Apostolos P. Fournaris

An RNS Implementation of an

Elliptic curve point multiplication is considered to be the most significant operation in all elliptic curve cryptography systems, as it forms the basis of the elliptic curve discrete logarithm problem. Designs for elliptic curve cryptography point multiplication are area demanding and time consuming. Thus, the efficient realization of point multiplication is of fundamental importance for the performance of an elliptic curve system. In this paper, a hardware architecture of an elliptic curve point multiplier is proposed that exploits the intrinsic parallelism of the residue number system (RNS), in order to speed up the elliptic curve point calculations and minimize the area complexity of the elliptic curve point multiplier. The architecture proves to be the fastest among all known design approaches, while complexity is less than half of that of previous efforts. This architecture also supports the required input (binary-to-RNS) and output (RNS-to-binary) conversions. Through a graph-oriented approach, the area of the elliptic curve point multiplier is minimized, by optimizing the point addition and doubling algorithms. Also, through this approach, the number of execution steps for point addition is matched to the number of execution steps for point doubling. Additionally, the impact of various RNS bases, in terms of number of moduli and their bit lengths, on the area and speed of the proposed implementation is analyzed, in an effort to define the potential for using RNS in elliptic curve cryptography.

F_{p}

RSA is a widely acceptable and well used algorithm in many security applications. Its main mathematical function is the demanding, in terms of speed, operation of modular exponentiation. In this paper a systolic, scalable, redundant carry-save modular multiplier and an RSA encryption architecture are proposed using the Montgomery modular multiplication algorithm. By completely avoiding the transformations from redundant to non-redundant numbers at the intermediate stages of the architectures, the need for addition is eliminated and very interesting results, in terms of clock frequency, throughput and chip covered area, are achieved.

Elliptic Curve Point Multiplier

An efficient and strongly secure smart card mechanism involves the use of a technological background taken from the fields of computers, VLSI design and material science. The result of such a mixture is a miniature, fully operational, computation system. The nature of the data involved in smart card transactions and smart card intended uses, introduce another important factor in the smart card design mechanism which is security. The evolution of VLSI technology allows the efficient implementation of costly cryptographic operations in the smart card design methodology. Apart from the traditional cryptographic algorithms, additional techniques and special design materials have been introduced in order to protect the smart card system from cryptanalytic attacks. New architectures of software design, like object-oriented programming, give the opportunity to implement programmable multi-application cards. Thus, smart cards are transformed into highly secure devices and their establishment in the modern computer market can be considered certain. This establishment is bound to finance upcoming research in smart cards so that this product can become the basic component of electronic commerce worldwide.

A new RSA encryption architecture and hardware implementation based on optimized Montgomery multiplication

Many sequential multipliers for polynomial basis GF(2^k) fields have been proposed using the LSbit and MSbit multiplication algorithm. However, all those designs are defined over fixed size GF(2^k) fields and sometimes over fixed special form irreducible polynomials (AOL, trinomials, pentanomials). When such architectures are redesigned for arbitrary GF(2^k) fields and generic irreducible polynomials, therefore made versatile, they result in high space complexity (gate-latch number), low frequency (high critical path) and high latency designs. In this paper a Montgomery multiplication element (MME) architecture specially designed for arbitrary GF(2^k) fields defined over general irreducible polynomials, is proposed, based on an optimized version of the Montgomery multiplication (MM) algorithm for GF(2^k) fields. To evaluate the proposed MME and prove the efficiency of the MM algorithm in versatile designing, three distinct versatile Montgomery multiplier architectures are presented using this proposed MME. They achieve small gate-latch number and high clock frequency compared to other sequential versatile designs.

Software and Hardware Issues in Smart Card Technology

High throughput is a crucial factor in bit-serial GF(2^m) fields multiplication for a variety of different applications including cryptography, error coding detection and computer algebra. The throughput of a multiplier is dependent on the required number of clock cycles to reach a result and its critical path delay. However, most bit-serial GF(2^m) multipliers do not manage to reduce the required number of clock cycles below the threshold of m clock cycles without increasing dramatically their critical path delay. This increase is more evident if a multiplier is designed to be versatile. In this article, a new versatile bit-serial MSB multiplier for GF(2^m) fields is proposed that achieves a 50% increase on average in throughput when compared to other designs, with a very small increase in its critical path delay. This is achieved by an average 33.4% reduction in the required number of clock cycles below m. The proposed design can handle arbitrary bit-lengths upper bounded by m and is suitable for applications where the field order may vary.

