253 research outputs found
FPGA IMPLEMENTATION FOR ELLIPTIC CURVE CRYPTOGRAPHY OVER BINARY EXTENSION FIELD
Elliptic curve cryptography plays a crucial role in network and communication security. However, implementation of elliptic curve cryptography, especially the implementation of scalar multiplication on an elliptic curve, faces multiple challenges. One of the main challenges is side channel attacks (SCAs). SCAs pose a real threat to the conventional implementations of scalar multiplication such as binary methods (also called doubling-and-add methods). Several scalar multiplication algorithms with countermeasures against side channel attacks have been proposed. Among them, Montgomery Powering Ladder (MPL) has been shown an effective countermeasure against simple power analysis. However, MPL is still vulnerable to certain more sophisticated side channel attacks. A recently proposed modified MPL utilizes a combination of sequence masking (SM), exponent splitting (ES) and point randomization (PR). And it has shown to be one of the best countermeasure algorithms that are immune to many sophisticated side channel attacks [11]. In this thesis, an efficient hardware architecture for this algorithm is proposed and its FPGA implementation is also presented. To our best knowledge, this is the first time that this modified MPL with SM, ES, and PR has been implemented in hardware
Algorithms and cryptographic protocols using elliptic curves
En els darrers anys, la criptografia amb corbes el.lÃptiques ha
adquirit una importà ncia creixent, fins a arribar a formar part en
la actualitat de diferents està ndards industrials. Tot i que s'han
dissenyat variants amb corbes el.lÃptiques de criptosistemes
clà ssics, com el RSA, el seu mà xim interès rau en la seva
aplicació en criptosistemes basats en el Problema del Logaritme
Discret, com els de tipus ElGamal. En aquest cas, els
criptosistemes el.lÃptics garanteixen la mateixa seguretat que els
construïts sobre el grup multiplicatiu d'un cos finit primer, però
amb longituds de clau molt menor.
Mostrarem, doncs, les bones propietats d'aquests criptosistemes,
aixà com els requeriments bà sics per a que una corba
sigui criptogrà ficament útil, estretament relacionat amb la seva
cardinalitat. Revisarem alguns mètodes que permetin descartar
corbes no criptogrà ficament útils, aixà com altres que permetin
obtenir corbes bones a partir d'una de donada. Finalment,
descriurem algunes aplicacions, com són el seu ús en Targes
Intel.ligents i sistemes RFID, per concloure amb alguns avenços
recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent
years, and today represents a cornerstone in many industrial
standards. Although elliptic curve variants of classical
cryptosystems such as RSA exist, the full potential of elliptic
curve cryptography is displayed in cryptosystems based on the
Discrete Logarithm Problem, such as ElGamal. For these, elliptic
curve cryptosystems guarantee the same security levels as their
finite field analogues, with the additional advantage of using
significantly smaller key sizes.
In this report we show the positive properties of elliptic curve
cryptosystems, and the requirements a curve must meet to be
useful in this context, closely related to the number of points.
We survey methods to discard cryptographically uninteresting
curves as well as methods to obtain other useful curves from
a given one. We then describe some real world applications
such as Smart Cards and RFID systems and conclude with a
snapshot of recent developments in the field
Using Random Digit Representation for Elliptic Curve Scalar Multiplication
Elliptic Curve Cryptography (ECC) was introduced independently by Miller and Koblitz in 1986. Compared to the integer factorization based Rivest-Shamir-Adleman (RSA) cryptosystem, ECC provides shorter key length with the same security level. Therefore, it has advantages in terms of storage requirements, communication bandwidth and computation time. The core and the most time-consuming operation of ECC is scalar multiplication, where the scalar is an integer of several hundred bits long.
Many algorithms and methodologies have been proposed to speed up the scalar multiplication operation. For example, non-adjacent form (NAF), window-based NAF (wNAF), double bases form, multi-base non-adjacent form and so on. The random digit representation (RDR) scheme can represent any scalar using a set that contains random odd digits including the digit 1. The RDR scheme is efficient in terms of the average number of non-zeros and it also provides resistance to power analysis attacks.
