Post Quantum ECC on FPGA Platform

Post-quantum cryptography has gathered significant attention in recent times due to the NIST call for standardization of quantum resistant public key algorithms. In that context, supersingular isogeny based key exchange algorithm (SIKE) has emerged as a potential candidate to replace traditional public key algorithms like RSA and ECC. SIKE provides $\mathbf{O(\sqrt[4]{p})}$ classical security and $\mathbf{O(\sqrt[6]{p})}$ quantum security where $p$ is the characteristic of the underlying field. Additionally, SIKE has the smallest key sizes among all the post-quantum public algorithm, making it very suitable for bandwidth constrained environment. In this paper, we present an efficient implementation of SIKE protocol for FPGA based applications. The proposed architecture provides the same latency as that of the best existing implementation of SIKE protocol while consuming $48\%$ less DSPs and $58\%$ less block RAM resources. Thus, our design is substantially more efficient compared to that of existing implementations of SIKE

Exploiting the Order of Multiplier Operands: A Low Cost Approach for HCCA Resistance

Horizontal collision correlation analysis (HCCA) imposes a serious threat to simple power analysis resistant elliptic curve cryptosystems involving unified algorithms, for e.g. Edward curve unified formula. This attack can be mounted even in presence of differential power analysis resistant randomization schemes. In this paper we have designed an effective countermeasure for HCCA protection, where the dependency of side-channel leakage from a school-book multiplication with the underling multiplier operands is investigated. We have shown how changing the sequence in which the operands are passed to the multiplication algorithm introduces dissimilarity in the information leakage. This disparity has been utilized in constructing a zero-cost countermeasure against HCCA. This countermeasure integrated with an effective randomization method has been shown to successfully thwart HCCA. Additionally we provide experimental validation for our proposed countermeasure technique on a SASEBO platform. To the best of our knowledge, this is the first time that asymmetry in information leakage has been utilized in designing a side channel countermeasure

ECC on Your Fingertips: A Single Instruction Approach for Lightweight ECC Design in GF (p)

Lightweight implementation of Elliptic Curve Cryptography on FPGA has been a popular research topic due to the boom of ubiquitous computing. In this paper we propose a novel single instruction based ultra-light ECC crypto-processor coupled with dedicated hard-IPs of the FPGAs. We show that by using the proposed single instruction framework and using the available block RAMs and DSPs of FPGAs, we can design an ECC crypto-processor for NIST curve P-256, requiring only 81 and 72 logic slices on Virtes-5 and Spartan-6 devices respectively.To the best of our knowledge, this is the first implementation of ECC which requires less than 100 slices on any FPGA device family

Side-Channel Watchdog: Run-Time Evaluation of Side-Channel Vulnerability in FPGA-Based Crypto-systems

Besides security against classical cryptanalysis, its important for cryptographic implementations to have sufficient robustness against side-channel attacks. Many countermeasures have been proposed to thwart side channel attacks, especially power trace measurement based side channel attacks. Additionally, researchers have proposed several evaluation metrics to evaluate side channel security of crypto-system. However, evaluation of any crypto-system is done during the testing phase and is not part of the actual hardware. In our approach, we propose to implement such evaluation metrics on-chip for run-time side channel vulnerability estimation of a cryptosystem. The objective is to create a watchdog on the hardware which will monitor the side channel leakage of the device, and will alert the user if that leakage crosses a pre-determined threshold, beyond which the system might be considered vulnerable. Once such alert signal is activated, proactive countermeasures can be activated either at the device level or at the protocol level, to prevent the impending side channel attack. A FPGA based prototype designed by us show low hardware overhead, and is an effective option that avoids the use of bulky and inconvenient on-field measurement setup

Exploiting Safe Error based Leakage of RFID Authentication Protocol using Hardware Trojan Horse

Radio-Frequency Identification tags are used for several applications requiring authentication mechanisms, which if subverted can lead to dire consequences. Many of these devices are based on low-cost Integrated Circuits which are designed in off-shore fabrication facilities and thus raising concerns about their trust. Recently, a lightweight entity authentication protocol called LCMQ was proposed, which is based on Learning Parity with Noise, Circulant Matrix, and Multivariate Quadratic problems. This protocol was proven to be secure against Man-in-the-middle attack and cipher-text only attacks. In this paper, we show that in the standard setting, although the authentication uses two $m$ bit keys, $\mathbf{K_1}$ and $\mathbf{K_2}$, knowledge of only $\mathbf{K_2}$ is sufficient to forge the authentication. Based on this observation, we design a stealthy malicious modification to the circuitry based on the idea of Safe-errors to leak $\mathbf{K_2}$ and thus can be used to forge the entire authentication mechanism. We develop a Field Programmable Gate Array prototype of the design which is extremely lightweight and can be implemented using four Lookup tables

Combining PUF with RLUTs : a two-party pay-per-device IP licensing scheme on FPGAs

With the popularity of modern FPGAs, the business of FPGA specific intellectual properties (IP) is expanding rapidly. This also brings in the concern of IP protection. FPGA vendors are making serious efforts toward IP protection, leading to standardization schemes like IEEE P1735. However, efficient techniques to prevent unauthorized overuse of IP still remain an open question. In this article, we propose a two-party IP protection scheme combining the re-configurable look-up table primitive of modern FPGAs with physically unclonable functions (PUF). The proposed scheme works with the assumption that the FPGA vendor provides the assurance of confidentiality and integrity of the developed IP. The proposed scheme is considerably lightweight compared to existing schemes, prevents overuse, and does not involve FPGA vendors or trusted third parties for IP licensing. The validation of the proposed scheme is done on MCNC’91 benchmark and third-party IPs like AES and lightweight MIPS processors.Accepted versio