60 research outputs found
Java Π±ΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠ° Π΄Π»Ρ ΡΠ°Π±ΠΎΡΡ Ρ ΡΠ»Π»ΠΈΠΏΡΠΈΡΠ΅ΡΠΊΠΈΠΌΠΈ ΠΊΡΠΈΠ²ΡΠΌΠΈ
Π Π½Π°ΡΡΠΎΡΡΠ΅Π΅ Π²ΡΠ΅ΠΌΡ ΡΠ»Π»ΠΈΠΏΡΠΈΡΠ΅ΡΠΊΠ°Ρ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΠΈΡ Π°ΠΊΡΠΈΠ²Π½ΠΎ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΡΡΡΡ Π² ΠΏΡΠΎΡΠΎΠΊΠΎΠ»Π°Ρ
SSH, Π² ΠΊΡΠΈΠΏΡΠΎΠ²Π°Π»ΡΡΠ°Ρ
, Π² ΠΏΡΠΎΡΠΎΠΊΠΎΠ»Π°Ρ
ΡΠ»Π΅ΠΊΡΡΠΎΠ½Π½ΠΎΠ³ΠΎ Π³ΠΎΠ»ΠΎΡΠΎΠ²Π°Π½ΠΈΡ ΠΈ Π²ΠΎ ΠΌΠ½ΠΎΠ³ΠΈΡ
Π΄ΡΡΠ³ΠΈΡ
ΡΡΠ΅ΡΠ°Ρ
. Π ΠΏΠΎΠ΄ΠΎΠ±Π½ΡΡ
ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΡΡ
ΡΠΈΡΡΠ΅ΠΌΠ°Ρ
ΡΡΠ°Π²ΠΈΡΡΡ ΡΠΏΠΎΡ Π½Π° Π²ΡΡΠΎΠΊΠΈΠΉ ΡΡΠΎΠ²Π΅Π½Ρ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ ΠΈ ΠΏΠΎΠ²ΡΡΠ΅Π½Π½ΡΡ ΠΏΡΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡΠ΅Π»ΡΠ½ΠΎΡΡΡ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΠΌΡΡ
ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΈΡ
ΠΏΡΠΈΠΌΠΈΡΠΈΠ²ΠΎΠ², ΡΡΠΎ ΠΎΠ±ΡΡΠ»Π°Π²Π»ΠΈΠ²Π°Π΅Ρ Π°ΠΊΡΡΠ°Π»ΡΠ½ΠΎΡΡΡ ΠΏΡΠΎΠ²Π΅Π΄Π΅Π½ΠΈΡ Π°Π½Π°Π»ΠΈΠ·Π° ΠΈ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΡΠ°Π·Π»ΠΈΡΠ½ΡΡ
ΠΌΠ΅ΡΠΎΠ΄ΠΎΠ² ΡΠ»Π»ΠΈΠΏΡΠΈΡΠ΅ΡΠΊΠΎΠΉ ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΠΈΠΈ. Π Π΄Π°Π½Π½ΠΎΠΉ ΡΡΠ°ΡΡΠ΅ Π΄Π°Π΅ΡΡΡ ΠΎΠΏΠΈΡΠ°Π½ΠΈΠ΅ ΡΠ°Π·ΡΠ°Π±ΠΎΡΠ°Π½Π½ΠΎΠΉ ΠΏΠΎΠ΄ ΡΠ·ΡΠΊ Java ΠΊΡΠΈΠΏΡΠΎΠ³ΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠΉ Π±ΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠΈ Π΄Π»Ρ ΡΠ°Π±ΠΎΡΡ Ρ ΡΠ»Π»ΠΈΠΏΡΠΈΡΠ΅ΡΠΊΠΈΠΌΠΈ ΠΊΡΠΈΠ²ΡΠΌΠΈ. ΠΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠ° ΡΠΎΠ΄Π΅ΡΠΆΠΈΡ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΡ ΠΎΡΠ½ΠΎΠ²Π½ΡΡ
ΠΎΠΏΠ΅ΡΠ°ΡΠΈΠΉ Π΄Π»Ρ ΡΠ°ΠΊΠΈΡ
ΡΠΎΡΠΌ ΠΊΡΠΈΠ²ΡΡ
ΠΊΠ°ΠΊ: ΠΊΠ°Π½ΠΎΠ½ΠΈΡΠ΅ΡΠΊΠ°Ρ ΠΊΡΠΈΠ²Π°Ρ ΠΠ΅ΠΉΠ΅ΡΡΡΡΠ°ΡΡΠ°, ΠΊΡΠΈΠ²Π°Ρ ΠΠ΄Π²Π°ΡΠ΄ΡΠ°, ΠΊΠ²Π°ΡΡΠΈΠΊΠ° Π―ΠΊΠΎΠ±ΠΈ. ΠΡΠ»ΠΈ ΡΠ΅Π°Π»ΠΈΠ·ΠΎΠ²Π°Π½ ΡΡΠ½ΠΊΡΠΈΠΎΠ½Π°Π» Π΄Π»Ρ ΡΠ°Π·Π»ΠΈΡΠ½ΡΡ
ΠΊΠΎΠΎΡΠ΄ΠΈΠ½Π°ΡΠ½ΡΡ
ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΈΠΉ ΡΠΎΡΠ΅ΠΊ, Π° ΡΠ°ΠΊΠΆΠ΅ ΡΠ΅Π°Π»ΠΈΠ·ΠΎΠ²Π°Π½Ρ Π°Π»Π³ΠΎΡΠΈΡΠΌΡ ΡΠΊΠ°Π»ΡΡΠ½ΠΎΠ³ΠΎ ΡΠΌΠ½ΠΎΠΆΠ΅Π½ΠΈΡ ΡΠ°ΠΊΠΈΠ΅ ΠΊΠ°ΠΊ: NAF, mbNAF ΠΈ ΠΈΡ
βΠΎΠΊΠΎΠ½Π½ΡΠ΅β Π²Π°ΡΠΈΠ°Π½ΡΡ, Π»Π΅ΡΡΠ½ΠΈΡΠ° ΠΠΎΠ½ΡΠ³ΠΎΠΌΠ΅ΡΠΈ. ΠΡΠΈΠ²ΠΎΠ΄ΠΈΡΡΡ ΡΡΠ°Π²Π½Π΅Π½ΠΈΠ΅ Π±ΡΡΡΡΠΎΠ΄Π΅ΠΉΡΡΠ²ΠΈΡ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΡΡΠ°Π½Π΄Π°ΡΡΠ° ΡΠ»Π΅ΠΊΡΡΠΎΠ½Π½ΠΎΠΉ ΡΠΈΡΡΠΎΠ²ΠΎΠΉ ΠΏΠΎΠ΄ΠΏΠΈΡΠΈ ECDSA Ρ ΡΡΡΠ΅ΡΡΠ²ΡΡΡΠΈΠΌ ΡΠ΅ΡΠ΅Π½ΠΈΠ΅ΠΌ ΠΈΠ· ΠΏΠ°ΠΊΠ΅ΡΠ° java.security
Customisable arithmetic hardware designs
Imperial Users onl
A novel high speed GF (2173) elliptic curve crypto-processor.
