A Hardware Evaluation of a NIST Lightweight Cryptography Candidate

• Main Author: Coleman, Flora Anne
• Other Authors: Electrical and Computer Engineering
• Format: Others
• Published: Virginia Tech 2020
• Subjects: Lightweight Cryptography; Side Channel Analysis; FPGA; ARX
• Online Access: http://hdl.handle.net/10919/98758

The continued expansion of the Internet of Things (IoT) in recent years has introduced a myriad of concerns about its security. There have been numerous examples of IoT devices being attacked, demonstrating the need for integrated security. The vulnerability of data transfers in the IoT can be addressed using cryptographic protocols. However, IoT devices are resource-constrained which makes it difficult for them to support existing standards. To address the need for new, standardized lightweight cryptographic algorithms, the National Institute of Standards and Technology (NIST) began a Lightweight Cryptography Standardization Process. This work analyzes the Sparkle (Schwaemm and Esch) submission to the process from a hardware based perspective. Two baseline implementations are created, along with one implementation designed to be resistant to side channel analysis and an incremental implementation included for analysis purposes. The implementations use the Hardware API for Lightweight Cryptography to facilitate an impartial evaluation. The results indicate that the side channel resistant implementation resists leaking data while consuming approximately three times the area of the unprotected, incremental implementation and experiencing a 27% decrease in throughput. This work examines how all of these implementations perform, and additionally provides analysis of how they compare to other works of a similar nature. === Master of Science === In today's society, interactions with connected, data-sharing devices have become common. For example, devices like "smart" watches, remote access home security systems, and even connected vending machines have been adopted into many people's day to day routines. The Internet of Things (IoT) is the term used to describe networks of these interconnected devices. As the number of these connected devices continues to grow, there is an increased focus on the security of the IoT. Depending on the type of IoT application, a variety of different types of data can be transmitted. One way in which these data transfers can be protected is through the use of cryptographic protocols. The use of cryptography can provide assurances during data transfers. For example, it can prevent an attacker from reading the contents of a sensitive message. There are several well studied cryptographic protocols in use today. However, many of these protocols were intended for use in more traditional computing platforms. IoT devices are typically much smaller in size than traditional computing platforms. This makes it difficult for them to support these well studied protocols. Therefore, there have been efforts to investigate and standardize new lightweight cryptographic protocols which are well suited for smaller IoT devices. This work analyzes several hardware implementations of an algorithm which was proposed as a submission to the National Institute of Standards and Technology (NIST) Lightweight Cryptography Standardization Process. The analysis focuses on metrics which can be used to evaluate its suitability for IoT devices.