Comparison of Multi-Purpose Cores of Keccak and AES
Panasayya Yallaa, Ekawat Homsirikamolb and Jens-Peter Kapsc
Department of Electrical and Computer Engineering, George Mason University, Fairfax,Virginia, USA.
Most widely used security protocols, Internet Protocol Security (IPSec), Secure Socket Layer (SSL), and Transport Layer Security (TLS), provide several cryptographic services which in turn require multiple dedicated cryptographic algorithms. A single cryptographic primitive for all secret key functions utilizing different mode of operations can overcome this constraint. This paper investigates the possibility of using AES and Keccak as the underlying primitives for high-speed and resource constrained applications. Even though a plain AES implementation is typically much smaller and has a better throughput to area ratio than a plain Keccak, adding additional cryptographic services changes the results dramatically. Our multi-purpose Keccak outperforms our multi-purpose AES by a factor of 4 for throughput over area on average. This underlines the flexibility of the Keccak Sponge and Duplex functions. Our multi-purpose Keccak achieves a throughput of 23.2 Gbps in AEmode (Keyak) on a Xilinx Virtex-7 and 28.7 Gbps on a Altera Stratix-IV. In order to study this further we also implemented two versions of a dedicated Keyak and dedicated AES-GCM. Our dedicated Keyak implementation outperforms our dedicated AES-GCM on average by a factor 6 in terms of throughput over area reaching a throughput of 28.9 Gbps and 4.1 Gbps respectively on a Xilinx Virtex-7.
Full Text (PDF)