A versatile Montgomery multiplier architecture with characteristic three support

We present a novel unified core design which is extended to realize Montgomery multiplication in the fields GF(2n), GF(3m), and GF(p). Our unified design supports RSA and elliptic curve schemes, as well as the identity-based encryption which requires a pairing computation on an elliptic curve. The architecture is pipelined and is highly scalable. The unified core utilizes the redundant signed digit representation to reduce the critical path delay. While the carry-save representation used in classical unified architectures is only good for addition and multiplication operations, the redundant signed digit representation also facilitates efficient computation of comparison and subtraction operations besides addition and multiplication. Thus, there is no need for a transformation between the redundant and the non-redundant representations of field elements, which would be required in the classical unified architectures to realize the subtraction and comparison operations. We also quantify the benefits of the unified architectures in terms of area and critical path delay. We provide detailed implementation results. The metric shows that the new unified architecture provides an improvement over a hypothetical non-unified architecture of at least 24.88%, while the improvement over a classical unified architecture is at least 32.07%

Efficient hardware implementations of high throughput SHA-3 candidates keccak, luffa and blue midnight wish for single- and multi-message hashing

In November 2007 NIST announced that it would organize the SHA-3 competition to select a new cryptographic hash function family by 2012. In the selection process, hardware performances of the candidates will play an important role. Our analysis of previously proposed hardware implementations shows that three SHA-3 candidate algorithms can provide superior performance in hardware: Keccak, Luffa and Blue Midnight Wish (BMW). In this paper, we provide efficient and fast hardware implementations of these three algorithms. Considering both single- and multi-message hashing applications with an emphasis on both speed and efficiency, our work presents more comprehensive analysis of their hardware performances by providing different performance figures for different target devices. To our best knowledge, this is the first work that provides a comparative analysis of SHA-3 candidates in multi-message applications. We discover that BMW algorithm can provide much higher throughput than previously reported if used in multi-message hashing. We also show that better utilization of resources can increase speed via different configurations. We implement our designs using Verilog HDL, and map to both ASIC and FPGA devices (Spartan3, Virtex2, and Virtex 4) to give a better comparison with those in the literature. We report total area, maximum frequency, maximum throughput and throughput/area of the designs for all target devices. Given that the selection process for SHA3 is still open; our results will be instrumental to evaluate the hardware performance of the candidates

Sphinx: A Secure Architecture Based on Binary Code Diversification and Execution Obfuscation

Sphinx, a hardware-software co-design architecture for binary code and runtime obfuscation. The Sphinx architecture uses binary code diversification and self-reconfigurable processing elements to maintain application functionality while obfuscating the binary code and architecture states to attackers. This approach dramatically reduces an attacker's ability to exploit information gained from one deployment to attack another deployment. Our results show that the Sphinx is able to decouple the program's execution time, power and memory and I/O activities from its functionality. It is also practical in the sense that the system (both software and hardware) overheads are minimal.Comment: Boston Area Architecture 2018 Workshop (BARC18

Comparative Architecture of Cryptographic Algorithms using Verilog

Applications of cryptography range over secure communications and storage. The cryptographic algorithms have found their place in the implementation of Advanced Encryption Standard, which has emerged as a widely adopted standard for its robustness and efficiency. This report begins with a comparative study regarding the architectural issues of the AES cryptographic algorithm implementation using Verilog, which is a hardware description language. This paper only focuses on the simulation of two different modes of encryption under AES, namely Cipher Block Chaining mode and Electronic Codebook mode. While simulating, the study probes into minute details of architecture for each cryptographic mode and brings out relative strengths, weaknesses, and performance characteristics. The Verilog-based simulations establish how each mode would carry out its operations at the hardware level and hence help study efficiencies and complexities. This comparative analysis is supposed to enable judgment on the trade-offs CBC and ECB modes represent in considerations like speed, resource utilization, and security. This work shall serve as a foundation for the further enhancement and optimization of AES implementations, enabling development in secure data transit and storage systems. Drawing on the conclusions of side arguments, this report lays the foundation for an investigation into the architectural intricacies of cryptographic algorithms and serves as a building block toward taking on further research in hardware-based cryptography

