6 cycles/byte for encryption and 2.5 cycles/byte for decryption.

Key words: lightweight cipher, software implementation, RECTANGLE, bitslice implementation

CLC Number:

TN918.4

GONG Lili, ZHANG Wentao, BAO Zhenzhen, GUO Chun. Evaluation of software implementation of lightweight block cipher RECTANGLE on X86 and X64 platforms[J]. , 2015, 32(6): 816-824.

References

[1] Moradi A, Poschmann A, Ling A, et al. Pushing the limits:a very compact and a threshold implementation of AES[C]//Paterson G. EUROCRYPT 2011.Berlin Heidelberg:Springer, 2011:69-88.

[2] Miroslav K, Ventzislav N, Peter R. Low-latency encryption-Is Lightweight=Light+Wait"?[C]//Prouff E, Schaumont P. CHES 2012. Berlin Heidelberg:Springer, 2012:426-446.

[3] Nigel Smart (BRIS).ECRYPT Ⅱ Yearly Report on Standardization (2012-2013)[R/OL]. European:ECRYPT,(2013-01-22)[2014-12]. http://ec.europa.eu/information_society/apps/projects/logos/6/216676/080/deliverables/001_DSPA19.pdf.

[4] Axel Y. Lightweight cryptography-cryptographic engineering for a pervasive world[R/OL]. IACR Cryptology ePrint Archive.(2009)[2014-12]. http://eprint.iacr.org/2009/516.pdf.

[5] Seiichi M, Shiho M. Lightweight cryptography for the cloud:exploit the power of bitslice implementation[C]//Prouff E, Patrick S.CHES 2012. Berlin Heidelberg:Springer, 2012:408-425.

[6] Ryad B, Guo J, Victor L, et al. Implementing lightweight block ciphers on x86 architectures[C]//Lange T, Lauter K. SAC 2013. Berlin Heidelberg:Springer, 2014:324-351.

[7] Bogdanov A, Knudsen L, Leander G, et al. PRESENT:an ultra-lightweight block cipher[C]//Paillier P, Verbauwhede I. CHES 2007. Berlin Heidelberg:Springer, 2007:450-466.

[8] Shamir A.SQUASH:a new MAC with provable security properties for highly constrained devices such as RFID tags[C]//Nyberg K. FSE 2008. Berlin Heidelberg:Springer, 2008:144-157.

[9] De C, Dunkelman O, Kne?evi'c M.KATAN and KTANTAN:a family of small and efficient hardware-oriented block ciphers[C]//clavier C, Gaj K. CHES 2009. Berlin Heidelberg:Springer, 2009:272-288.

[10] Aumasson P, Henzen L, Meier W, et al. Quark:a lightweight hash[C]//Mangard S, Standaert X.CHES 2010. Berlin Heidelberg:Springer, 2010:1-15.

[11] Guo J, Peyrin T, Poschmann A. The PHOTON family of lightweight hash functions[C]//Rogaway P.CRYPTO 2011. Berlin Heidelberg:Springer, 2011:222-239.

[12] Shibutani K, Isobe T, Hiwatari H, et al. Piccolo:an ultra-lightweight block cipher[C]//Preneel B, Takagi T.CHES 2011. Berlin Heidelberg:Springer, 2011:342-357.

[13] Martin A, Benedikt D, Elif K, et al. Block ciphers:focus on the linear layer (feat. PRIDE)[C]//Garay J, Gennaro R. CRYPTO 2014. Berlin Heidelberg:Springer, 2014:57-76.

[14] Gong Z, Nikova S, Law Y. KLEIN:a new family of lightweight block ciphers[C]//Juels A, Paar C. RFIDSec 2011. Berlin Heidelberg:Springer, 2012:1-18.

[15] Wu W L, Zhang L. LBlock:a lightweight clock cipher[C]//Lopez J, Tsudik G. ACNS 2011. Berlin Heidelberg:Springer, 2012:327-344.

[16] Suzaki T, Minematsu K, Morioka S, et al. TWINE:a lightweight block cipher for multiple platforms[C]//Knudsen R, Wu H. SAC 2012. Berlin Heidelberg:Springer, 2012:340-355.

[17] Ray B, Douglas S, Jason S, et al. The SIMON and SPECK families of lightweight block ciphers[R/OL]. IACR Cryptology ePrint Archive.(2013)[2014-11].https://eprint.iacr.org/2013/404.pdf.

[18] Zhang W T, Bao Z Z, Lin D D, et al. RECTANGLE:a bit-slice ultra-lightweight block cipher suitable for multiple platforms[R/OL].IACR Cryptology ePrint Archive.(2014)[2014-11].http://eprint.iacr.org/2014/084.pdf.

[19] Vincent G, Gaëtan L, Fran S, et al. LS-designs:bitslice encryption for efficient masked software implementations[C]//FSE2014. Berlin Heidelberg:Springer, 2014.

[20] Eisenbarth T, Kumar S, Paar C, et al. A survey of lightweight-cryptography implementations[J]. IEEE Design & Test of Computers, 2007, 24(6):522-533.

[21] Thomas, Gong Z, Tim, et al. Compact implementation and performance evaluation of block ciphers in aTtiny devices[C]//Mitrokotsa A, Vaudenay S. AFRICACRYPT 2012.Berlin Heidelberg:Springer. 2012:172-187.

[22] Matsui M, Murakami Y. Minimalism of software implementation[C]//Moriai S. FSE 2013. Berlin Heidelberg:Springer, 2014:393-409.

[23] Ted K, Phillip R. The software performance of authenticated encryption modes[C]//Joux A.FSE 2011. Berlin Heidelberg:Springer, 2011:306-327.

[24] Gueron S. Intel advanced encryption standard (AES) instructions set[R/OL]. Intel White Paper Rev3.01.(2012)[2014-11]. https://software.intel.com/sites/default/files/article/165683/aes-wp-2012-09-22-v01.pdf.

[25] Biham E. A fast new DES implementation in software[C]//Biham E. FSE1997. Berlin Heidelberg:Springer, 1997:260-272.

[26] Matsui M, Nakajima J. On the power of bitslice implementation on intel Core2 processor[C]//Paillier P, Verbauwhede I. CHES 2007. Berlin Heidelberg:Springer, 2007:121-134.

[27] Könighofer R. A fast and cache-timing resistant implementation of the AES[C]//Malkin T.CT-RSA 2008. Berlin Heidelberg:Springer, 2008:187-202.

[28] Käsper E, Schwabe P. Faster and timing:attack resistant AES-GCM[C]//Clavier C, Gaj K.CHES 2009. Berlin Heidelberg:Springer, 2009:1-17.

[29] Ross A, Eli B, Lars K. Serpent:a proposal for the advanced encryption standard[R/OL]. NIST AES Proposal. (1998)[2014-11]. http://cryptosoft.net/docs/Serpent.pdf.

[30] Joan D, Michaël P, Gilles A, et al. Nessie proposal:NOEKEON[C/OL]. First Open NESSIE Workshop.(2000)[2014-11]. http://gro.noekeon.org/Noekeon-spec.pdf.

[31] Guido B, Joan D, Michael P, et al. The keccak reference[R/OL]. Submission to NIST(Round 3), 2011[2014-11]. http://keccak.noekeon.org/.

[32] Wu H. SHA-3 proposal JH[R/OL]. Submission to NIST. (2008)[2014-11]. http://www3.ntu.edu.sg/home/wuhj/research/jh/jh_round3.pdf.