Exploring security-performance trade-offs during hardware accelerator design of stream cipher RC4

Ubiquitous information exchange and processing require low cost and secure cryptographic primitives. RC4 is one of the most popular stream ciphers with well-known strengths and weaknesses. Though it is primarily designed as a software stream cipher, recent results show that it can be implemented on a small area with encryption speed matching that of hardware-oriented stream ciphers. An accelerator implementation for a cryptographically stronger version of RC4, dubbed RC4+, is presented in this paper. We present, for the first time, the performance overhead incurred to prevent combinatorial attacks on RC4. We also emphasize the notion of trading-off security against performance by introducing various intermediate designs. In the process, we propose, for the first time, a novel pipeline structure for RC4, which can achieve 2 bytes per cycle throughput by using dual-port SRAMs.