Leung Pak Keung.Thesis (M.Phil.)--Chinese University of Hong Kong, 2003.Includes bibliographical references (leaves 69-70).Abstracts in English and Chinese.Chapter Chapter 1 --- Introduction --- p.1Chapter 1.1 --- Introduction to Elliptic Curve Crypto-processor --- p.1Chapter 1.2 --- Aims --- p.2Chapter 1.3 --- Contributions --- p.2Chapter 1.4 --- Thesis Outline --- p.3Chapter Chapter 2 --- Cryptography --- p.5Chapter 2.1 --- Introduction to Cryptography --- p.5Chapter 2.2 --- Public-key Cryptosystems --- p.6Chapter 2.3 --- Secret-key Cryptosystems --- p.9Chapter 2.4 --- Discrete Logarithm Problem --- p.9Chapter 2.5 --- Comparison between ECC and RSA --- p.10Chapter 2.6 --- Summary --- p.13Chapter Chapter 3 --- Mathematical Background in Number Systems --- p.14Chapter 3.1 --- Introduction to Number Systems --- p.14Chapter 3.2 --- "Groups, Rings and Fields" --- p.14Chapter 3.3 --- Finite Fields --- p.15Chapter 3.4 --- Modular Arithmetic --- p.16Chapter 3.5 --- Optimal Normal Basis --- p.16Chapter 3.5.1 --- What is a Normal Basis? --- p.17Chapter 3.5.2 --- Addition --- p.17Chapter 3.5.3 --- Squaring --- p.18Chapter 3.5.4 --- Multiplication --- p.19Chapter 3.5.5 --- Optimal Normal Basis --- p.19Chapter 3.5.6 --- Generation of the Lambda Matrix --- p.20Chapter 3.5.7 --- Inversion --- p.22Chapter 3.6 --- Summary --- p.24Chapter Chapter 4 --- Introduction to Elliptic Curve Mathematics --- p.26Chapter 4.1 --- Introduction --- p.26Chapter 4.2 --- Mathematical Background of Elliptic Curves --- p.26Chapter 4.3 --- Elliptic Curve over Real Number System --- p.27Chapter 4.3.1 --- Order of the Elliptic Curves --- p.28Chapter 4.3.2 --- Negation of Point P --- p.28Chapter 4.3.3 --- Point at Infinity --- p.28Chapter 4.3.4 --- Elliptic Curve Addition --- p.29Chapter 4.3.5 --- Elliptic Curve Doubling --- p.30Chapter 4.3.6 --- Equations of Curve Addition and Curve Doubling --- p.31Chapter 4.4 --- Elliptic Curve over Finite Fields Number System --- p.32Chapter 4.4.1 --- Elliptic Curve Operations in Optimal Normal Basis Number System --- p.32Chapter 4.4.2 --- Elliptic Curve Operations in Projective Coordinates --- p.33Chapter 4.4.3 --- Elliptic Curve Equations in Projective Coordinates --- p.34Chapter 4.5 --- Curve Multiplication --- p.36Chapter 4.6 --- Elliptic Curve Discrete Logarithm Problem --- p.37Chapter 4.7 --- Public-key Cryptography in Elliptic Curve Cryptosystem --- p.38Chapter 4.8 --- Diffie-Hellman Key Exchange in Elliptic Curve Cryptosystem --- p.38Chapter 4.9 --- Summary --- p.39Chapter Chapter 5 --- Design Architecture --- p.40Chapter 5.1 --- Introduction --- p.40Chapter 5.2 --- Criteria for the Low