Cryptology ePrint Archive: Report 2020/1207

FPGA Benchmarking of Round 2 Candidates in the NIST Lightweight Cryptography Standardization Process: Methodology, Metrics, Tools, and Results

Kamyar Mohajerani and Richard Haeussler and Rishub Nagpal and Farnoud Farahmand and Abubakr Abdulgadir and Jens-Peter Kaps and Kris Gaj

Abstract: Over 20 Round 2 candidates in the NIST Lightweight Cryptography (LWC) process have been implemented in hardware by groups from all over the world. In Fall 2020, all implementations compliant with the LWC Hardware API, proposed in 2019, have been submitted for FPGA benchmarking to George Mason Universityís LWC benchmarking team, who co-authored this report. The received submissions were first verified for correct functionality and compliance with the hardware APIís specification. Then, the execution times in clock cycles, have been determined using behavioral simulation, for several selected input sizes. An overhead of modifying vs. reusing a key between two consecutive inputs was quantified. The compatibility of all implementations with FPGA toolsets from three major vendors, Xilinx, Intel, and Lattice Semiconductor was verified. Optimized values of the maximum clock frequency and resource utilization metrics, such as the number of look-up tables (LUTs) and flip-flops (FFs), were obtained by running optimization tools, such as Minerva, ATHENa, and Xeda. The raw post-place and route results were then converted into values of the corresponding throughputs for long, medium-size, and short inputs. The results were presented in the form of easy to interpret graphs and tables, demonstrating the relative performance of all investigated algorithms. For a few submissions, the results of the initial design-space exploration were illustrated as well. An effort was made to make the entire process as transparent as possible and results easily reproducible by other groups.

Category / Keywords: implementation / secret-key cryptography, lightweight cryptography, authenticated ciphers, hash functions, hardware, FPGA, benchmarking

Date: received 2 Oct 2020, last revised 25 Oct 2020

Contact author: kgaj at gmu edu,jkaps@gmu edu

Available format(s): PDF | BibTeX Citation

Version: 20201025:230302 (All versions of this report)

Short URL: ia.cr/2020/1207


[ Cryptology ePrint archive ]