Aaron E. Cohen

GPU accelerated elliptic curve cryptography in GF(2 m )

This paper presents the Graphics Processing Unit (GPU) accelerated version of the LSB Invariant scalar point multiplication for binary elliptic curves. This method was implemented using the CUDA programming language for nVidia graphics cards. With a parallel factor of (length+1) and López-Dahab projective coordinate P<inf>i</inf>s, on an nVidia GTX 285 graphics card precomputation takes 190.203995 ms while the actual scalar point multiplication takes 173.121002 ms for GF(2¹⁶³). With a parallel factor of (length+1)*(length) and López-Dahab projective coordinate P<inf>i</inf>s, on an nVidia GTX 285 graphics card precomputation of 2ⁱP points takes 9.545 ms while the actual scalar point multiplication takes 10.743 ms (∼93.0839 kP/s) for GF(2¹⁶³). With a parallel factor of (length+1)*(length) and affine coordinate P<inf>i</inf>s, on an nVidia GTX 285 graphics card precomputation takes 140.078003 ms for GF(2¹⁶³) while the actual scalar point multiplication takes 10.363000 ms (∼96.4972 kP/s) for GF(2¹⁶³).

Architecture Optimizations for the RSA Public Key Cryptosystem: A Tutorial

The Rivest Shamir Adleman (RSA) cryptosystem, named after its creators, is one of the most popular public key cryptosystems. The RSA cryptosystem has been utilized for e-commerce, various forms of authentication, and virtual private networks. The importance of high security and faster implementations paved the way for RSA crypto-accelerators, hardware implementations of the RSA algorithm. This work consists of describing various approaches to implementing RSA crypto-accelerators based on the “textbook” version of the RSA cryptosystem and comparing their area requirements. Many of the techniques described here have applications elsewhere such as in digital signal processing and error correcting codes. This paper presents the four fundamental architectures: the bit- serial squaring architecture, two bit-serial systolic array modular multiplication architectures, and the interleaved modular multiplication architecture.

A Low-Complexity Hybrid LDPC Code Encoder for IEEE 802.3an (10GBase-T) Ethernet

This paper presents a novel hybrid encoding method for encoding of low-density parity-check (LDPC) codes. The design approach is applied to design 10-Gigabit Ethernet transceivers over copper cables. For a specified encoding speed, the proposed method requires substantially lower complexity in terms of area and storage. Furthermore, this method is generic and can be adapted easily for other LDPC codes. One major advantage of this design is that it does not require column swapping and it maintains compatibility with optimized LDPC decoders. For a 10-Gigabit Ethernet transceiver which is compliant with the IEEE 802.3 an standard, the proposed sequential (5-Parallel) hybrid architecture has the following implementation properties: critical path: (log2(324) + 1)Txor + Tand, number of XOR gates: 11 056, number of and gates: 1620, and ROM storage: 104 976 bits (which can be minimized to 52 488 bits using additional hardware). This method achieves comparable critical path, and requires 74% gate area, 10% ROM storage as compared with a similar 10-Gigabit sequential (5-parallel) LDPC encoder design using only the G matrix multiplication method. Additionally the proposed method accesses fewer bits per cycle than the G matrix method which reduces power consumption by about 82%.

Implementation of scalable elliptic curve cryptosystem crypto-accelerators for GF(2/sup m/)

This paper focuses on designing elliptic curve crypto-accelerators in GF(2/sup m/) that are cryptographically scalable and hold some degree of reconfigurability. Previous work in elliptic curve crypto-accelerators focused on implementations using projective coordinate systems for specific field sizes. Their performance, scalar point multiplication per second (kP/s) was determined primarily by the underlying multiplier implementation. In addition, a multiplier only implementation and a multiplier plus divider implementation are compared in terms of critical path, area and area time (AT) product. Our multiplier only design, designed for high performance, can achieve 6314 kP/s for GF(2/sup 571/) and requires 47876 LUTs. Meanwhile our multiplier and divider design, with a greater degree of reconfigurability, can achieve 44 kP/s for GF(2/sup 571/). However, this design requires 27355 LUTs, and has a significantly higher AT product. It is shown that reconfigurability with the reduction polynomial significantly benefits from the addition of a low latency divider unit and scalar point multiplication in affine coordinates. In both cases the performance is limited by a critical path in the control logic.

