Optimizing AES-GCM on ARM Cortex-M4: A Fixslicing and FACE-Based Approach

Hyunjun Kim; Hwajeong Seo

Paper 2025/512

Optimizing AES-GCM on ARM Cortex-M4: A Fixslicing and FACE-Based Approach

Hyunjun Kim, Hansung University

Hwajeong Seo, Hansung University

Abstract

The Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) delivers both confidentiality and integrity yet poses performance and security challenges on resource-limited microcontrollers. In this paper, we present an optimized AES-GCM implementation for the ARM Cortex-M4 that combines Fixslicing AES with the FACE (Fast AES-CTR Encryption) strategy, significantly reducing redundant computations in AES-CTR. We further examine two GHASH implementations—a 4-bit Table-based approach and a Karatsuba-based constant-time variant—to balance speed, memory usage, and resistance to timing attacks. Our evaluations on an STM32F4 microcontroller show that Fixslicing+FACE reduces AES-128 GCTR cycle counts by up to 19.41\%, while the Table-based GHASH achieves nearly double the speed of its Karatsuba counterpart. These results confirm that, with the right mix of bitslicing optimizations, counter-mode caching, and lightweight polynomial multiplication, secure and efficient AES-GCM can be attained even on low-power embedded devices.

Metadata

Available format(s): PDF
Category: Implementation
Publication info: Preprint.
Keywords: AES-GCM ARM Cortex-M4 Optimized Implementation Embedded Systems
Contact author(s): khj930704 @ gmail com
hwajeong84 @ gmail com
History: 2025-03-21: approved; 2025-03-19: received; See all versions
Short URL: https://ia.cr/2025/512
License: CC0

BibTeX

@misc{cryptoeprint:2025/512,
      author = {Hyunjun Kim and Hwajeong Seo},
      title = {Optimizing {AES}-{GCM} on {ARM} Cortex-M4: A Fixslicing and {FACE}-Based Approach},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/512},
      year = {2025},
      url = {https://eprint.iacr.org/2025/512}
}