Performance analysis of MAC algorithms : Benchmarking for Automotive Embedded Systems

Abstract

The rapid digitalization of automotive systems has heightened the demand for efficient cryptographic mechanisms to ensure message integrity and authenticity in resource-constrained embedded environments, such as Electronic Control Units (ECUs). This thesis evaluates the computational performance of nine Message Authentication Code (MAC) algorithms—SipHash, Chaskey, ASCON-MAC, ASCONPRFshort, Poly1305, KMAC256, AES-CMAC, BLAKE2, and BLAKE3—across three heterogeneous platforms: an x86 laptop (Intel Core i5-1145G7), a Raspberry Pi 4 (ARM Cortex-A72), and an Infineon AURIX TC397 microcontroller with integrated Hardware Security Module (HSM). Benchmarks focus on short messages (8- and 16-byte payloads typical of CAN frames), measuring latency, CPU cycles, throughput, memory footprint, and code size to address the trade-offs between security, performance, and real-time determinism.

Results reveal platform-specific hierarchies: lightweight ARX-based MACs (SipHash, Chaskey, Poly1305) dominate software implementations, achieving sub-microsecond latencies and high throughput, while ASCON variants offer balanced, moderate performance; hash- and sponge-based algorithms (BLAKE3, KMAC256) lag due to their fixed overheads. HSM acceleration yields a speedup for AES-CMAC on TC397, outperforming software but trailing lightweight alternatives. A novel benchmarking framework, publicly available on GitHub, enables reproducible cross-platform analysis.

This work provides empirical guidance for selecting automotive MACs, informing next-generation ECU architectures and fostering continued optimization, offering both practical advice and a foundation for future advancements in automotive cybersecurity.