Paper 2019/824

Hardware Implementations of NIST Lightweight Cryptographic Candidates: A First Look

Behnaz Rezvani, Flora Coleman, Sachin Sachin, and William Diehl

Abstract

Achieving security in the Internet of Things (IoT) is challenging. The need for lightweight yet robust cryptographic solutions suitable for the IoT calls for improved design and implementation of constructs such as authenticated encryption with associated data (AEAD) which can ensure confidentiality, integrity, and authenticity of data in one algorithm. The U.S. National Institute of Standards and Technology (NIST) has embarked on a multi-year effort called the lightweight cryptography (LWC) standardization process to evaluate lightweight AEAD and optional hash algorithms for inclusion in U.S. federal standards. As candidates are evaluated for many characteristics including hardware resources and performance, obtaining results of hardware implementations as early as possible is preferable. In this work, we implement six NIST LWC Round 2 candidate ciphers, SpoC, GIFT-COFB, COMET-AES, COMET-CHAM, Ascon, and Schwaemm and Esch, in the Artix-7, Spartan-6, and Cyclone-V FPGAs. Implementations are compliant with the newly-released hardware (HW) applications programming interface (API) for lightweight cryptography and are tested in actual hardware. We also provide the average power and energy per bit of our implementations at 40 MHz. Results indicate that SpoC has the smallest area and power, while Ascon has the highest throughput-to-area (TPA) ratio.