Miguel Morales-Sandoval

Bit-serial and digit-serial GF(2 m )Montgomery multipliers using linear feedback shift registers

This work presents novel multipliers for Montgomery multiplication defined on binary fields GF(2m). Different to state of the art Montgomery multipliers, this work uses a linear feedback shift register (LFSR) as the main building block. The authors studied different architectures for bit-serial and digit-serial Montgomery multipliers using the LFSR and the Montgomery factors xm and xm-1. The proposed multipliers are for different classes of irreducible polynomials: general, all one polynomials, pentanomials and trinomials. The results show that the use of LFSRs simplifies the design of the multipliers architecture reducing area resources and retaining high performance compared to related works.

On the hardware design of an elliptic curve cryptosystem

We present a hardware architecture for an elliptic curve cryptography system performing the three basic cryptographic schemes: DH key generation, encryption and digital signature. The architecture is described by using hardware description languages, specifically Handel C and VHDL. Because of the sequential nature of the cryptographic algorithms, they are written in Handel C language. The critical part of the cryptosystem is a module performing the scalar multiplication operation. This module has been written in VHDL to let further improvements. The points of the elliptic curve are represented in projective coordinates working over the two-characteristic finite field and using polynomial basis. A prototype of this hardware architecture is implemented on a Xilinx Virtex II FPGA device.

A reconfigurable GF(2 M ) elliptic curve cryptographic coprocessor

Elliptic Curve Cryptography (ECC) is a kind of cryptography that provides the security information services using shorter keys than other known public-key crypto-algorithms without decreasing the security level. This makes ECC a good choice for implementing security services in constrained devices, like the mobile ones. However, the diversity of ECC implementation parameters recommended by international standards has led to interoperability problems among ECC implementations. This work presents the design and implementation results of a novel FPGA coprocessor for ECC than can be reconfigured at run time to support different implementation parameters and hence, different security levels. Regardless there are several related works in the literature, to our knowledge this is the first ECC coprocessor that makes use of a partial reconfigurable methodology to deal with interoperability problems in ECC. A suitable application of the proposed reconfigurable coprocessor is the security protocol IPSec, where the domain parameters for ECC-based cryptographic schemes, like digital signature or encryption, have to be negotiated and agreed upon by the communication partners at run time.

Efficient hardware architecture for the AES-CCM protocol of the IEEE 802.11i standard

Applications of wireless communications networks are emerging continuously. To offer a good level of security in these applications, new standards for wireless communications propose solutions based on cryptographic algorithms working on special modes of operation. This work presents a custom hardware architecture for the AES-CCM protocol (AES-CCMP) which is the basis for the security architecture of the IEEE 802.11i standard. AES-CCMP is based on the AES-CCM algorithm that performs the Advanced Encryption Standard (AES) in CTR with CBC-MAC mode (CCM mode), plus specialized data formatting modules, providing different security services through iterative and complex operations. Results of implementing the proposed architecture targeting FPGA devices are presented and discussed. A comparison against similar works shows significant improvements in terms of both throughput and efficiency.

Area/performance trade-off analysis of an FPGA digit-serial GF(2m) Montgomery multiplier based on LFSR

Montgomery Multiplication is a common and important algorithm for improving the efficiency of public key cryptographic algorithms, like RSA and Elliptic Curve Cryptography (ECC). A natural choice for implementing this time consuming multiplication defined on finite fields, mainly over GF(2^m), is the use of Field Programmable Gate Arrays (FPGAs) for being reconfigurable, flexible and physically secure devices. FPGAs allow the implementation of this kind of algorithms in a broad range of applications with different area-performance requirements. In this paper, we explore alternative architectures for constructing GF(2^m) digit-serial Montgomery multipliers on FPGAs based on Linear Feedback Shift Registers (LFSRs) and study their area-performance trade-offs. Different Montgomery multipliers were implemented using several digits and finite fields to compare their performance metrics such as area, memory, latency, clocking frequency and throughput to show suitable configurations for ECC implementations using NIST recommended parameters. The results achieved show a notable improvement against FPGA Montgomery multiplier previously reported, achieving the highest throughput and the best efficiency.

