Putting Together What Fits Together - GrÆStl
Block ciphers and hash algorithms are two of the most important cryptographic primitives in security protocols. As security becomes more and more important also in resource-constrained environments, hardware implementations of such primitives attract wide interest in order to minimize the required power and chip size. The Advanced Encryption Standard (AES) represents a de-facto standard with regard to block ciphers for more than a decade right now. The Grøstl hash function is one of the five finalists of the NIST SHA-3 hash competition, which presented its winner late in 2012.
Both AES and Grøstl are based on almost the same core components. Therefore, it seems natural to utilize these similarities in order to design a unified hardware architecture supporting both algorithms. Throughout this work, a combined architecture of AES and Grøstl, named GrÆStl, was designed and taped out as an ASIC using a 180 nm CMOS technology. The resulting architecture requires only 16.5 kGEs and is capable of computing an AES encryption and decryption in 742 and 1,025 clock cycles, respectively. Hashing of a 512-bit message according to Grøstl needs 3,093 clock cycles.
In the second part of the work, the GrÆStl design was used as a co-processor for an existing MSP430 microprocessor in order to accelerate the computations of the cryptographic primitives. Both the processor and GrÆStl were ported onto a low-cost FPGA and finally a comparison between hardware-, software-, and hardware-accelerated-implementations was accomplished.
- M. Pelnar, M. Muehlberghuber, M. Hutter, "Putting Together What Fits Together - GrAEStl",
International Conference on Smart Card Research and Advanced Applications (CARDIS), Graz, Austria, 28-30, Nov 2012