Customized FPGA Implementation of Authenticated Lightweight Cipher Fountain for IoT Systems

Abstract

Authenticated Encryption with Associated-Data (AEAD) can ensure both confidentiality and integrity of information in encrypted communication. Distinctive variants are customized from AEAD to satisfy various requirements. In this paper, we take a 128-bit lightweight AEAD stream cipher Fountain as an example. We provide a general cryptographic solution with three Fountain variants. These three variants are for encryption, message authentication code (MAC) generation, and authenticated encryption with associated data, respectively. Besides, we propose area-saved and throughput-improved strategies for the FPGA implementation of Fountain. The conventional paralleled hardware implementation leads to much resource-consuming with higher parallel width. We propose a hybrid architecture with parallel and serial update modes simultaneously. We also analyze the trade-off between area occupation and authentication latency for those two architectures. According to our discussion, hybrid architectures can perform efficiently with higher throughput than most ciphers, including Grain-128 x32. Our Fountain keystream generator occupies 46 slices on Spartan-3 FPGAs, smaller than most ciphers with the same security level, and even smaller than the 80-bit security level cipher Trivium. In summary, the customized Fountain with optimized implementations on FPGA is suitable for various applications in the field of IoT.