Score:0

Crypto

Secure symmetric cryptography for low memory/CPU systems

Begoña Garcia

10/20/23, 3:15 PM

I am looking for symmetric cryptography algorithms that can be implemented on chips with very few resources (about 256K RAM and 16MHz CPU).

An algorithm that works perfectly in this environment is RC4, however it has multiple vulnerabilities. Are there algorithms that can be implemented in this type of systems that do not have known vulnerabilities?

1 + 8

stream-cipher

rc4

Eugene Styer

10/20/23, 3:36 PM

256K should be plenty of space for AES. Also for embedded systems "few resources" would be more like 4K ROM and 128 or 256 bytes RAM (Intel MCS-51)

Begoña Garcia

10/20/23, 3:41 PM

I have implemented AES and it is too slow. It is necessary to mention that the chip performs other functions so I do not have the 256K of RAM available. In fact, I can't store the AES precomputed tables, that's why it works so slow for me. I am looking for something like RC4, which works fine for me, but I need something without vulnerabilities.

kelalaka

10/20/23, 5:20 PM

Did you see the lightweight cryptography? Simon, Speck, PRESENT, etc should be good for you...

Begoña Garcia

10/21/23, 5:04 AM

Thanks kelalaka, looks like this is just what I'm looking for. Why don't you put it as an answer?

kelalaka

10/21/23, 9:22 AM

@BegoñaGarcia that requires an implementation specific to your case. That is better if you took some implementation that is available around, test the performance, and then wrote an answer. Keep in mind that NIST required [112-bit security for them](https://crypto.stackexchange.com/q/87058/18298) this doesn't mean that one cannot get 128-bit security from a 128-bit key in lightweight cryptography.

kelalaka

10/21/23, 9:25 AM

Also, when asking, you should include your previous tests and be more specific about your requirements; the bandwidth, the space, power consumption, etc. You may specify what is really important for you and what it is not. In this way, someone with expertise on this field can answer your question much better. Though, the performance part may fall into more [so] IMHO.

Begoña Garcia

10/22/23, 9:32 AM

Thank you @kelalaka, your comments are very instructive.

kelalaka

10/27/23, 9:04 AM

See [A Survey of LightweightCryptography Implementations](https://ieeexplore.ieee.org/document/4397176). This might help you on your path. It is possible that you can compare them on your platform and publish a paper, too..

Score:1

Crypto

poncho

10/20/23, 3:29 PM

Are there algorithms that can be implemented in this type of systems that do not have known vulnerabilities?

Lots; almost any symmetric system can be implemented in 256k of RAM, and as far as a 16MHz CPU goes, well, that is only an issue if the encryption performance you require is sufficiently high.

If you want recommendations, well, that would depend on what problem you're trying to solve (e.g. are you sending and receiving encrypted traffic, or are you doing something else? Do you have a long term symmetric key you have to use, or is that negotiated by something else periodically/on reboot? What sort of crypto library is available to you? What are your performance requirements?).

Without knowing the answer to that, I am hesitant to give any concrete answer.

+ 5

Begoña Garcia

10/20/23, 3:37 PM

I have to send and receive encrypted traffic and I have to renegotiate the key periodically. I dont have any encryption library so it has to be implemented from zero in C. The algorithm has to be fast enough to be able to work in a real-time communication in a device with the mentioned characteristics.

poncho

10/20/23, 3:45 PM

"The algorithm has to be fast enough to be able to work in a real-time communication"; does it need to keep up with a 110 baud modem, or a 800Gbps optic link? Or, something in the middle? Also, is the key negotiation done externally, or is it something this needs to solve as well?

Begoña Garcia

10/20/23, 3:54 PM

I'm concerned about processing time and memory, not bandwidth.

poncho

10/20/23, 3:59 PM

@BegoñaGarcia: then, what does 'fast enough' mean?

Begoña Garcia

10/20/23, 4:10 PM

Similar performance to RC4.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Secure symmetric cryptography for low memory/CPU systems

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.