loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Levent Demir 1 ; Mathieu Thiery 1 ; Vincent Roca 2 ; Jean-Michel Tenkes 3 and Jean-Louis Roch 4

Affiliations: 1 Incas ITSec, France, Univ. Grenoble Alpes, Inria, France ; 2 Incas ITSec, France ; 3 Univ. Grenoble Alpes, Inria, France ; 4 Univ. Grenoble Alpes, Grenoble INP, LIG, France

Keyword(s): Full Disk Encryption, XTS-AES, Linux dm-crypt Module, Cryptographic Co-processor, Atmel Board.

Abstract: Linux implementation of Full Disk Encryption (FDE) relies on the dm-crypt kernel module, and is based on the XTS-AES encryption mode. However, XTS-AES is complex and can quickly become a performance bottleneck. Therefore we explore the use of cryptographic co-processors to efficiently implement the XTS-AES mode in Linux. We consider two Atmel boards that feature different cryptographic co-processors: the XTS-AES mode is completely integrated on the recent SAMA5D2 board but not on the SAMA5D3 board. We first analyze three XTS-AES implementations: a pure software implementation, an implementation that leverages the XTS-AES co-processor, and an intermediate solution. This work leads us to propose an optimization of dm-crypt, the extended request mode, that enables to encrypt/decrypt a full 4kB page at once instead of issuing eight consecutive 512 bytes requests as in the current implementation. We show that major performance gains are possible with this optimization, a SAMA5D3 board rea ching the performance of a SAMA5D2 board where XTS-AES operations are totally offloaded to the dedicated cryptographic co-processor, while remaining fully compatible with the standard. Finally, we explain why bad design choices prevent this optimization to be applied to the new SAMA5D2 board and derive recommendations for future co-processor designs. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.235.186.149

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Demir, L.; Thiery, M.; Roca, V.; Tenkes, J. and Roch, J. (2020). Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors. In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-446-6; ISSN 2184-7711, SciTePress, pages 263-270. DOI: 10.5220/0009767802630270

@conference{secrypt20,
author={Levent Demir. and Mathieu Thiery. and Vincent Roca. and Jean{-}Michel Tenkes. and Jean{-}Louis Roch.},
title={Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2020},
pages={263-270},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009767802630270},
isbn={978-989-758-446-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors
SN - 978-989-758-446-6
IS - 2184-7711
AU - Demir, L.
AU - Thiery, M.
AU - Roca, V.
AU - Tenkes, J.
AU - Roch, J.
PY - 2020
SP - 263
EP - 270
DO - 10.5220/0009767802630270
PB - SciTePress