Fast bit-level, word-level and parallel arithmetic in finite fields for elliptic curve cryptosystems

Computer and network security has recently become a popular subject due to the explosive growth of the Internet and the migration of commerce practices to the electronic medium. Thus the authenticity and privacy of the information transmitted and the data stored on networked computers is of utmost importance. The deployment of network security procedures requires the implementation of cryptographic functions. More specifically, these include encryption, decryption, authentication, digital signature algorithms and message-digest functions. Performance has always been the most critical characteristic of a cryptographic function, which determines its effectiveness. In this thesis, we concentrate on developing high-speed algorithms and architectures for number theoretic cryptosystems. Our work is mainly focused on implementing elliptic curve cryptosystems efficiently, which requires space- and time-efficient implementations of arithmetic operations over finite fields. We introduce new methods for arithmetic operations over finite fields. Methodologies such as precomputation, residue number system representation, and parallel computation are adopted to obtain efficient algorithms that are applicable on a variety of cryptographic systems and subsystems. Since arithmetic operations in finite fields also have applications in coding theory and computer algebra, the methods proposed in this thesis are applicable to these applications as well

Performance Evaluation of Optimal Ate Pairing on Low-Cost Single Microprocessor Platform

The framework of low-cost interconnected devices forms a new kind of cryptographic environment with diverse requirements. Due to the minimal resource capacity of the devices, light-weight cryptographic algorithms are favored. Many applications of IoT work autonomously and process sensible data, which emphasizes security needs, and might also cause a need for specific security measures. A bilinear pairing is a mapping based on groups formed by elliptic curves over extension fields. The pairings are the key-enabler for versatile cryptosystems, such as certificateless signatures and searchable encryption. However, they have a major computational overhead, which coincides with the requirements of the low-cost devices. Nonetheless, the bilinear pairings are the only known approach for many cryptographic protocols so their feasibility should certainly be studied, as they might turn out to be necessary for some future IoT solutions. Promising results already exist for high-frequency CPU:s and platforms with hardware extensions. In this work, we study the feasibility of computing the optimal ate pairing over the BN254 curve, on a 64 MHz Cortex-M33 based platform by utilizing an optimized open-source library. The project is carried out for the company Nordic Semiconductor. As a result, the pairing was effectively computed in under 26* 10^6 cycles, or in 410 ms. The resulting pairing enables a limited usage of pairing-based cryptography, with a capacity of at most few cryptographic operations, such as ID-based key verifications per second. Referring to other relevant works, a competent pairing application would require either a high-frequency - and thus high consuming - microprocessor, or a customized FPGA. Moreover, it is noted that the research in efficient pairing-based cryptography is constantly taking steps forward in every front-line: efficient algorithms, protocols, and hardware-solutions

17x bits elliptic curve scalar multiplication over GF(2M) using optimal normal basis.

Tang Ko Cheung, Simon.Thesis (M.Phil.)--Chinese University of Hong Kong, 2001.Includes bibliographical references (leaves 89-91).Abstracts in English and Chinese.Chapter 1 --- Theory of Optimal Normal Bases --- p.3Chapter 1.1 --- Introduction --- p.3Chapter 1.2 --- The minimum number of terms --- p.6Chapter 1.3 --- Constructions for optimal normal bases --- p.7Chapter 1.4 --- Existence of optimal normal bases --- p.10Chapter 2 --- Implementing Multiplication in GF(2m) --- p.13Chapter 2.1 --- Defining the Galois fields GF(2m) --- p.13Chapter 2.2 --- Adding and squaring normal basis numbers in GF(2m) --- p.14Chapter 2.3 --- Multiplication formula --- p.15Chapter 2.4 --- Construction of Lambda table for Type I ONB in GF(2m) --- p.16Chapter 2.5 --- Constructing Lambda table for Type II ONB in GF(2m) --- p.21Chapter 2.5.1 --- Equations of the Lambda matrix --- p.21Chapter 2.5.2 --- An example of Type IIa ONB --- p.23Chapter 2.5.3 --- An example of Type IIb ONB --- p.24Chapter 2.5.4 --- Creating the Lambda vectors for Type II ONB --- p.26Chapter 2.6 --- Multiplication in practice --- p.28Chapter 3 --- Inversion over optimal normal basis --- p.33Chapter 3.1 --- A straightforward method --- p.33Chapter 3.2 --- High-speed inversion for optimal normal basis --- p.34Chapter 3.2.1 --- Using the almost inverse algorithm --- p.34Chapter 3.2.2 --- "Faster inversion, preliminary subroutines" --- p.37Chapter 3.2.3 --- "Faster inversion, the code" --- p.41Chapter 4 --- Elliptic Curve Cryptography over GF(2m) --- p.49Chapter 4.1 --- Mathematics of elliptic curves --- p.49Chapter 4.2 --- Elliptic Curve Cryptography --- p.52Chapter 4.3 --- Elliptic curve discrete log problem --- p.56Chapter 4.4 --- Finding good and secure curves --- p.58Chapter 4.4.1 --- Avoiding weak curves --- p.58Chapter 4.4.2 --- Finding curves of appropriate order --- p.59Chapter 5 --- The performance of 17x bit Elliptic Curve Scalar Multiplication --- p.63Chapter 5.1 --- Choosing finite fields --- p.63Chapter 5.2 --- 17x bit test vectors for onb --- p.65Chapter 5.3 --- Testing methodology and sample runs --- p.68Chapter 5.4 --- Proposing an elliptic curve discrete log problem for an 178bit curve --- p.72Chapter 5.5 --- Results and further explorations --- p.74Chapter 6 --- On matrix RSA --- p.77Chapter 6.1 --- Introduction --- p.77Chapter 6.2 --- 2 by 2 matrix RSA scheme 1 --- p.80Chapter 6.3 --- Theorems on matrix powers --- p.80Chapter 6.4 --- 2 by 2 matrix RSA scheme 2 --- p.83Chapter 6.5 --- 2 by 2 matrix RSA scheme 3 --- p.84Chapter 6.6 --- An example and conclusion --- p.85Bibliography --- p.9

