Speeding up the elliptic curve scalar multiplication using the window- w non adjacent form

Nowadays, elliptic curve based cryptosystem is an efficient public key cryptosystem, The very expensive operation in this cryptographic protocol is the elliptic curve scalar multiplication (elliptic curve point multiplication). Efforts have been mainly focused on developing efficient algorithms for representing the scalar which is involved of elliptic curve scalar multiplication. One of these is using the window- w non adjacent form method. In the present work, the accelerating elliptic curve scalar multiplication using the window- w non adjacent form method is proposed, where the number of operations in the elliptic curve scalar multiplication has been reduced. The expected gain is about 20%, 14% and 7.6% comparing with using the anther methods to compute the elliptic curve scalar multiplication. 20%

Randomizing scalar multiplication using exact covering systems of congruences

A covering system of congruences can be defined as a set of congruence relations of the form: $\{r_1 \pmod{m_1}, r_2 \pmod{m_2}, \dots, r_t \pmod{m_t}\}$ for $m_1, \dots, m_t \in \N$ satisfying the property that for every integer $k$ in $\Z$, there exists at least an index $i \in \{1, \dots, t\}$ such that $k \equiv r_i \pmod{m_i}$. First, we show that most existing scalar multiplication algorithms can be formulated in terms of covering systems of congruences. Then, using a special form of covering systems called exact $n$-covers, we present a novel uniformly randomized scalar multiplication algorithm that may be used to counter differential side-channel attacks, and more generally physical attacks that require multiple executions of the algorithm. This algorithm can be an alternative to Coron\u27s scalar blinding technique for elliptic curves, in particular when the choice of a particular finite field tailored for speed compels to use a large random factor

Using Random Digit Representation for Elliptic Curve Scalar Multiplication

Elliptic Curve Cryptography (ECC) was introduced independently by Miller and Koblitz in 1986. Compared to the integer factorization based Rivest-Shamir-Adleman (RSA) cryptosystem, ECC provides shorter key length with the same security level. Therefore, it has advantages in terms of storage requirements, communication bandwidth and computation time. The core and the most time-consuming operation of ECC is scalar multiplication, where the scalar is an integer of several hundred bits long. Many algorithms and methodologies have been proposed to speed up the scalar multiplication operation. For example, non-adjacent form (NAF), window-based NAF (wNAF), double bases form, multi-base non-adjacent form and so on. The random digit representation (RDR) scheme can represent any scalar using a set that contains random odd digits including the digit 1. The RDR scheme is efficient in terms of the average number of non-zeros and it also provides resistance to power analysis attacks. In this thesis, we propose a variant of the RDR scheme. The proposed variant, referred to as implementation-friendly recoding algorithm (IFRA), is advantageous over RDR in hardware implementation for two reasons. First, IFRA uses simple operations such as scan, match, and shift. Second, it requires no long adder to update the scalar. In this thesis we also investigate the average density of non-zero digits of IFRA. It is shown that the average density of the variant is close to the average density of RDR. Moreover, a hardware implementation of the variant scheme is presented using pre-computed values stored in one dual-port memory. A performance comparison for different recoding schemes is presented by demonstrating the run-time efficiency of IFRA compared to other recoding schemes. Finally, the IFRA is applied to scalar multiplication on ECC and we compare its computation time against those based on NAF, wNAF, and RDR

High-Efficiency Self-Adjusting Switched Capacitor DC-DC Converter with Binary Resolution

Switched-Capacitor Converters (SCC) suffer from a fundamental power loss deficiency which make their use in some applications prohibitive. The power loss is due to the inherent energy dissipation when SCC operate between or outside their output target voltages. This drawback was alleviated in this work by developing two new classes of SCC providing binary and arbitrary resolution of closely spaced target voltages. Special attention is paid to SCC topologies of binary resolution. Namely, SCC systems that can be configured to have a no-load output to input voltage ratio that is equal to any binary fraction for a given number of bits. To this end, we define a new number system and develop rules to translate these numbers into SCC hardware that follows the algebraic behavior. According to this approach, the flying capacitors are automatically kept charged to binary weighted voltages and consequently the resolution of the target voltages follows a binary number representation and can be made higher by increasing the number of capacitors (bits). The ability to increase the number of target voltages reduces the spacing between them and, consequently, increases the efficiency when the input varies over a large voltage range. The thesis presents the underlining theory of the binary SCC and its extension to the general radix case. Although the major application is in step-down SCC, a simple method to utilize these SCC for step-up conversion is also described, as well as a method to reduce the output voltage ripple. In addition, the generic and unified model is strictly applied to derive the SCC equivalent resistor, which is a measure of the power loss. The theoretical predictions are verified by simulation and experimental results

On Binary Signed Digit Representations of Integers

Applications of signed digit representations of an integer include computer arith-metic, cryptography, and digital signal processing. An integer of length n bits can have several binary signed digit (BSD) representations and their number depends on its value and varies with its length. In this paper, we present an algorithm that calculates the exact number of BSD representations of an integer of a certain length. We formulate the integer that has the maximum number of BSD representations among all integers of the same length. We also present an algorithm to generate a random BSD representation for an integer starting from the most significant end and its modified version which gener-ates all possible BSD representations. We show how the number of BSD representations of k increases as we prepend 0s to its binary representation.

Key Randomization Countermeasures to Power Analysis Attacks on Elliptic Curve Cryptosystems

It is essential to secure the implementation of cryptosystems in embedded devices agains side-channel attacks. Namely, in order to resist differential (DPA) attacks, randomization techniques should be employed to decorrelate the data processed by the device from secret key parts resulting in the value of this data. Among the countermeasures that appeared in the literature were those that resulted in a random representation of the key known as the binary signed digit representation (BSD). We have discovered some interesting properties related to the number of possible BSD representations for an integer and we have proposed a different randomization algorithm. We have also carried our study to the $\tau$-adic representation of integers which is employed in elliptic curve cryptosystems (ECCs) using Koblitz curves. We have then dealt with another randomization countermeasure which is based on randomly splitting the key. We have investigated the secure employment of this countermeasure in the context of ECCs