Power System Design --- p.40Chapter 5.3 --- Simplification in ONB Curve Addition Equations over Projective Coordinates --- p.41Chapter 5.4 --- Finite Field Adder Architecture --- p.43Chapter 5.5 --- Finite Field Squaring Architecture --- p.43Chapter 5.6 --- Finite Field Multiplier Architecture --- p.44Chapter 5.7 --- 3-way Parallel Finite Field Multiplier --- p.46Chapter 5.8 --- Finite Field Arithmetic Logic Unit --- p.47Chapter 5.9 --- Elliptic Curve Crypto-processor Control Unit --- p.50Chapter 5.10 --- Register Unit --- p.52Chapter 5.11 --- Summary --- p.53Chapter Chapter 6 --- Specifications and Communication Protocol of the IC --- p.54Chapter 6.1 --- Introduction --- p.54Chapter 6.2 --- Specifications --- p.54Chapter 6.3 --- Communication Protocol --- p.57Chapter Chapter 7 --- Results --- p.59Chapter 7.1 --- Introduction --- p.59Chapter 7.2 --- Results of the Public-key Cryptography --- p.59Chapter 7.3 --- Results of the Session-key Cryptography --- p.62Chapter 7.4 --- Comparison with the Existing Crypto-processor --- p.65Chapter 7.5 --- Power Consumption --- p.66Chapter Chapter 8 --- Conclusion --- p.68Bibliography --- p.69Appendix --- p.71173-bit Type II ONB Multiplication Table --- p.71Layout View of the Elliptic Curve Crypto-processor --- p.76Schematics of the Elliptic Curve Crypto-processor --- p.77Schematics of the System Level Design --- p.78Schematics of the I/O Control Interface --- p.79Schematics of the Curve Multiplication Module --- p.80Schematics of the Curve Addition Module --- p.81Schematics of the Curve Doubling Module --- p.82Schematics of the Field Inversion Module --- p.83Schematics of the Register Unit --- p.84Schematics of the Datapath --- p.85Schematics of the Finite Field ALU --- p.86Schematics of the 3-way Parallel Multiplier --- p.87Schematics of the Multiplier Elements --- p.88Schematics of the Field Adder --- p.89Schematics of Demultiplexer --- p.90Schematics of the Control of the Demultiplexer --- p.9
BINARY EDWARDS CURVES IN ELLIPTIC CURVE CRYPTOGRAPHY
Edwards curves are a new normal form for elliptic curves that exhibit some cryp- tographically desirable properties and advantages over the typical Weierstrass form. Because the group law on an Edwards curve (normal, twisted, or binary) is complete and unified, implementations can be safer from side channel or exceptional procedure attacks. The different types of Edwards provide a better platform for cryptographic primitives, since they have more security built into them from the mathematic foun- dation up.