A New Side Channel Resistant Scalar Point Multiplication Method for Binary Elliptic Curves

In this paper, a new novel LSB scalar point multiplication algorithm resistant to several side channel attacks is presented. This method is based on a similar invariant principle to Montgomerys ladder but it can use pre-computation to halve the total runtime and achieve a speedup of l(A + D1)/(IA + D2). Using D2 ap 1.5 D1 and D1 ap A, then the proposed method achieves 2lA/((l + 1.5)A) or a speedup of 2 as I, the number of scalar point multiplications on an identical base point, approaches infinity. This performance was achieved by applying the reduced complexity Montgomery Invariant point addition equation along with y-coordinate recovery to generate the point Q equal to kP. Finally, the LSB Invariant method is adapted to projective coordinates to achieve a further performance increase when the penalty for performing a field inversion operation is greater than 4 multiplications.

Secure Variable Data Rate Transmission

A novel secure variable data rate (SVDR) transmission method is presented along with an architecture for implementing the SVDR transmission. This method reduces transmission overhead requirements by allowing both parties to maintain the initialization vector information locally rather than by obtaining it from the received packet. The only requirement this method places on the transmission is to maintain the sequence. This brief shows a 70% reduction in the overhead for transmitting this sequence information with a window size of 10 and seven priority levels.

Side channel resistance quantification and verification

In this paper, a formal method for quantifying the side channel resistance based on a statistical approach is developed and a formal CAD method for verifying the side channel resistance of a circuit design is presented. Our analysis indicates that designs which have small means for the difference in power consumption between key bits and high standard deviations for the difference can achieve higher security. Our analytical results for quantifying side channel resistance indicate that it is not feasible to achieve 280 security against side channel attacks with low standard deviation or with large means in the difference between key bit runs. Additionally, our analytical results for a preliminary CAD approach to detecting side channel leakage show that significant computing resources are required to gain enough statistics on the power consumption of a circuit to make reasonable approximations about the systems side channel resistance performance prior to implementation when the side channel attacks are unknown; however, our results indicate that it is feasible to detect individual side channel vulnerabilities when the side channel attacks are known.

Faster elliptic curve point multiplication based on a novel greedy base-2,3 method

In this paper a novel pre-computation technique for scalar point multiplication on elliptic curves is proposed. Compared to standard affine coordinates without pre-computation this method achieves a performance increase of 23% while requiring an additional increase in control and logic for the pre-computation step. This method achieves a (2m bits times numpoints) reduction in storage overhead compared with other pre-computation techniques

A new reconfigurable bit-serial systolic divider for GF(2/sup m/) and GF(p)

The paper focuses on the design of a new dual field divider that can achieve performance of 1/m throughput. This dual field division unit can operate at 118 MHz with a latency of 7m-2 cycles and has an area requirement 15 XOR2, 40 AND2, 29 MUX2, and 7 INV gates per processing element with a total of 2m processing elements. It is intended to be used in an elliptic curve crypto-accelerator for GF(2/sup m/) and GF(p). The actual performance for scalar point multiplication in GF(2/sup 571/) running at 100 MHz would be 20.4 kP/s. The actual performance for scalar point multiplication in GF(p) with |p| = 521 running at 100 MHz would be 24.4 kP/s.

Speaker Identification over Narrowband VoIP Networks

Automatic Speaker Recognition (ASR) has been an active area of research for the past four decades with speech collected mostly in research laboratory environments. However, due to growing applications and possible misuses of Voice over Internet Protocol (VoIP) networks, there is a need to employ robust ASR systems over VoIP networks, especially within the context of internet security and law enforcement activities. There is, however, little systematic study on analyzing effects of several artifacts of VoIP (such as speech codec, packet loss, packet reordering, network jitter and foreign-cross talk or echo) on performance of an ASR system. This chapter investigates each of the issues of VoIP individually and trades it with the performance of the ASR system. In this chapter, a narrowband 2.4 kbps mixed-excitation linear prediction (MELP) codec is used over a VoIP network.