Subscribe

Issue No.02 - Feb. (2013 vol.62)

pp: 279-294

D. Chakraborty , Comput. Sci. Dept., CINVESTAV-IPN, Mexico City, Mexico

C. Mancillas-Lopez , Comput. Sci. Dept., CINVESTAV-IPN, Mexico City, Mexico

F. Rodriguez-Henriqueźquez , Comput. Sci. Dept., CINVESTAV-IPN, Mexico City, Mexico

P. Sarkar , Appl. Stat. Unit, Indian Stat. Inst., Kolkata, India

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2011.227

ABSTRACT

A new class of polynomials was introduced by Bernstein (Bernstein 2007) which were later named by Sarkar as BernsteinRabin-Winograd (BRW) polynomials (Sarkar 2009). For the purpose of authentication, BRW polynomials offer considerable computational advantage over usual polynomials: (m - 1) multiplications for usual polynomial hashing versus ⌊m/2⌋ multiplications and ⌈log

_{2}m⌉ squarings for BRW hashing, where m is the number of message blocks to be authenticated. In this paper, we develop an efficient pipelined hardware architecture for computing BRW polynomials. The BRW polynomials have a nice recursive structure which is amenable to parallelization. While exploring efficient ways to exploit the inherent parallelism in BRW polynomials we discover some interesting combinatorial structural properties of such polynomials. These are used to design an algorithm to decide the order of the multiplications which minimizes pipeline delays. Using the nice structural properties of the BRW polynomials we present a hardware architecture for efficient computation of BRW polynomials. Finally, we provide implementations of tweakable enciphering schemes proposed in Sarkar 2009 which use BRW polynomials. This leads to the fastest known implementation of disk encryption systems.INDEX TERMS

Polynomials, Hardware, Clocks, Frequency modulation, Vegetation, Encryption, Computer architecture,polynomial evaluation, Pipelined architecture, tweakable enciphering schemes, Karatsuba multiplier, disc encryption

CITATION

D. Chakraborty, C. Mancillas-Lopez, F. Rodriguez-Henriqueźquez, P. Sarkar, "Efficient hardware implementations of brw polynomials and tweakable enciphering schemes",

*IEEE Transactions on Computers*, vol.62, no. 2, pp. 279-294, Feb. 2013, doi:10.1109/TC.2011.227REFERENCES

