Realizing arbitrary-precision modular multiplication with a fixed-precision multiplier datapath

Within the context of cryptographic hardware, the term scalability refers to the ability to process operands of any size, regardless of the precision of the underlying data path or registers. In this paper we present a simple yet effective technique for increasing the scalability of a fixed-precision Montgomery multiplier. Our idea is to extend the datapath of a Montgomery multiplier in such a way that it can also perform an ordinary multiplication of two n-bit operands (without modular reduction), yielding a 2n-bit result. This conventional (nxn->2n)-bit multiplication is then used as a “sub-routine” to realize arbitrary-precision Montgomery multiplication according to standard software algorithms such as Coarsely Integrated Operand Scanning (CIOS). We show that performing a 2n-bit modular multiplication on an n-bit multiplier can be done in 5n clock cycles, whereby we assume that the n-bit modular multiplication takes n cycles. Extending a Montgomery multiplier for this extra functionality requires just some minor modifications of the datapath and entails a slight increase in silicon area

High-Performance Ideal Lattice-Based Cryptography on 8-Bit AVR Microcontrollers

© 2017 ACM. Over recent years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. In this work, we evaluate and compare implementations of Ring-LWE encryption and the bimodal lattice signature scheme (BLISS) on an 8-bit Atmel ATxmega128 microcontroller. Our implementation of Ring-LWE encryption provides comprehensive protection against timing side-channels and takes 24.9ms for encryption and 6.7ms for decryption. To compute a BLISS signature, our software takes 317ms and 86ms for verification. These results underline the feasibility of lattice-based cryptography on constrained devices.status: publishe

Evaluating Resistance of MCML Technology to Power Analysis attacks using a Simulation-based Methodology

Abstract. This paper explores the resistance of MOS Current Mode Logic (MCML) against attacks based on the observation of the power consumption. Circuits implemented in MCML, in fact, have unique characteristics both in terms of power consumption and the dependency of the power profile from the input signal pattern. Therefore, MCML is suitable to protect cryptographic hardware from Differential Power Analysis and similar side-channel attacks. In order to demonstrate the effectiveness of different logic styles against power analysis attacks, two full cores implementing the AES algorithm were realized and implemented with CMOS and MCML technology, and a set of different types of attack was performed using power traces derived from SPICE-level simulations. Although all keys were discovered for CMOS, MCML traces did not presents characteristic that can lead to a successful attack.