Fair Comparison of Hardware Implementations of Cryptography without Revealing the Source Codes

  Kris Gaj, Venkata Amirineni, Ekawat Homsirikamol, Marcin Rogawski, Rajesh Velegalati, and Michal Varchola

Fair comparison of hardware implementations of cryptography is at the basis of progress in cryptographic engineering. New hardware architectures and optimization techniques have to be compared vs. the current state of the art. The development of new cryptographic standards through contests, such as AES, eSTREAM, and SHA-3 competitions, requires fair comparison of multiple cryptographic algorithms in terms of their hardware efficiency.

Revealing source codes is often not an option because of the authors' concerns regarding their intellectual property rights, export restrictions, and/or possible loss of profits from licensing hardware cores.

In this talk, we report on the comprehensive environment, under development in our group, for a fair comparison of VHDL and Verilog implementations of cryptography without revealing the source codes.

Our project has been inspired by a similar environment for comparing software implementations of cryptography, developed by Daniel Bernstein and Tanja Lange, called eBACS (ECRYPT Benchmarking of Cryptographic Systems).

Our environment is based on a comprehensive set of scripts, which can be downloaded freely from the project web site, and run on computers belonging to the authors of HDL codes. The system permits the full characterization of cryptographic cores, using FPGA devices from several vendors, in particular, Xilinx, Altera, and Actel. All scripts are run in the batch mode, possibly overnight or over several days, based on the configuration files prepared by the user. The environment contains multiple features, such as an automated choice of an FPGA device within a given family, choosing optimum synthesis and optimization options, scanning through multiple placement starting points, and postprocessing of implementation reports.

With testbenches prepared according to the environment guidelines, the designs can be simulated in the batch mode, and automatically verified using functional, post-synthesis, and timing simulations.

The obtained results can be submitted for publication at the project website, together with the exact synthesis and implementation options necessary to reproduce the results. An effort is made to fully characterize the designs using their timing parameters and resource utilization.

Using our environment, the designs developed independently by various groups can be compared in a fair, transparent, and uniform fashion, using controlled environment, for multiple families of FPGA devices from various vendors.

The authors encourage the widespread use of the environment for benchmarking new and existing implementations of cryptography, and comparative analysis of competing algorithms, architectures, and implementation techniques. In particular, the proposed environment is very suitable for characterizing and comparing hardware implementations of hash functions competing in the ongoing SHA-3 contest.