Versatile multiplier architectures in GF(2k) fields using the Montgomery multiplication algorithm

An elliptic curve point multiplier (ECPM) is the main part of all elliptic curve cryptography (ECC) systems and its performance is decisive for the performance of the overall cryptosystem. A VLSI residue number system (RNS) architecture of an ECPM is presented in this paper. In the proposed approach, the necessary mathematical conditions that need to be satisfied, in order to replace typical finite field circuits with RNS ones, are investigated. It is shown that such an application is feasible and that it leads to a significant improvement in the execution time of a scalar point multiplication

Improved throughput bit-serial multiplier for GF(2m) fields

Embedded systems have found a very strong foothold in global Information Technology (IT) market since they can provide very specialized and intricate functionality to a wide range of products. On the other hand, the migration of IT functionality to a plethora of new smart devices (like mobile phones, cars, aviation, game or households machines) has enabled the collection of a considerable number of data that can be characterized sensitive. Therefore, there is a need for protecting that data through IT security means. However, eare usually dployed in hostile environments where they can be easily subject of physical attacks. In this paper, we provide an overview from ES hardware perspective of methods and mechanisms for providing strong security and trust. The various categories of physical attacks on security related embedded systems are presented along with countermeasures to thwart them and the importance of reconfigurable logic flexibility, adaptability and scalability along with trust protection mechanisms is highlighted. We adopt those mechanisms in order to propose a FPGA based embedded system hardware architecture capable of providing security and trust along with physical attack protection using trust zone separation. The benefits of such approach are discussed and a subsystem of the proposed architecture is implemented in FPGA technology as a proof of concept case study. From the performed analysis and implementation, it is concluded that flexibility, security and trust are fully realistic options for embedded system security enhancement.

An RNS architecture of an F/sub p/ elliptic curve point multiplier

While the wireless communications are coming to offices and houses, the special needs for secure data transmission, are proved an issue of great importance. The increased number of networks subscribers, in addition to the maximized quantity of the transmitted information, has triggered the revolution of the high speed, in the transmission channel. Security in data transmission is a crucial demand, which has to be faced successfully. It is obvious that the implementation performance of security schemes is also important as the offered security level itself. In this work, the implementation cost and the performance evaluation of RC5 implementations is presented. This cipher is adopted by a great number of wireless protocols, such as WAP. The FPGA implementation synthesis results for a scalable architecture are shown, for a scalable proposed architecture. Alternative adders and subtracters designs are examined for the system architecture, in order high performance and low area resources to be achieved.

Secure embedded system hardware design - A flexible security and trust enhanced approach

Point Multiplication (PM) is considered the most computationally complex and resource hungry Elliptic Curve Cryptography (ECC) related mathematic operation. The design of PM hardware accelerators follows approaches that have a trade off between utilized hardware resources and computation speed. In this paper, the above trade-off and its relation with the operations of the GF(2k) defining the Elliptic Curve (EC) is highlighted and investigated. Following this direction, a point operation design methodology based on the parallelization and scheduling of GF(2k) operations is proposed. This design approach is adapted to the PM employed GF(2k) multiplication algorithm and associated implementation in an effort to increase PM accelerator speed with an acceptable cost on chip covered area (hardware resources). Using the proposed methodology, two PM accelerator hardware architectures were proposed based on bit serial and bit parallel GF(2k) multipliers that, when implemented in FPGA technology, proved to be very fast in comparison to other similar works.

WAP security: implementation cost and performance evaluation of a scalable architecture for RC5 parameterized block cipher

Trust in security demanding software platforms is a very important feature. For this reason, Trusted computing group has specified a TPM hardware module that can enforce and guaranty a high trust level to all the platform’s involved entities. However, the TPM’s features can not be fully exploited in systems under extreme physical conditions. To solve this problem, the use of a special purpose hardware module, physically connected to a host security system’s device acting as a local trusted third party, has been proposed in literature. In this chapter, we describe the hardware structure of such a hardware module, called Autonomous Attestation Token (AAT) and discuss hardware resource constrains, security bottlenecks that can stem from improper design of its various components integrated in the AAT’s structure. We conclude that the efficiency of the AAT system is closely related to the efficiency of its public key encryption–decryption unit (RSA encryption–decryption module). In this book chapter, we address these issues by describing a design methodology toward a low hardware resources (small chip covered area) and side channel attack resistant RSA hardware architecture. The described hardware architectures’ implementations provide very optimistic results of very low chip covered area and high computation speed thus verifying the efficiency of the proposed algorithms and architecture design approach.