A New Approach to the Development of Cryptographic Standards Based on the Use of High-level Synthesis Tools

The growing number of candidates competing in the cryptographic contests, such as SHA-3 and CAESAR, makes the hardware performance evaluation extremely time consuming, tedious, and imprecise, especially at the early stages of the competitions. The main difficulties include the long time necessary to develop and verify Register-Transfer Level (RTL), hardware description language code of all candidates. Each candidate may have more than one variant with various security parameters that should be explored. Additionally, multiple hardware architectures targeting different performance targets need to be developed. High-Level Synthesis (HLS), based on Xilinx Vivado HLS tool, offers a potential solution to the aforementioned problems. In order to verify a validity of this approach, we have applied both the traditional RTL methodology and the newly proposed HLS-based methodology to the comparison of three classes of cryptographic algorithms: symmetric-key block ciphers, hash function, and symmetrickey authentication ciphers. Candidates rankings for SHA-3 and CAESAR contests based on the two aforementioned methodologies are compared and analyzed. Our studies have demonstrated high correlation between the rankings of the evaluated algorithms, obtained using both investigated approaches. In particular, with some exception to CAESAR contest, due to the number of candidates, after applying HLS, the algorithm rankings in terms of three major performance metrics throughput, area, and throughput to area ratio have either remained unchanged or have been affected only for algorithms with very similar RTL performance. As a part of this research, HLS coding techniques and recommended coding styles are developed. Using this approach, our code performs within 30% of its RTL counterpart for the majority of investigated algorithms. Our HLS based designs have also shown significant improvement in terms of latency as compared to the most recently published HLS survey. In particular, we have observed on average a 20% or less overhead in terms of latency for implementations in the cryptographic domain using our proposed methodology, while the recent literature reports over 250% overhead in terms of the same metric.