FPGA IMPLEMENTATION FOR ELLIPTIC CURVE CRYPTOGRAPHY OVER BINARY EXTENSION FIELD

Elliptic curve cryptography plays a crucial role in network and communication security. However, implementation of elliptic curve cryptography, especially the implementation of scalar multiplication on an elliptic curve, faces multiple challenges. One of the main challenges is side channel attacks (SCAs). SCAs pose a real threat to the conventional implementations of scalar multiplication such as binary methods (also called doubling-and-add methods). Several scalar multiplication algorithms with countermeasures against side channel attacks have been proposed. Among them, Montgomery Powering Ladder (MPL) has been shown an effective countermeasure against simple power analysis. However, MPL is still vulnerable to certain more sophisticated side channel attacks. A recently proposed modified MPL utilizes a combination of sequence masking (SM), exponent splitting (ES) and point randomization (PR). And it has shown to be one of the best countermeasure algorithms that are immune to many sophisticated side channel attacks [11]. In this thesis, an efficient hardware architecture for this algorithm is proposed and its FPGA implementation is also presented. To our best knowledge, this is the first time that this modified MPL with SM, ES, and PR has been implemented in hardware

Reliability and security in low power circuits and systems

With the massive deployment of mobile devices in sensitive areas such as healthcare and defense, hardware reliability and security have become hot research topics in recent years. These topics, although different in definition, are usually correlated. This dissertation offers an in-depth treatment on enhancing the reliability and security of low power circuits and systems. The first part of the dissertation deals with the reliability of sub-threshold designs, which use supply voltage lower than the threshold voltage (Vth) of transistors to reduce power. The exponential relationship between delay and Vth significantly jeopardizes their reliability due to process variation induced timing violations. In order to address this problem, this dissertation proposes a novel selective body biasing scheme. In the first work, the selective body biasing problem is formulated as a linearly constrained statistical optimization model, and the adaptive filtering concept is borrowed from the signal processing community to develop an efficient solution. However, since the adaptive filtering algorithm lacks theoretical justification and guaranteed convergence rate, in the second work, a new approach based on semi-infinite programming with incremental hypercubic sampling is proposed, which demonstrates better solution quality with shorter runtime. The second work deals with the security of low power crypto-processors, equipped with Random Dynamic Voltage Scaling (RDVS), in the presence of Correlation Power Analysis (CPA) attacks. This dissertation firstly demonstrates that the resistance of RDVS to CPA can be undermined by lowering power supply voltage. Then, an alarm circuit is proposed to resist this attack. However, the alarm circuit will lead to potential denial-of-service due to noise-triggered false alarms. A non-zero sum game model is then formulated and the Nash Equilibria is analyzed --Abstract, page iii

Efficient VLSI architectures for MIMO and cryptography systems

Multiple-input multiple-output (MIMO) communication systems have recently been considered as one of the most significant technology breakthroughs for modern wireless communications, due to the higher spectral efficiency and improved link reliability. The sphere decoding algorithm (SDA) has been widely used for maximum likelihood (ML) detection in MIMO systems. It is of great interest to develop low-complexity and high-speed VLSI architectures for the MIMO sphere decoders. The first part of this dissertation is focused on the low-complexity and high-speed sphere decoder design for the MIMO systems. It includes the algorithms simplification, and transformations, hardware optimization and architecture development. Specifically, we propose the layered reordered K-Best sphere decoding algorithm and dynamic K-best sphere decoding algorithm, which can significantly improve the detection performance or reduce the hardware complexity. We also present the efficient K-Best sorting architecture, which greatly simplifies the sorting operation of the K-Best SDA. In addition, we introduce the early-pruning K-Best SD scheme, which eliminates the unlikely candidate at early decoding stages, thus saves computational complexity and power consumptions. For the conventional sphere decoder design, we develop the parallel and pipeline interleaved sphere decoder architecture, which considerably increases the decoding throughput with negligible extra complexity. Finally, we design the efficient radius and list updating units for the list sphere decoder, which increases the speed of obtaining the new radius and reduces the complexity for generating the new candidate list. The wireless communication technologies are widely used for the benefits of portability and flexibility. However, the wireless security is extremely important to protect the private and sensitive information since the communication medium, the airwave, is shared and open to the public. Cryptography is the most standard and efficient way for information protection. The second part of this thesis is thus dedicated to the high-speed and efficient architecture design for the cryptography systems including ECC and Tate pairing. We propose an efficient fast architecture for the ECC in Lopez-Dahab projective coordinates. Compared with the conventional point operation implementations, the point addition and doubling operations can be significantly accelerated with reasonable hardware overhead by applying parallel processing and hardware reusing. Moreover, we develop a complexity reduction scheme and an overlapped processing architecture for the Tate pairing in characteristic three. The proposed architecture can achieve over 2 times speedup compared with conventional sequential implementations for the Duursma-Lee and Kwon-BGOS algorithms