Resource-Constrained Encryption: Extending Ibex with a QARMA Hardware Accelerator

The increasing prevalence of IoT devices calls for the need for strong, but efficient cryptography. In this paper we present two instruction set extensions for the lightweight encryption cipher QARMA-64 to the RISC-V instruction set, implemented for the Ibex core. The first extension performs the entire algorithm in hardware, divided over ten instructions. The second extension takes a more granular approach and instead implements the basic operations that the algorithm uses as custom instructions. The first extension achieves a speedup of ~600x over the software implementation and a binary size reduction of over 2x. It achieves these results at the cost of an added field-programmable gate array (FPGA) utilization over the base Ibex design of 43.9% and 18.7% for, respectively, the number of lookup tables (LUTs) and flip-flops (FFs). The application-specific integrated circuit (ASIC) area for synthesis is increased by 92.4% over the base design. The second extension achieves a speedup of ~19x over the software version while roughly maintaining the same binary size. This extension increases the number of utilized LUTs and FFs respectively by only 0.1% and 4.9%. The ASIC area for this design is increased by only 5.1%. The power consumption for the first extension is estimated at 543μW and for the second extension at 468μW.