Kimmo Järvinen

On Parallelization of High-Speed Processors for Elliptic Curve Cryptography

This paper discusses parallelization of elliptic curve cryptography hardware accelerators using elliptic curves over binary fields F2m. Elliptic curve point multiplication, which is the operation used in every elliptic curve cryptosystem, is hierarchical in nature, and parallelism can be utilized in different hierarchy levels as shown in many publications. However, a comprehensive analysis on the effects of parallelization has not been previously presented. This paper provides tools for evaluating the use of parallelism and shows where it should be used in order to maximize efficiency. Special attention is given for a family of curves called Koblitz curves because they offer very efficient point multiplication. A new method where the latency of point multiplication is reduced with parallel field arithmetic processors is introduced. It is shown to outperform the previously presented multiple field multiplier techniques in the cases of Koblitz curves and generic curves with fixed base points. A highly efficient general elliptic curve cryptography processor architecture is presented and analyzed. Based on this architecture and analysis on the effects of parallelization, a few designs are implemented on an Altera Stratix II field-programmable gate array (FPGA).

Embedded SFE: offloading server and network using hardware tokens

We consider Secure Function Evaluation (SFE) in the client-server setting where the server issues a secure token to the client. The token is not trusted by the client and is not a trusted third party. We show how to take advantage of the token to drastically reduce the communication complexity of SFE and computation load of the server. Our main contribution is the detailed consideration of design decisions, optimizations, and trade-offs, associated with the setting and its strict hardware requirements for practical deployment. In particular, we model the token as a computationally weak device with small constant-size memory and limit communication between client and server. We consider semi-honest, covert, and malicious adversaries. We show the feasibility of our protocols based on a FPGA implementation.

Optimized FPGA-based elliptic curve cryptography processor for high-speed applications

Abstract In this paper, we introduce an FPGA-based processor for elliptic curve cryptography on Koblitz curves. The processor targets specifically to applications requiring very high speed. The processor is optimized for performing scalar multiplications, which are the basic operations of every elliptic curve cryptosystem, only on one specific Koblitz curve; the support for other curves is achieved by reconfiguring the FPGA. We combine efficient methods from various recent papers into a very efficient processor architecture. The processor includes carefully designed processing units dedicated for different parts of the scalar multiplication in order to increase performance. The computation is pipelined providing simultaneous processing of up to three scalar multiplications. We provide experimental results on an Altera Stratix II FPGA demonstrating that the processor computes a single scalar multiplication on average in 11.71 μ s and achieves a throughput of 235,550 scalar multiplications per second on NIST K-163.

Efficient Algorithm and Architecture for Elliptic Curve Cryptography for Extremely Constrained Secure Applications

Recently, considerable research has been performed in cryptography and security to optimize the area, power, timing, and energy needed for the point multiplication operations over binary elliptic curves. In this paper, we propose an efficient implementation of point multiplication on Koblitz curves targeting extremely-constrained, secure applications. We utilize the Gaussian normal basis (GNB) representation of field elements over GF(2m) and employ an efficient bit-level GNB multiplier. One advantage of this GNB multiplier is that we are able to reduce the hardware complexity through sharing the addition/accumulation with other field additions. We utilized the special property of normal basis representation and squarings are implemented very efficiently by only rewiring in hardware. We introduce a new technique for point addition in affine coordinate which requires fewer registers. Based on this technique, we propose an extremely small processor architecture for point multiplication. Through application-specific integrated circuit (ASIC) implementations, we evaluate the area, performance, and energy consumption of the proposed crypto-processor. Utilizing two different working frequencies, it is shown that the proposed architecture reaches better results compared to the previous works, making it suitable for extremely-constrained, secure environments.

FPGA implementation of point multiplication on koblitz curves using kleinian integers

We describe algorithms for point multiplication on Koblitz curves using multiple-base expansions of the form k = Σ ±τ a (τ - 1) b and k = Σ ±τ a (τ-1) b (τ 2 - τ - 1) c . We prove that the number of terms in the second type is sublinear in the bit length of k, which leads to the first provably sublinear point multiplication algorithm on Koblitz curves. For the first type, we conjecture that the number of terms is sublinear and provide numerical evidence demonstrating that the number of terms is significantly less than that of r-adic non-adjacent form expansions. We present details of an innovative FPGA implementation of our algorithm and performance data demonstrating the efficiency of our method.

