Cryptology ePrint Archive: Report 2020/930

The design of scalar AES Instruction Set Extensions for RISC-V

Ben Marshall and G. Richard Newell and Dan Page and Markku-Juhani O. Saarinen and Claire Wolf

Abstract: Secure, efficient execution of AES is an essential requirement for most computing platforms. Dedicated Instruction Set Extensions (ISEs) are often included for this purpose. RISC-V is a (relatively) new ISA that lacks such a standardised ISE. We survey the state-of-the-art industrial and academic ISEs for AES, implement and evaluate five different ISEs, one of which is novel, and make recommendations for standardisation. We consider the side-channel security implications of the ISE designs, demonstrating how an implementation of one candidate ISE can be hardened against DPA-style attacks. We also explore how the proposed standard Bit-manipulation extension to RISC-V can be harnessed for efficient implementation of AES-GCM. Our work supports the ongoing RISC-V cryptography extension standardisation process.

Category / Keywords: implementation / AES, RISC-V, ISE

Date: received 27 Jul 2020, last revised 31 Jul 2020

Contact author: ben marshall at bristol ac uk

Available format(s): PDF | BibTeX Citation

Version: 20200731:101834 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]