Of the three types of Edwards curvesβoriginal, twisted, and binaryβthere hasnβt been as much work done on binary curves. We provide the necessary motivation and background, and then delve into the theory of binary Edwards curves. Next, we examine practical considerations that separate binary Edwards curves from other recently proposed normal forms. After that, we provide some of the theory for bi- nary curves that has been worked on for other types already: pairing computations. We next explore some applications of elliptic curve and pairing-based cryptography wherein the added security of binary Edwards curves may come in handy. Finally, we finish with a discussion of e2c2, a modern C++11 library weβve developed for Edwards Elliptic Curve Cryptography
Koblitz curves over quadratic fields
In this work, we retake an old idea that Koblitz presented in
his landmark paper, where he suggested the possibility of defining anomalous elliptic curves over the base field F4. We present a careful implementation of the base and quadratic field arithmetic required for computing the scalar multiplication operation in such curves. We also introduce two ordinary Koblitz-like elliptic curves defined over F4 that are equipped with efficient endomorphisms. To the best of our knowledge these endomorphisms have not been reported before. In order to achieve a fast reduction procedure, we adopted a redundant trinomial strategy that embeds elements of the field F4^m, with m a prime number, into a ring of higher order defined by an almost irreducible trinomial. We also present a number of techniques that allow us to take full advantage of the native vector instructions of high-end microprocessors. Our software library achieves the fastest timings reported for the computation of the timing-protected scalar multiplication on Koblitz curves, and competitive timings with respect to the speed records established recently in the computation of the scalar multiplication over binary and prime fields
Low-Resource and Fast Elliptic Curve Implementations over Binary Edwards Curves
Elliptic curve cryptography (ECC) is an ideal choice for low-resource applications because it provides the same level of security with smaller key sizes than other existing public key encryption schemes. For low-resource applications, designing efficient functional units for elliptic curve computations over binary fields results in an effective platform for an embedded co-processor. This thesis investigates co-processor designs for area-constrained devices. Particularly, we discuss an implementation utilizing state of the art binary Edwards curve equations over mixed point addition and doubling. The binary Edwards curve offers the security advantage that it is complete and is, therefore, immune to the exceptional points attack. In conjunction with Montgomery ladder, such a curve is naturally immune to most types of simple power and timing attacks. Finite field operations were performed in the small and efficient Gaussian normal basis. The recently presented formulas for mixed point addition by K. Kim, C. Lee, and C. Negre at Indocrypt 2014 were found to be invalid, but were corrected such that the speed and register usage were maintained. We utilize corrected mixed point addition and doubling formulas to achieve a secure, but still fast implementation of a point multiplication on binary Edwards curves. Our synthesis results over NIST recommended fields for ECC indicate that the proposed co-processor requires about 50% fewer clock cycles for point multiplication and occupies a similar silicon area when compared to the most recent in literature
On the Analysis of Public-Key Cryptologic Algorithms
The RSA cryptosystem introduced in 1977 by Ron Rivest, Adi Shamir and Len Adleman is the most commonly deployed public-key cryptosystem. Elliptic curve cryptography (ECC) introduced in the mid 80's by Neal Koblitz and Victor Miller is becoming an increasingly popular alternative to RSA offering competitive performance due the use of smaller key sizes. Most recently hyperelliptic curve cryptography (HECC) has been demonstrated to have comparable and in some cases better performance than ECC. The security of RSA relies on the integer factorization problem whereas the security of (H)ECC is based on the (hyper)elliptic curve discrete logarithm problem ((H)ECDLP). In this thesis the practical performance of the best methods to solve these problems is analyzed and a method to generate secure ephemeral ECC parameters is presented. The best publicly known algorithm to solve the integer factorization problem is the number field sieve (NFS). Its most time consuming step is the relation collection step. We investigate the use of graphics processing units (GPUs) as accelerators for this step. In this context, methods to efficiently implement modular arithmetic and several factoring algorithms on GPUs are presented and their performance is analyzed in practice. In conclusion, it is shown that integrating state-of-the-art NFS software packages with our GPU software can lead to a speed-up of 50%. In the case of elliptic and hyperelliptic curves for cryptographic use, the best published method to solve the (H)ECDLP is the Pollard rho algorithm. This method can be made faster using classes of equivalence induced by curve automorphisms like the negation map. We present a practical analysis of their use to speed up Pollard rho for elliptic curves and genus 2 hyperelliptic curves defined over prime fields. As a case study, 4 curves at the 128-bit theoretical security level are analyzed in our software framework for Pollard rho to estimate their practical security level. In addition, we present a novel many-core architecture to solve the ECDLP using the Pollard rho algorithm with the negation map on FPGAs. This architecture is used to estimate the cost of solving the Certicom ECCp-131 challenge with a cluster of FPGAs. Our design achieves a speed-up factor of about 4 compared to the state-of-the-art. Finally, we present an efficient method to generate unique, secure and unpredictable ephemeral ECC parameters to be shared by a pair of authenticated users for a single communication. It provides an alternative to the customary use of fixed ECC parameters obtained from publicly available standards designed by untrusted third parties. The effectiveness of our method is demonstrated with a portable implementation for regular PCs and Android smartphones. On a Samsung Galaxy S4 smartphone our implementation generates unique 128-bit secure ECC parameters in 50 milliseconds on average
Automatic generation of high speed elliptic curve cryptography code
Apparently, trust is a rare commodity when power, money or life itself are at stake. History is full of examples. Julius Caesar did not trust his generals, so that: ``If he had anything confidential to say, he wrote it in cipher, that is, by so changing the order of the letters of the alphabet, that not a word could be made out. If anyone wishes to decipher these, and get at their meaning, he must substitute the fourth letter of the alphabet, namely D, for A, and so with the others.''