An area/performance trade-off analysis of a GF(2m) multiplier architecture for elliptic curve cryptography

A hardware architecture for GF(2^m) multiplication and its evaluation in a hardware architecture for elliptic curve scalar multiplication is presented. The architecture is a parameterizable digit-serial implementation for any field order m. Area/performance trade-off results of the hardware implementation of the multiplier in an FPGA are presented and discussed.

FPGA Implementation and Performance Evaluation of AES-CCM Cores for Wireless Networks

Reconfigurable architectures are important elements on the design of software radios. Nowadays, diverse platforms are being developed to support multiple tasks; these platforms are designed specially for the different layers of the OSI (Open System Interconnection) reference model. Specifically, the security architectures described in the MAC sublayer should be evaluated, which are based on cryptographic algorithms that require high computational costs. In this work, two proposed AES-CCM hardware architectures for the IEEE 802.11i-2004 and IEEE 802.16e-2005 standards are implemented in diverse FPGA devices to examine implementation costs and performance evaluation. The results presented in this work will be used for designing and developing a reconfigurable platform with software-radio applications, which will include the high-performance AES-CCM hardware architectures meeting the specifications of the IEEE 802.11i-2004 and IEEE 802.16e-2005 standards.

GF(2m) Arithmetic Modules for Elliptic Curve Cryptography

This paper reports work in progress in the design, implementation and evaluation of a reconfigurable finite field arithmetic architecture with a direct application in elliptic curve cryptography (ECC) for mobile devices. This module contributes to manage the current interoperability problems in ECC, that are due to the several choices in the implementation of ECC crypto systems. We report an evaluation of some finite field arithmetic modules in an architecture for computing scalar multiplication, which is the most time consuming in ECC cryptographic schemes. The arithmetic modules were evaluated for all the GF(2m) NIST elliptic curves in a hardware architecture implemented in field programmable technology

FPGA-based implementation alternatives for the inner loop of the Secure Hash Algorithm SHA-256

Hash function algorithms are widely used to provide security services of integrity and authentication, being SHA-2 the latest set of hash algorithms standardized by the US Federal Government. The main computation block in SHA-2 algorithms is governed by a loop with high data dependence for which several implementation strategies are explored in this work as well as designs efficiently mapped to hardware architectures. Four new different hardware architectures are proposed to improve the performance of SHA-256 algorithms, reducing the critical path by reordering some operations required at each iteration of the algorithm and computing some values in advance, as possible as data dependence allows. The proposed designs were implemented and validated in the FPGA Virtex-2 XC2VP-7. The achieved results show a significant improvement on the performance of the SHA-256 algorithm compared to similar previously proposed approaches, obtaining a throughput of 909Mbps and an improved efficiency of 0.713Mbps/slice.

FPGA implementation cost and performance evaluation of the IEEE 802.16e and IEEE 802.11i security architectures based on AES-CCM

Software radios are communication devices with different configurations that enable to operate in different communication networks. Considering the OSI model, the main development of these radios is focused on the lower layers, which are implemented in hardware. Security is a key element for using software radios, because they can enter to different wireless networks and use the air like transmission medium, being vulnerable to possible attacks to the transmission of data. Several security architectures have been standardized for different networks, such as IEEE 802.11i-2004 for WLANs (Wireless Local Area Networks) and IEEE 802.16e-2005 for WMANs (Wireless Metropolitan Area Networks), operating on the MAC (Medium Access Control) sublayer. In this work, hardware implementations of these architectures are evaluated in terms of FPGA implementation costs and performance to be considered in a reconfigurable hardware platform, which supports both security architectures, working on the MAC sublayer. For the design of the reconfigurable platforms, it is required to examine characteristics such as hardware resources, throughput and reconfigurable/ nonreconfigurable modules with focus in the software-radio applications. These implementations of the proposed hardware architectures are based on the AES-CCM algorithm that is one of the most important cryptographic algorithms.