Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors

Levent Demir; Mathieu Thiery; Vincent Roca; Jean-Michel Tenkes; Jean-Louis Roch

doi:10.5220/0009767802630270

Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors

Levent Demir, Mathieu Thiery, Vincent Roca, Jean-Michel Tenkes, Jean-Louis Roch

2020

Abstract

Linux implementation of Full Disk Encryption (FDE) relies on the dm-crypt kernel module, and is based on the XTS-AES encryption mode. However, XTS-AES is complex and can quickly become a performance bottleneck. Therefore we explore the use of cryptographic co-processors to efficiently implement the XTS-AES mode in Linux. We consider two Atmel boards that feature different cryptographic co-processors: the XTS-AES mode is completely integrated on the recent SAMA5D2 board but not on the SAMA5D3 board. We first analyze three XTS-AES implementations: a pure software implementation, an implementation that leverages the XTS-AES co-processor, and an intermediate solution. This work leads us to propose an optimization of dm-crypt, the extended request mode, that enables to encrypt/decrypt a full 4kB page at once instead of issuing eight consecutive 512 bytes requests as in the current implementation. We show that major performance gains are possible with this optimization, a SAMA5D3 board reaching the performance of a SAMA5D2 board where XTS-AES operations are totally offloaded to the dedicated cryptographic co-processor, while remaining fully compatible with the standard. Finally, we explain why bad design choices prevent this optimization to be applied to the new SAMA5D2 board and derive recommendations for future co-processor designs.

Download

Paper Citation

in Harvard Style

Demir L., Thiery M., Roca V., Tenkes J. and Roch J. (2020). Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 263-270. DOI: 10.5220/0009767802630270

in Bibtex Style

@conference{secrypt20,
author={Levent Demir and Mathieu Thiery and Vincent Roca and Jean-Michel Tenkes and Jean-Louis Roch},
title={Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={263-270},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009767802630270},
isbn={978-989-758-446-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - Optimizing dm-crypt for XTS-AES: Getting the Best of Atmel Cryptographic Co-processors
SN - 978-989-758-446-6
AU - Demir L.
AU - Thiery M.
AU - Roca V.
AU - Tenkes J.
AU - Roch J.
PY - 2020
SP - 263
EP - 270
DO - 10.5220/0009767802630270