In this thesis, we propose a variant of the RDR scheme. The proposed variant, referred to as implementation-friendly recoding algorithm (IFRA), is advantageous over RDR in hardware implementation for two reasons. First, IFRA uses simple operations such as scan, match, and shift. Second, it requires no long adder to update the scalar. In this thesis we also investigate the average density of non-zero digits of IFRA. It is shown that the average density of the variant is close to the average density of RDR. Moreover, a hardware implementation of the variant scheme is presented using pre-computed values stored in one dual-port memory. A performance comparison for different recoding schemes is presented by demonstrating the run-time efficiency of IFRA compared to other recoding schemes. Finally, the IFRA is applied to scalar multiplication on ECC and we compare its computation time against those based on NAF, wNAF, and RDR
Key Randomization Countermeasures to Power Analysis Attacks on Elliptic Curve Cryptosystems
It is essential to secure the implementation of cryptosystems in
embedded devices agains side-channel attacks. Namely, in order to
resist differential (DPA) attacks, randomization techniques should be
employed to decorrelate the data processed by the device from
secret key parts resulting in the value of this data. Among the
countermeasures that appeared in the literature were those that
resulted in a random representation of the key known as the binary
signed digit representation (BSD). We have discovered some interesting
properties related to the number of possible BSD representations for
an integer and we have proposed a different randomization
algorithm. We have also carried our study to the -adic
representation of integers which is employed in elliptic curve
cryptosystems (ECCs) using Koblitz curves. We have then dealt with
another randomization countermeasure which is based on randomly
splitting the key. We have investigated the secure employment of this
countermeasure in the context of ECCs
Randomized Mixed-Radix Scalar Multiplication
A covering system of congruences can be defined as a set of congruence
relations of the form: for satisfying the property that for
every integer in , there exists at least an index such that . First, we show that most existing
scalar multiplication algorithms can be formulated in terms of covering
systems of congruences. Then, using a special form of covering systems called
exact \mbox{-covers}, we present a novel uniformly randomized scalar
multiplication algorithm with built-in protections against various types of
side-channel attacks. This algorithm can be an alternative to Coron\u27s scalar
blinding technique for elliptic curves, in particular when the choice of a
particular finite field tailored for speed compels to use a large random
factor
Survey for Performance & Security Problems of Passive Side-channel Attacks Countermeasures in ECC
The main objective of the Internet of Things is to interconnect everything around us to obtain information which was unavailable to us before, thus enabling us to make better decisions. This interconnection of things involves security issues for any Internet of Things key technology. Here we focus on elliptic curve cryptography (ECC) for embedded devices, which offers a high degree of security, compared to other encryption mechanisms. However, ECC also has security issues, such as Side-Channel Attacks (SCA), which are a growing threat in the implementation of cryptographic devices. This paper analyze the state-of-the-art of several proposals of algorithmic countermeasures to prevent passive SCA on ECC defined over prime fields. This work evaluates the trade-offs between security and the performance of side-channel attack countermeasures for scalar multiplication algorithms without pre-computation, i.e. for variable base point.
Although a number of results are required to study the state-of-the-art of side-channel attack in elliptic curve cryptosystems, the interest of this work is to present explicit solutions that may be used for the future implementation of security mechanisms suitable for embedded devices applied to Internet of Things. In addition security problems for the countermeasures are also analyzed
Randomizing scalar multiplication using exact covering systems of congruences
A covering system of congruences can be defined as a set of congruence relations of the form: for satisfying the property that for every integer in , there exists at least an index such that . First, we show that most existing scalar multiplication algorithms can be formulated in terms of covering systems of congruences. Then, using a special form of covering systems called exact -covers, we present a novel uniformly randomized scalar multiplication algorithm that may be used to counter differential side-channel attacks, and more generally physical attacks that require multiple executions of the algorithm. This algorithm can be an alternative to Coron\u27s scalar blinding technique for elliptic curves, in particular when the choice of a particular finite field tailored for speed compels to use a large random factor
- …