Cryptology ePrint Archive: Report 2012/050

Investigating the Potential of Custom Instruction Set Extensions for SHA-3 Candidates on a 16-bit Microcontroller Architecture

Jeremy Constantin and Andreas Burg and Frank K. Gurkaynak

Abstract: In this paper, we investigate the benefit of instruction set extensions for software implementations of all five SHA-3 candidates. To this end, we start from optimized assembly code for a common 16-bit microcontroller instruction set architecture. By themselves, these implementations provide reference for complexity of the algorithms on 16-bit architectures, commonly used in embedded systems. For each algorithm, we then propose suitable instruction set extensions and implement the modified processor core. We assess the gains in throughput, memory consumption, and the area overhead. Our results show that with less than 10% additional area, it is possible to increase the execution speed on average by almost 40%, while reducing memory requirements on average by more than 40%. In particular, the Grøstl algorithm, which was one of the slowest algorithms in previous reference implementations, ends up being the fastest implementation by some margin, once minor (but dedicated) instruction set extensions are taken into account.

Category / Keywords: implementation / SHA-3, Hash Functions, Implementation, VLSI, Instruction Set Extensions, Assembler

Publication Info: Submitted to FSE2012, not accepted for publication, revised for eprint

Date: received 1 Feb 2012

Contact author: kgf at ee ethz ch

Available format(s): PDF | BibTeX Citation

Version: 20120206:153016 (All versions of this report)

Short URL: ia.cr/2012/050

Discussion forum: Show discussion | Start new discussion