Comparison of Three CPU-Core Families for IoT Applications in Terms of Security and Performance of AES-GCM

• Published in: IEEE internet of things journal Vol. 7; no. 1; pp. 339 - 348
• Main Authors: Sovyn, Yaroslav, Khoma, Volodymyr, Podpora, Michal
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.01.2020; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: AES-GCM; Algorithms; authenticated encryption with associated data (AEAD); carry-less multiplication; Central processing units; Computer architecture; CPUs; Embedded systems; Encryption; GF(2¹²⁸) multiplication; Internet of Things; IoT; Microprocessors; Multiplication; Processors; Program processors; Protocols; side-channel attack; simple power analysis; timing analysis
• ISSN: 2327-4662; 2327-4662
• DOI: 10.1109/JIOT.2019.2953230

This article describes the implementation of the AES-GCM for IoT-oriented low-end 8/16/32-bit general-purpose processors. Although various aspects of implementations of the AES-GCM for high-end processors and hardware were examined in detail, the low-end processors to a lesser extent. This article estimates the speed and memory demand for various approaches to ensuring resistance to attacks, such as timing analysis and simple power analysis by ensuring the constant algorithm execution time. A particular attention is paid to the low-level multiplication implementation in GF (2 128 ) for each architecture as a key galois/counter mode operation, because low-end processors do not have ready-made instructions for carry-less multiplication. For each AVR/MSP430/ARM Cortex-M3 processor core, a constant time implementation of carry-less multiplication is proposed, the performance of which approaches the Not Constant Time algorithm.