And so the history of cryptography began moving its first steps. Nowadays, encryption has decayed from being an emperor's prerogative and became a daily life operation. Cryptography is pervasive, ubiquitous and, the best of all, completely transparent to the unaware user. Each time we buy something on the Internet we use it. Each time we search something on Google we use it. Everything without (almost) realizing that it silently protects our privacy and our secrets.
Encryption is a very interesting instrument in the "toolbox of security" because it has very few side effects, at least on the user side. A particularly important one is the intrinsic slow down that its use imposes in the communications. High speed cryptography is very important for the Internet, where busy servers proliferate. Being faster is a double advantage: more throughput and less server overhead. In this context, however, the public key algorithms starts with a big handicap. They have very bad performances if compared to their symmetric counterparts. Due to this reason their use is often reduced to the essential operations, most notably key exchanges and digital signatures. The high speed public key cryptography challenge is a very practical topic with serious repercussions in our technocentric world. Using weak algorithms with a reduced key length to increase the performances of a system can lead to catastrophic results.
In 1985, Miller and Koblitz independently proposed to use the group of rational points of an elliptic curve over a finite field to create an asymmetric algorithm. Elliptic Curve Cryptography (ECC) is based on a problem known as the ECDLP (Elliptic Curve Discrete Logarithm Problem) and offers several advantages with respect to other more traditional encryption systems such as RSA and DSA. The main benefit is that it requires smaller keys to provide the same security level since breaking the ECDLP is much harder. In addition, a good ECC implementation can be very efficient both in time and memory consumption, thus being a good candidate for performing high speed public key cryptography. Moreover, some elliptic curve based techniques are known to be extremely resilient to quantum computing attacks, such as the SIDH (Supersingular Isogeny Diffie-Hellman).
Traditional elliptic curve cryptography implementations are optimized by hand taking into account the mathematical properties of the underlying algebraic structures, the target machine architecture and the compiler facilities. This process is time consuming, requires a high degree of expertise and, ultimately, error prone. This dissertation' ultimate goal is to automatize the whole optimization process of cryptographic code, with a special focus on ECC. The framework presented in this thesis is able to produce high speed cryptographic code by automatically choosing the best algorithms and applying a number of code-improving techniques inspired by the compiler theory. Its central component is a flexible and powerful compiler able to translate an algorithm written in a high level language and produce a highly optimized C code for a particular algebraic structure and hardware platform. The system is generic enough to accommodate a wide array of number theory related algorithms, however this document focuses only on optimizing primitives based on elliptic curves defined over binary fields
Speeding up Elliptic Curve Scalar Multiplication without Precomputation
This paper presents a series of Montgomery scalar multiplication algorithms on general short Weierstrass curves over odd characteristic fields, which need only 12 field multiplications plus 12 ~ 20 field additions per scalar bit using 8 ~ 10 field registers, thus significantly outperform the binary NAF method on average. Over binary fields, the Montgomery scalar multiplication algorithm which was presented at the first CHES workshop by LΒ΄opez and Dahab has been a favorite of ECC implementors, due to its nice properties such as high efficiency outperforming the binary NAF, natural SPA-resistance, generality coping with all ordinary curves and implementation easiness. Over odd characteristic fields, the new scalar multiplication algorithms are the first ones featuring all these properties. Building-blocks of our contribution are new efficient differential addition-and-doubling formulae and a novel conception of on-the-fly adaptive coordinates which softly represent points occurring during a scalar multiplication not only in accordance with the basepoint but also bits of the given scalar. Importantly, the new algorithms are equipped with built-in countermeasures against known side-channel attacks, while it is shown that previous Montgomery ladder algorithms with the randomized addressing countermeasure fail to thwart attacks exploiting address-dependent leakage
- β¦