- [1] IEEE P1619 Security in Storage Working Group (SISWG), IEEE CS, http:/siswg.org/, Mar. 2007.
- [2] D.J. Bernstein Polynomial Evaluation and Message Authentication, http://cr.yp.topapers.html#pema, 2011.
- [3] J.-L. Beuchat, J. Detrey, N. Estibals, E. Okamoto, and F. Rodríguez-Henríquez, “Fast Architectures for the $\eta_t$ Pairing over Small-Characteristic Supersingular Elliptic Curves,”
IEEE Trans. Computers, vol. 60, no. 2, pp. 266 -281, Feb. 2011.- [4] P. Bulens, F.-X. Standaert, J.-J. Quisquater, P. Pellegrin, and G. Rouvroy, “Implementation of the AES-128 on Virtex-5 FPGAs,”
Proc. First Int'l Conf. Cryptology in Africa (AFRICACRYPT), Serge Vaudenay, ed., pp. 16-26, 2008.- [5] D. Canright, “A Very Compact S-Box for AES,”
Proc. Seventh Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '05), J.R. Rao and B. Sunar, eds., pp. 441-455, 2005.- [6] D. Chakraborty and P. Sarkar, “A New Mode of Encryption Providing a Tweakable Strong Pseudo-Random Permutation,”
Proc. 13th Int'l Workshop Fast Software Encryption (FSE '06), Matthew J.B. Robshaw, ed., pp. 293-309, 2006.- [7] D. Chakraborty and P. Sarkar, “HCH: A New Tweakable Enciphering Scheme Using the Hash-Counter-Hash Approach,”
IEEE Trans. Information Theory, vol. 54, no. 4, pp. 1683-1699, Apr. 2008.- [8] Y. Fu, L. Hao, and X. Zhang, “Design of an Extremely High Performance Counter Mode AES Reconfigurable Processor,”
Proc. Second Int'l Conf. Embedded Software and Systems (ICESS '05), pp. 262-268, 2005.- [9] K. Gaj and P. Chodowiec, “FPGA and ASIC Implementations of AES,”
Cryptographic Engineering, Cetin Kaya Koc, ed., pp. 235-294, Springer, 2009.- [10] T. Good and M. Benaissa, “AES on FPGA from the Fastest to the Smallest,”
Proc. Seventh Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '05), J.R. Rao and B. Sunar, eds., pp. 427-440, 2005.- [11] S. Halevi, “Eme$^{{\ast}}$ : Extending eme to handle Arbitrary-Length Messages with Associated Data,”
Proc. Fifth Int'l Conf. Cryptology (INDOCRYPT), Anne Canteaut and Kapalee Viswanathan, eds., pp. 315-327, 2004.- [12] S. Halevi, “Invertible Universal Hashing and the TET Encryption Mode,”
Proc. 27th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO), Alfred Menezes, ed., pp. 412-429, 2007.- [13] S. Halevi and P. Rogaway, “A Tweakable Enciphering Mode,”
Proc. Advances in Cryptology - 23rd Ann. Int'l Cryptology Conf. (CRYPTO '03), pp. 482-499, 2003.- [14] S. Halevi and P. Rogaway, “A Parallelizable Enciphering Mode,”
Proc. Topics in Cryptology—The Cryptographers' Track at the RSA Conf. (CT-RSA '04), Tatsuaki Okamoto, ed., pp. 292-304, 2004.- [15] S.F. Hsiao and M.C. Chen, “Efficient Substructure Sharing Methods for Optimising the Inner-Product Operations in Rijndael Advanced Encryption Standard,”
IEE Proc. Computer and Digital Technology, vol. 152, no. 5, pp. 653-665, Sept. 2005.- [16] K. Jarvinen, M. Tommiska, and J. Skytta, “Comparative Survey of High-Performance Cryptographic Algorithm Implementations on FPGAs,”
IEE Proc. Information Security, vol. 152, no. 1, pp. 3-12, Oct. 2005.- [17] E. López-Trejo, F. Rodríguez Henríquez, and A. Díaz-Pérez, “An Efficient FPGA Implementation of CCM Mode Using AES,”
Proc. Int'l Conf. Information Security and Cryptology, pp. 208-215, Dec. 2005.- [18] C. Mancillas-Lopez, D. Chakraborty, and F. Rodriguez-Henriquez, “Reconfigurable Hardware Implementations of Tweakable Enciphering Schemes,”
IEEE Trans. Computers, vol. 59, no. 11, pp. 1547-1561, Nov. 2010.- [19] D.A. McGrew and S.R. Fluhrer, “The Extended Codebook (XCB) Mode of Operation,” Cryptology ePrint Archive, Report 2004/278, http:/eprint.iacr.org/, 2004.
- [20] D.A. McGrew and J. Viega, “Arbitrary Block Length Mode,” http://grouper.ieee.org/groups/1619/email pdf00005.pdf, 2004.
- [21] M.O. Rabin and S. Winograd, “Fast Evaluation of Polynomials by Rational Preparation,”
Comm. Pure and Applied Math., vol. 25, pp. 433-458, 1972.- [22] P. Sarkar, “Improving upon the TET Mode of Operation,”
Proc. 10th Int'l Conf. Information Security and Cryptology (ICISC), Kil-Hyun Nam and Gwangsoo Rhee, eds., pp. 180-192, 2007.- [23] P. Sarkar, “Efficient Tweakable Enciphering Schemes from (Block-Wise) Universal Hash Functions,”
IEEE Trans. Information Theory, vol. 55, no. 10, pp. 4749-4760, Oct. 2009.- [24] A. Satoh, T. Sugawara, and T. Aoki, “High-Performance Hardware Architectures for Galois Counter Mode,”
IEEE Trans. Computers, vol. 54, no. 7, pp. 917-930, July 2009.- [25] P. Wang, D. Feng, and W. Wu, “HCTR: A Variable-Input-Length Enciphering Mode,”
Proc. First SKLOIS Conf. Information Security and Cryptology (CISC), Dengguo Feng, Dongdai Lin, and Moti Yung, eds., pp. 175-188, 2005. |