Implementação eficiente em software de criptossistemas de curvas elipticas

Orientador: Ricardo DahabTese (doutorado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: A criptografia de chave-pública é, reconhecidamente, uma ferramenta muito útil para prover requisitos de segurança tais como confidencialidade, integridade, autenticidade e não-repudio, parte integrante das comunicações. A principal vantagem dos criptossistemas de curvas elípticas (CCE) em relação a outras tecnologias de chave-pública concorrentes tais como RSA e DSA, é que parâmetros significativamente menores podem ser usados nos CCE com o mesmo nível de segurança. Essa vantagem é especialmente importante em aplicações em ambientes computacionais limitados como cartões inteligentes, telefones celulares, computadores de bolso e pagers. De um ponto de vista prático, a implementação dos CCE apresenta vários desafios. Uma aplicação baseada nos CCE precisa que várias escolhas sejam feitas tais como o nível de segurança, algoritmos para implementar a aritmética no corpo finito subjacente, algoritmos para implementar a aritmética na curva elíptica, protocolos de curvas elípticas e a plataforma computacional. Essas escolhas podem ter um grande impacto no desempenho da aplicação resultante. Esta dissertação trata do desenvolvimento de algoritmos eficientes para implementação em software de criptossistemas de curvas elípticas sobre o corpo finito F2m. Neste contexto, foram desenvolvidos métodos eficientes para implementar a aritmética no corpo finito F2m, e para calcular múltiplos de um ponto elíptico, a operação fundamental da criptografia pública baseada em curvas elípticas. Nesta dissertação também foi abordado o problema da implementação eficiente em software dos algoritmos propostos, em diferentes plataformas computacionais tais como PCs, estações de trabalho, e em dispositivos limitados como o pager da RIM.Abstract: It is widely recognized that public-key cryptography is an important tool for providing security services such as confidentiality, data integrity, authentication and non-repudiation, which are requirements present in almost all communications. The main advantage of elliptic curve cryptography (ECC) over competing public-key technologies such as RSA and DSA is that significantly smaller parameters can be used in ECC, but with equivalent levels of security. This advantage is especially important for applications on constrained environments such as smart cards, cell phones, personal device assistants, and pagers. From a practical point of view, the implementation of ECC presents various challenges. An ECC-based application requires that several choices be made including the security level, algorithms for implementing the finite field arithmetic, algorithms for implementing the elliptic group operation, elliptic curve protocols, and the computer platform. These choices may have a significant impact on the performance of the resulting application. This dissertation focuses on developing efficient algorithms for software implementation of ECC over F2m. In this framework, we study different ways of efficiently implementing arithmetic in F2¿, and computing an elliptic scalar multiplication, the central operation of public-key cryptography based on elliptic curves. We also concentrate on the software implementation of these algorithms for different platforms including PCs, workstations, and constrained devices such as the RIM interactive pager. This dissertation is a collection of five papers written in English, with an introduction and conclusions written in Portuguese.DoutoradoDoutor em Ciência da Computaçã