As Internet-connected service is emerged, there has been a need for use cases where a lightweight cryptographic primitive meets both of a constrained hardware implementation requirement and a constrained embedded software requirement. One of the examples of these use cases is the PKES (Passive Keyless Entry and Start) system in an automotive domain. From the perspective on these use cases, one interesting direction is to investigate how small the memory (RAM/ROM) requirement of ARM-implementations of hardware-oriented stream ciphers can be. In this paper, we propose implementation techniques for memory-optimized implementations of lightweight hardware-oriented stream ciphers including Grain-128a specified in ISO/IEC 29167-13 for RFID protocols. Our techniques include data-dependency analysis to take a close look at how and in which timing certain variables are updated and also the way taking into account the structure of registers on the target micro-controller. In order to minimize RAM size, we reduce the number of general purpose registers for computation of Grain-128a's update and pre-output values. We present results of our memory-optimized implementations of Grain-128a, one of which requires 84 RAM bytes on ARM Cortex-M3.
Yuhei WATANABE
the SEI-AIST Cyber Security Cooperative Research Laboratory,the National Institute of Advanced Industrial Science and Technology (AIST)
Hideki YAMAMOTO
the SEI-AIST Cyber Security Cooperative Research Laboratory,the Sumitomo Electric Industries, Ltd. (SEI)
Hirotaka YOSHIDA
the SEI-AIST Cyber Security Cooperative Research Laboratory,the National Institute of Advanced Industrial Science and Technology (AIST)
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Yuhei WATANABE, Hideki YAMAMOTO, Hirotaka YOSHIDA, "Towards Minimizing RAM Requirement for Implementation of Grain-128a on ARM Cortex-M3" in IEICE TRANSACTIONS on Fundamentals,
vol. E103-A, no. 1, pp. 2-10, January 2020, doi: 10.1587/transfun.2019CIP0025.
Abstract: As Internet-connected service is emerged, there has been a need for use cases where a lightweight cryptographic primitive meets both of a constrained hardware implementation requirement and a constrained embedded software requirement. One of the examples of these use cases is the PKES (Passive Keyless Entry and Start) system in an automotive domain. From the perspective on these use cases, one interesting direction is to investigate how small the memory (RAM/ROM) requirement of ARM-implementations of hardware-oriented stream ciphers can be. In this paper, we propose implementation techniques for memory-optimized implementations of lightweight hardware-oriented stream ciphers including Grain-128a specified in ISO/IEC 29167-13 for RFID protocols. Our techniques include data-dependency analysis to take a close look at how and in which timing certain variables are updated and also the way taking into account the structure of registers on the target micro-controller. In order to minimize RAM size, we reduce the number of general purpose registers for computation of Grain-128a's update and pre-output values. We present results of our memory-optimized implementations of Grain-128a, one of which requires 84 RAM bytes on ARM Cortex-M3.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2019CIP0025/_p
Copy
@ARTICLE{e103-a_1_2,
author={Yuhei WATANABE, Hideki YAMAMOTO, Hirotaka YOSHIDA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Towards Minimizing RAM Requirement for Implementation of Grain-128a on ARM Cortex-M3},
year={2020},
volume={E103-A},
number={1},
pages={2-10},
abstract={As Internet-connected service is emerged, there has been a need for use cases where a lightweight cryptographic primitive meets both of a constrained hardware implementation requirement and a constrained embedded software requirement. One of the examples of these use cases is the PKES (Passive Keyless Entry and Start) system in an automotive domain. From the perspective on these use cases, one interesting direction is to investigate how small the memory (RAM/ROM) requirement of ARM-implementations of hardware-oriented stream ciphers can be. In this paper, we propose implementation techniques for memory-optimized implementations of lightweight hardware-oriented stream ciphers including Grain-128a specified in ISO/IEC 29167-13 for RFID protocols. Our techniques include data-dependency analysis to take a close look at how and in which timing certain variables are updated and also the way taking into account the structure of registers on the target micro-controller. In order to minimize RAM size, we reduce the number of general purpose registers for computation of Grain-128a's update and pre-output values. We present results of our memory-optimized implementations of Grain-128a, one of which requires 84 RAM bytes on ARM Cortex-M3.},
keywords={},
doi={10.1587/transfun.2019CIP0025},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - Towards Minimizing RAM Requirement for Implementation of Grain-128a on ARM Cortex-M3
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 2
EP - 10
AU - Yuhei WATANABE
AU - Hideki YAMAMOTO
AU - Hirotaka YOSHIDA
PY - 2020
DO - 10.1587/transfun.2019CIP0025
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E103-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2020
AB - As Internet-connected service is emerged, there has been a need for use cases where a lightweight cryptographic primitive meets both of a constrained hardware implementation requirement and a constrained embedded software requirement. One of the examples of these use cases is the PKES (Passive Keyless Entry and Start) system in an automotive domain. From the perspective on these use cases, one interesting direction is to investigate how small the memory (RAM/ROM) requirement of ARM-implementations of hardware-oriented stream ciphers can be. In this paper, we propose implementation techniques for memory-optimized implementations of lightweight hardware-oriented stream ciphers including Grain-128a specified in ISO/IEC 29167-13 for RFID protocols. Our techniques include data-dependency analysis to take a close look at how and in which timing certain variables are updated and also the way taking into account the structure of registers on the target micro-controller. In order to minimize RAM size, we reduce the number of general purpose registers for computation of Grain-128a's update and pre-output values. We present results of our memory-optimized implementations of Grain-128a, one of which requires 84 RAM bytes on ARM Cortex-M3.
ER -