Sphinx: a secure architecture based on binary code diversification and execution obfuscation

Sphinx, a hardware-software co-design architecture for binary code and runtime obfuscation. The Sphinx architecture uses binary code diversification and self-reconfigurable processing elements to maintain application functionality while obfuscating the binary code and architecture states to attackers. This approach dramatically reduces an attacker’s ability to exploit information gained from one deployment to attack another deployment. Our results show that the Sphinx is able to decouple the program’s execution time, power and memory and I/O activities from its functionality. It is also practical in the sense that the system (both software and hardware) overheads are minimal.Published versio

セキュアRFIDタグチップの設計論

In this thesis, we focus on radio frequency identification (RFID) tag. We design, implement, and evaluate hardware performance of a secure tag that runs the authentication protocol based on cryptographic algorithms. The cryptographic algorithm and the pseudorandom number generator are required to be implemented in the tag. To realize the secure tag, we tackle the following four steps: (A) decision of hardware architecture for the authentication protocol, (B) selection of the cryptographic algorithm, (C) establishment of a pseudorandom number generating method, and (D) implementation and performance evaluation of a silicon chip on an RFID system.(A) The cryptographic algorithm and the pseudorandom number generator are repeatedly called for each authentication. Therefore, the impact of the time needed for the cryptographic processes on the hardware performance of the tag can be large. While low-area requirements have been mainly discussed in the previous studies, it is needed to discuss the hardware architecture for the authentication protocol from the viewpoint of the operating time. In this thesis, in order to decide the hardware architecture, we evaluate hardware performance in the sense of the operating time. As a result, the parallel architecture is suitable for hash functions that are widely used for tag authentication protocols.(B) A lot of cryptographic algorithms have been developed and hardware performance of the algorithms have been evaluated on different conditions. However, as the evaluation results depend on the conditions, it is hard to compare the previous results. In addition, the interface of the cryptographic circuits has not been paid attention. In this thesis, in order to select a cryptographic algorithm, we design the interface of the cryptographic circuits to meet with the tag, and evaluate hardware performance of the circuits on the same condition. As a result, the lightweight hash function SPONGENT-160 achieves well-balanced hardware performance.(C) Implementation of a pseudorandom number generator based on the performance evaluation results on (B) can be a method to generate pseudorandom number on the tag. On the other hand, as the cryptographic algorithm and the pseudorandom number generator are not used simultaneously on the authentication protocol. Therefore, if the cryptographic circuit could be used for pseudorandom number generation, the hardware resource on the tag can be exploited efficiently. In this thesis, we propose a pseudorandom number generating method using a hash function that is a cryptographic component of the authentication protocol. Through the evaluation of our proposed method, we establish a lightweight pseudorandom number generating method for the tag.(D) Tag authentication protocols using a cryptographic algorithm have been developed in the previous studies. However, hardware implementation and performance evaluation of a tag, which runs authentication processes, have not been studied. In this thesis, we design and do a single chip implementation of an analog front-end block and a digital processing block including the results on (A), (B), and (C). Then, we evaluate hardware performance of the tag. As a result, we show that a tag, which runs the authentication protocol based on cryptographic algorithms, is feasible.電気通信大学201

A Survey of hardware protection of design data for integrated circuits and intellectual properties

International audienceThis paper reviews the current situation regarding design protection in the microelectronics industry. Over the past ten years, the designers of integrated circuits and intellectual properties have faced increasing threats including counterfeiting, reverse-engineering and theft. This is now a critical issue for the microelectronics industry, mainly for fabless designers and intellectual properties designers. Coupled with increasing pressure to decrease the cost and increase the performance of integrated circuits, the design of a secure, efficient, lightweight protection scheme for design data is a serious challenge for the hardware security community. However, several published works propose different ways to protect design data including functional locking, hardware obfuscation, and IC/IP identification. This paper presents a survey of academic research on the protection of design data. It concludes with the need to design an efficient protection scheme based on several properties

Power Side Channels in Security ICs: Hardware Countermeasures

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations