Efficient Side-Channel Aware Elliptic Curve Cryptosystems over Prime Fields

Elliptic Curve Cryptosystems (ECCs) are utilized as an alternative to traditional public-key cryptosystems, and are more suitable for resource limited environments due to smaller parameter size. In this dissertation we carry out a thorough investigation of side-channel attack aware ECC implementations over finite fields of prime characteristic including the recently introduced Edwards formulation of elliptic curves, which have built-in resiliency against simple side-channel attacks. We implement Joye\u27s highly regular add-always scalar multiplication algorithm both with the Weierstrass and Edwards formulation of elliptic curves. We also propose a technique to apply non-adjacent form (NAF) scalar multiplication algorithm with side-channel security using the Edwards formulation. Our results show that the Edwards formulation allows increased area-time performance with projective coordinates. However, the Weierstrass formulation with affine coordinates results in the simplest architecture, and therefore has the best area-time performance as long as an efficient modular divider is available

Fast, uniform, and compact scalar multiplication for elliptic curves and genus 2 Jacobians with applications to signature schemes

We give a general framework for uniform, constant-time one-and two-dimensional scalar multiplication algorithms for elliptic curves and Jacobians of genus 2 curves that operate by projecting to the x-line or Kummer surface, where we can exploit faster and more uniform pseudomultiplication, before recovering the proper "signed" output back on the curve or Jacobian. This extends the work of L{\'o}pez and Dahab, Okeya and Sakurai, and Brier and Joye to genus 2, and also to two-dimensional scalar multiplication. Our results show that many existing fast pseudomultiplication implementations (hitherto limited to applications in Diffie--Hellman key exchange) can be wrapped with simple and efficient pre-and post-computations to yield competitive full scalar multiplication algorithms, ready for use in more general discrete logarithm-based cryptosystems, including signature schemes. This is especially interesting for genus 2, where Kummer surfaces can outperform comparable elliptic curve systems. As an example, we construct an instance of the Schnorr signature scheme driven by Kummer surface arithmetic

Efficient Arithmetic for the Implementation of Elliptic Curve Cryptography

The technology of elliptic curve cryptography is now an important branch in public-key based crypto-system. Cryptographic mechanisms based on elliptic curves depend on the arithmetic of points on the curve. The most important arithmetic is multiplying a point on the curve by an integer. This operation is known as elliptic curve scalar (or point) multiplication operation. A cryptographic device is supposed to perform this operation efficiently and securely. The elliptic curve scalar multiplication operation is performed by combining the elliptic curve point routines that are defined in terms of the underlying finite field arithmetic operations. This thesis focuses on hardware architecture designs of elliptic curve operations. In the first part, we aim at finding new architectures to implement the finite field arithmetic multiplication operation more efficiently. In this regard, we propose novel schemes for the serial-out bit-level (SOBL) arithmetic multiplication operation in the polynomial basis over F_2^m. We show that the smallest SOBL scheme presented here can provide about 26-30\% reduction in area-complexity cost and about 22-24\% reduction in power consumptions for F_2^{163} compared to the current state-of-the-art bit-level multiplier schemes. Then, we employ the proposed SOBL schemes to present new hybrid-double multiplication architectures that perform two multiplications with latency comparable to the latency of a single multiplication. Then, in the second part of this thesis, we investigate the different algorithms for the implementation of elliptic curve scalar multiplication operation. We focus our interest in three aspects, namely, the finite field arithmetic cost, the critical path delay, and the protection strength from side-channel attacks (SCAs) based on simple power analysis. In this regard, we propose a novel scheme for the scalar multiplication operation that is based on processing three bits of the scalar in the exact same sequence of five point arithmetic operations. We analyse the security of our scheme and show that its security holds against both SCAs and safe-error fault attacks. In addition, we show how the properties of the proposed elliptic curve scalar multiplication scheme yields an efficient hardware design for the implementation of a single scalar multiplication on a prime extended twisted Edwards curve incorporating 8 parallel multiplication operations. Our comparison results show that the proposed hardware architecture for the twisted Edwards curve model implemented using the proposed scalar multiplication scheme is the fastest secure SCA protected scalar multiplication scheme over prime field reported in the literature

Private and Public-Key Side-Channel Threats Against Hardware Accelerated Cryptosystems

Modern side-channel attacks (SCA) have the ability to reveal sensitive data from non-protected hardware implementations of cryptographic accelerators whether they be private or public-key systems. These protocols include but are not limited to symmetric, private-key encryption using AES-128, 192, 256, or public-key cryptosystems using elliptic curve cryptography (ECC). Traditionally, scalar point (SP) operations are compelled to be high-speed at any cost to reduce point multiplication latency. The majority of high-speed architectures of contemporary elliptic curve protocols rely on non-secure SP algorithms. This thesis delivers a novel design, analysis, and successful results from a custom differential power analysis attack on AES-128. The resulting SCA can break any 16-byte master key the sophisticated cipher uses and it\u27s direct applications towards public-key cryptosystems will become clear. Further, the architecture of a SCA resistant scalar point algorithm accompanied by an implementation of an optimized serial multiplier will be constructed. The optimized hardware design of the multiplier is highly modular and can use either NIST approved 233 & 283-bit Kobliz curves utilizing a polynomial basis. The proposed architecture will be implemented on Kintex-7 FPGA to later be integrated with the ARM Cortex-A9 processor on the Zynq-7000 AP SoC (XC7Z045) for seamless data transfer and analysis of the vulnerabilities SCAs can exploit

Set It and Forget It! Turnkey ECC for Instant Integration

Historically, Elliptic Curve Cryptography (ECC) is an active field of applied cryptography where recent focus is on high speed, constant time, and formally verified implementations. While there are a handful of outliers where all these concepts join and land in real-world deployments, these are generally on a case-by-case basis: e.g.\ a library may feature such X25519 or P-256 code, but not for all curves. In this work, we propose and implement a methodology that fully automates the implementation, testing, and integration of ECC stacks with the above properties. We demonstrate the flexibility and applicability of our methodology by seamlessly integrating into three real-world projects: OpenSSL, Mozilla's NSS, and the GOST OpenSSL Engine, achieving roughly 9.5x, 4.5x, 13.3x, and 3.7x speedup on any given curve for key generation, key agreement, signing, and verifying, respectively. Furthermore, we showcase the efficacy of our testing methodology by uncovering flaws and vulnerabilities in OpenSSL, and a specification-level vulnerability in a Russian standard. Our work bridges the gap between significant applied cryptography research results and deployed software, fully automating the process

An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations

With the expansion of wireless sensor networks (WSNs), the need for securing the data flow through these networks is increasing. These sensor networks allow for easy-to-apply and flexible installations which have enabled them to be used for numerous applications. Due to these properties, they face distinct information security threats. Security of the data flowing through across networks provides the researchers with an interesting and intriguing potential for research. Design of these networks to ensure the protection of data faces the constraints of limited power and processing resources. We provide the basics of wireless sensor network security to help the researchers and engineers in better understanding of this applications field. In this chapter, we will provide the basics of information security with special emphasis on WSNs. The chapter will also give an overview of the information security requirements in these networks. Threats to the security of data in WSNs and some of their counter measures are also presented

Fault attacks on RSA and elliptic curve cryptosystems

This thesis answered how a fault attack targeting software used to program EEPROM can threaten hardware devices, for instance IoT devices. The successful fault attacks proposed in this thesis will certainly warn designers of hardware devices of the security risks their devices may face on the programming leve

Theory and Practice of Cryptography and Network Security Protocols and Technologies

In an age of explosive worldwide growth of electronic data storage and communications, effective protection of information has become a critical requirement. When used in coordination with other tools for ensuring information security, cryptography in all of its applications, including data confidentiality, data integrity, and user authentication, is a most powerful tool for protecting information. This book presents a collection of research work in the field of cryptography. It discusses some of the critical challenges that are being faced by the current computing world and also describes some mechanisms to defend against these challenges. It is a valuable source of knowledge for researchers, engineers, graduate and doctoral students working in the field of cryptography. It will also be useful for faculty members of graduate schools and universities

A microcoded elliptic curve cryptographic processor.

Leung Ka Ho.Thesis (M.Phil.)--Chinese University of Hong Kong, 2001.Includes bibliographical references (leaves [85]-90).Abstracts in English and Chinese.Abstract --- p.iAcknowledgments --- p.iiiList of Figures --- p.ixList of Tables --- p.xiChapter 1 --- Introduction --- p.1Chapter 1.1 --- Motivation --- p.1Chapter 1.2 --- Aims --- p.3Chapter 1.3 --- Contributions --- p.3Chapter 1.4 --- Thesis Outline --- p.4Chapter 2 --- Cryptography --- p.6Chapter 2.1 --- Introduction --- p.6Chapter 2.2 --- Foundations --- p.6Chapter 2.3 --- Secret Key Cryptosystems --- p.8Chapter 2.4 --- Public Key Cryptosystems --- p.9Chapter 2.4.1 --- One-way Function --- p.10Chapter 2.4.2 --- Certification Authority --- p.10Chapter 2.4.3 --- Discrete Logarithm Problem --- p.11Chapter 2.4.4 --- RSA vs. ECC --- p.12Chapter 2.4.5 --- Key Exchange Protocol --- p.13Chapter 2.4.6 --- Digital Signature --- p.14Chapter 2.5 --- Secret Key vs. Public Key Cryptography --- p.16Chapter 2.6 --- Summary --- p.18Chapter 3 --- Mathematical Background --- p.19Chapter 3.1 --- Introduction --- p.19Chapter 3.2 --- Groups and Fields --- p.19Chapter 3.3 --- Finite Fields --- p.21Chapter 3.4 --- Modular Arithmetic --- p.21Chapter 3.5 --- Polynomial Basis --- p.21Chapter 3.6 --- Optimal Normal Basis --- p.22Chapter 3.6.1 --- Addition --- p.23Chapter 3.6.2 --- Squaring --- p.24Chapter 3.6.3 --- Multiplication --- p.24Chapter 3.6.4 --- Inversion --- p.30Chapter 3.7 --- Summary --- p.33Chapter 4 --- Literature Review --- p.34Chapter 4.1 --- Introduction --- p.34Chapter 4.2 --- Hardware Elliptic Curve Implementation --- p.34Chapter 4.2.1 --- Field Processors --- p.34Chapter 4.2.2 --- Curve Processors --- p.36Chapter 4.3 --- Software Elliptic Curve Implementation --- p.36Chapter 4.4 --- Summary --- p.38Chapter 5 --- Introduction to Elliptic Curves --- p.39Chapter 5.1 --- Introduction --- p.39Chapter 5.2 --- Historical Background --- p.39Chapter 5.3 --- Elliptic Curves over R2 --- p.40Chapter 5.3.1 --- Curve Addition and Doubling --- p.41Chapter 5.4 --- Elliptic Curves over Finite Fields --- p.44Chapter 5.4.1 --- Elliptic Curves over Fp with p>〉3 --- p.44Chapter 5.4.2 --- Elliptic Curves over F2n --- p.45Chapter 5.4.3 --- Operations of Elliptic Curves over F2n --- p.46Chapter 5.4.4 --- Curve Multiplication --- p.49Chapter 5.5 --- Elliptic Curve Discrete Logarithm Problem --- p.51Chapter 5.6 --- Public Key Cryptography --- p.52Chapter 5.7 --- Elliptic Curve Diffie-Hellman Key Exchange --- p.54Chapter 5.8 --- Summary --- p.55Chapter 6 --- Design Methodology --- p.56Chapter 6.1 --- Introduction --- p.56Chapter 6.2 --- CAD Tools --- p.56Chapter 6.3 --- Hardware Platform --- p.59Chapter 6.3.1 --- FPGA --- p.59Chapter 6.3.2 --- Reconfigurable Hardware Computing --- p.62Chapter 6.4 --- Elliptic Curve Processor Architecture --- p.63Chapter 6.4.1 --- Arithmetic Logic Unit (ALU) --- p.64Chapter 6.4.2 --- Register File --- p.68Chapter 6.4.3 --- Microcode --- p.69Chapter 6.5 --- Parameterized Module Generator --- p.72Chapter 6.6 --- Microcode Toolkit --- p.73Chapter 6.7 --- Initialization by Bitstream Reconfiguration --- p.74Chapter 6.8 --- Summary --- p.75Chapter 7 --- Results --- p.76Chapter 7.1 --- Introduction --- p.76Chapter 7.2 --- Elliptic Curve Processor with Serial Multiplier (p = 1) --- p.76Chapter 7.3 --- Projective verses Affine Coordinates --- p.78Chapter 7.4 --- Elliptic Curve Processor with Parallel Multiplier (p > 1) --- p.79Chapter 7.5 --- Summary --- p.80Chapter 8 --- Conclusion --- p.82Chapter 8.1 --- Recommendations for Future Research --- p.83Bibliography --- p.85Chapter A --- Elliptic Curves in Characteristics 2 and3 --- p.91Chapter A.1 --- Introduction --- p.91Chapter A.2 --- Derivations --- p.91Chapter A.3 --- "Elliptic Curves over Finite Fields of Characteristic ≠ 2,3" --- p.92Chapter A.4 --- Elliptic Curves over Finite Fields of Characteristic = 2 --- p.94Chapter B --- Examples of Curve Multiplication --- p.95Chapter B.1 --- Introduction --- p.95Chapter B.2 --- Numerical Results --- p.9