Breaking ECC2K-130

Elliptic-curve cryptography is becoming the standard public-key primitive not only for mobile devices but also for high-security applications. Advantages are the higher cryptographic strength per bit in comparison with RSA and the higher speed in implementations. To improve understanding of the exact strength of the elliptic-curve discrete-logarithm problem, Certicom has published a series of challenges. This paper describes breaking the ECC2K-130 challenge using a parallelized version of Pollard\u27s rho method. This is a major computation bringing together the contributions of several clusters of conventional computers, PlayStation~3 clusters, computers with powerful graphics cards and FPGAs. We also give /preseestimates for an ASIC design. In particular we present * our choice and analysis of the iteration function for the rho method; * our choice of finite field arithmetic and representation; * detailed descriptions of the implementations on a multitude of platforms: CPUs, Cells, GPUs, FPGAs, and ASICs; * details about running the attack

Enabling Full-Size Public-Key Algorithms on 8-bit Sensor Nodes

www.crypto.rub.de Abstract. In this article we present the fastest known implementation of a modular multiplication for a 160-bit standard compliant elliptic curve (secp160r1) for 8-bit micro controller which are typically used in WSNs. The major part (77%) of the processing time for an elliptic curve operation such as ECDSA or EC Diffie-Hellman is spent on modular multiplication. We present an optimized arithmetic algorithm which significantly speed up ECC schemes. The reduced processing time also yields a significantly lower energy consumption of ECC schemes. With our implementation results we can show that a 160-bit modular multiplication can be performed in 0.39 ms on an 8-bit AVR processor clocked at 7.37 MHz. This brings the vision of asymmetric cryptography in the field of WSNs with all its benefits for key-distribution and authentication a step closer to reality

Exploiting hardware performance counters

We introduce the usage of hardware performance counters (HPCs) as a new method that allows very precise access to known side channels and also allows access to many new side channels. Many current architectures provide hardware performance counters, which allow the profiling of software during runtime. Though they allow detailed profiling they are noisy by their very nature; HPC hardware is not validated along with the rest of the microprocessor. They are meant to serve as a relative measure and are most commonly used for profiling software projects or operating systems. We discuss this security model and we show first implementation results, which confirm that HPCs can be used to profile relatively short sequences of instructions with high precision. We focus on cache profiling and confirm our results by rerunning a recently published time based cache attack in which we replaced the time profiling function by HPCs

An Efficient General Purpose Elliptic Curve Cryptography Module for Ubiquitous Sensor Networks, SoftwarePerformance Enhancement for Encryption and Decryption (SPEED

www.crypto.rub.de Abstract. In this article we present the fastest known implementation of a modular multiplication for a 160-bit standard compliant elliptic curve (secp160r1) for 8-bit micro-controller which are typically used in ubiquitous sensor networks (USN). The major part (77%) of the processing time for an elliptic curve operation such as ECDSA or EC Diffie-Hellman is spent on modular multiplication. We present an optimized arithmetic algorithm which significantly speeds up ECC schemes. The reduced processing time also yields a significantly lower energy consumption of ECC schemes. We show that a 160-bit modular multiplication can be performed in 0.37 ms on an 8-bit AVR processor clocked at 8 MHz. This brings the vision of asymmetric cryptography in the field of USNs with all its benefits for key-distribution and authentication a step closer to reality

A Survey of Lightweight-Cryptography Implementations

status: publishe

Ultra Low-Power implementation of ECC on the ARM Cortex-M0+

In this work, elliptic curve cryptography (ECC) is used to make an efficient implementation of a public-key cryptography algorithm on the ARM Cortex-M0+. The goal of this implementation is to make not only a fast, but also a very low-power software implementation. To aid in the elliptic curve parameter selection, the energy consumption of different instructions on the ARM Cortex-M0+ was measured and it was found that there is a variation of up to 22.5 % between different instructions. The instruction set architecture (ISA) and energy measurements were used to make a simulation of both a binary curve and a prime curve implementation, and the former was found to have a slightly faster execution time with a lower power consumption. Binary curve arithmetic use instructions which requires less energy than prime curve arithmetic on the target platform. A new field multiplication algorithm is proposed, called López-Dahab with fixed registers, which is an optimization of the López-Dahab (LD) algorithm. The proposed algorithm has a performance improvement of 15 % over the LD with rotating registers algorithm (which is the current fastest optimization of the LD algorithm). A software implementation that uses the proposed algorithm was made in C and assembly, and on average our implementation of a random point multiplication requires 34.16 µJ, whereas our fixed point multiplication requires 20.63 µJ. The energy consumption of our implementation beats all known software implementations on embedded platforms, of a point multiplication, on the same equivalent security level by a factor of 7.4. I

Teaching HW/SW Co-Design With a Public Key Cryptography Application

This paper describes a lab session-based course on hardware/software (HW/SW) co-design. Real problems often need to combine the speed of an HW solution with the flexibility of an SW solution. The goals of this course are to show that there are many alternative solutions in the design space and to teach the fundamental concepts of HW/SW co-design. The sample application for the course project is a basic public key (RSA) application. This application is attractive for pedagogic purposes because its complex arithmetic and large word lengths make it difficult to realize in SW on an embedded microcontroller. However, the alternative of a pure application-specific integrated circuit (ASIC) application is also not a satisfactory solution, as this lacks the flexibility to support multiple public key applications. The project follows a stepwise approach, with assignments that build on each other. Students are required to make their own decisions as to the partitioning between HW and SW, the interface design, and the optimizations goals. Besides imparting hard skills in HW design and embedded SW design, the course inculcates several soft skills - in particular, decision making, presentation skills, teamwork, and design creativity - generally overlooked in engineering. © 2013 IEEE.status: publishe