Provably Sublinear Point Multiplication on Koblitz Curves and Its Hardware Implementation

We describe algorithms for point multiplication on Koblitz curves using multiple-base expansions of the form k = Sigmaplusmntaua(tau-1)b and k = Sigmaplusmntaua(tau - mu)b(tau2 - mutau - 1)c. We prove that the number of terms in the second type is sublinear in the bit length of k, which leads to the first provably sublinear point multiplication algorithm on Koblitz curves. For the first type, we conjecture that the number of terms is sublinear and provide numerical evidence demonstrating that the number of terms is significantly less than that of tau-adic nonadjacent form expansions. We present details of an innovative FPGA implementation of our algorithm and performance data demonstrating the efficiency of our method. We also show that implementations with very low computation latency are possible with the proposed method because parallel processing can be exploited efficiently.

Conversion Algorithms and Implementations for Koblitz Curve Cryptography

In this paper, we discuss conversions between integers and tau-adic expansions and we provide efficient algorithms and hardware architectures for these conversions. The results have significance in elliptic curve cryptography using Koblitz curves, a family of elliptic curves offering faster computation than general elliptic curves. However, in order to enable these faster computations, scalars need to be reduced and represented using a special base-tau expansion. Hence, efficient conversion algorithms and implementations are necessary. Existing conversion algorithms require several complicated operations, such as multiprecision multiplications and computations with large rationals, resulting in slow and large implementations in hardware and microcontrollers with limited instruction sets. Our algorithms are designed to utilize only simple operations, such as additions and shifts, which are easily implementable on practically all platforms. We demonstrate the practicability of the new algorithms by implementing them on Altera Stratix II FPGAs. The implementations considerably improve both computation speed and required area compared to the existing solutions.

High-Speed Elliptic Curve Cryptography Accelerator for Koblitz Curves

We present an FPGA-based accelerator for elliptic curve cryptography on a Koblitz curve targeting for applications requiring very high speed. The accelerator supports fast computation of point multiplication by using window methods as well as multiple point multiplications with joint sparse form representations. Optimized operation-specific processing units are used in order to improve performance. Throughput is increased by pipelining operations. The accelerator was implemented in an Altera Stratix II FPGA and it computes point multiplication on average in 16.36 ¿s and achieves a maximum of 161,290 operations per second. A 3-term multiple point multiplication requires 35.06 ¿s with a maximum of 60,603 operations in second.

Robustness, Security and Privacy in Location-Based Services for Future IoT: A Survey

Internet of Things (IoT) connects sensing devices to the Internet for the purpose of exchanging information. Location information is one of the most crucial pieces of information required to achieve intelligent and context-aware IoT systems. Recently, positioning and localization functions have been realized in a large amount of IoT systems. However, security and privacy threats related to positioning in IoT have not been sufficiently addressed so far. In this paper, we survey solutions for improving the robustness, security, and privacy of location-based services in IoT systems. First, we provide an in-depth evaluation of the threats and solutions related to both global navigation satellite system (GNSS) and non-GNSS-based solutions. Second, we describe certain cryptographic solutions for security and privacy of positioning and location-based services in IoT. Finally, we discuss the state-of-the-art of policy regulations regarding security of positioning solutions and legal instruments to location data privacy in detail. This survey paper addresses a broad range of security and privacy aspects in IoT-based positioning and localization from both technical and legal points of view and aims to give insight and recommendations for future IoT systems providing more robust, secure, and privacy-preserving location-based services.

A Fast Hardware Architecture for Integer to \tauNAF Conversion for Koblitz Curves

Scalar multiplication in elliptic curve cryptography is the most computational intensive operation. Efficiency of this operation can be significantly improved in hardware implementations by using Frobenius endomorphisms which require integer to τ-adic nonadjacent form conversion. Because conversion is one of the limiting factors in some of Koblitz curve-based cryptosystems, it has become an interesting problem. In this paper, we propose two algorithms and a novel hardware architecture to double the speed of integer to τ-adic nonadjacent form conversion.