Paper 2022/1697

RISC-V Instruction Set Extensions for Lightweight Symmetric Cryptography

Hao Cheng, University of Luxembourg
Johann Großschädl, University of Luxembourg
Ben Marshall, PQShield Ltd
Dan Page, University of Bristol
Thinh Pham, University of Bristol

The NIST LightWeight Cryptography (LWC) selection process aims to standardise cryptographic functionality which is suitable for resource-constrained devices. Since the outcome is likely to have significant, long-lived impact, careful evaluation of each submission with respect to metrics explicitly outlined in the call is imperative. Beyond the robustness of submissions against cryptanalytic attack, metrics related to their implementation (e.g., execution latency and memory footprint) form an important example. Aiming to provide evidence allowing richer evaluation with respect to such metrics, this paper presents the design, implementation, and evaluation of one separate Instruction Set Extension (ISE) for each of the 10 LWC final round submissions, namely Ascon, Elephant, GIFT-COFB, Grain-128AEADv2, ISAP, PHOTON-Beetle, Romulus, Sparkle, TinyJAMBU, and Xoodyak; although we base the work on use of RISC-V, we argue that it provides more general insight.

Available format(s)
Publication info
Published by the IACR in TCHES 2023
ISA ISE lightweight cryptography
Contact author(s)
hao cheng @ uni lu
johann groszschaedl @ uni lu
daniel page @ bristol ac uk
2022-12-10: approved
2022-12-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Hao Cheng and Johann Großschädl and Ben Marshall and Dan Page and Thinh Pham},
      title = {RISC-V Instruction Set Extensions for Lightweight Symmetric Cryptography},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1697},
      year = {2022},
      doi = {10.46586/tches.v2023.i1.193-237},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.