Turki F. Al-Somani

Systolic Array Architectures for Sunar–Koç Optimal Normal Basis Type II Multiplier

We present linear and nonlinear techniques for design exploration of an iterative algorithm. The nonlinear techniques allow control of processor workload and control of communication between processors. The algorithm considered is the Sunar-Koç optimal normal basis type II multiplication algorithm. Six systolic arrays are obtained. General formulas are provided for each design so that the operation of the system can be determined for a given GF(2m). The proposed architectures have been implemented using 45-nm CMOS technology and compared with published architectures. The results show that the proposed designs have at least 44.4% lower total computation time compared with the designs of all bit serial multipliers, while having slightly larger area delay product (ADP), up to 19.1%, compared with some of the bit serial multipliers and having smaller ADP values compared with most of the digit serial ones. Moreover, they have at least 46% lower power delay product compared with all bit serial and digit serial multipliers.

An efficient and scalable postcomputation-based generic-point parallel scalar multiplication method

An efficient generic-point parallel scalar multiplication method is presented here where a new mapping technique is used with a modified version of the postcomputation-based method [6]. The results show that the proposed method outperforms that of the work in [6] when the number of consecutive requests is two or more. Furthermore, the results show that the proposed method is scalable for any number of parallel processors and performs better as the number of consecutive requests increases. This method consequently is very attractive for use in high-performance end servers that employ parallel elliptic curve processors.

Overlapped parallel computations of scalar multiplication with resistance against Side Channel Attacks

This paper presents an efficient scheme for computing elliptic curve scalar multiplication that uses side-channel atomicity to resist against SPA attacks. The inherent parallelism within point operations is exploited to perform parallel computations of atomic blocks within the same point operation. The computations of atomic blocks of subsequent point operations are then overlapped to increase the performance. Randomising the scalar multiplier and the projective coordinates are applied together to immunise the scheme against DPA attacks. The results show that the proposed scheme is highly efficient in comparison with the pipelined scheme of Mishra (2006), which outperformed previous schemes.

Power Analysis Attacks on ECC: A Major Security Threat

Wireless sensor networks (WSNs) are largely deployed in different sectors and applications, and Elliptic Curve Cryptography (ECC) is proven to be the most feasible PKC for WSN security. ECC is believed to provide same level of security such as RSA with a much shorter key length, and thus they seem to be ideal for applications with small resources such a sensor network, smartcard, RFID, etc. However, like any other cryptographic primitive, ECC implementations are vulnerable to Power Analysis Attacks (PAAs) that may reveal the secret keys by exploiting leaked power consumption from running cryptographic devices (e.g. smart cards, mobile phones etc.). In this paper, we present a comprehensive study of major PAAs and its countermeasures on ECC cryptosystems. In addition, this paper describes critical concerns to be considered in designing PAAs on ECC particular for WSNs, and illustrates the need to conduct, in the near future, intensive researches for the development of these specific PAAs.

Performance Evaluation of Elliptic Curve Projective Coordinates with Parallel GF(p) Field Operations and Side-Channel Atomicity

This paper presents performance analysis and evaluation of elliptic curve projective coordinates with parallel field operations over GF( p ). Side-channel atomicity has been used in these comparisons. The field computations of point operations are segmented into atomic blocks that are indistinguishable from each other to resist against simple power analysis attacks. These atomic blocks are executed in parallel using 2, 3 and 4 multipliers. Comparisons between the Homogeneous, Jacobian and Edwards coordinate systems using parallel field operations over GF( p ) are presented. Results show that Edwards coordinate system outperforms both the Homogeneous and Jacobian coordinate systems and gives better area-time (AT) and area-time 2 (AT 2 ) complexities.

Review of Elliptic Curve Processor architectures

Several Elliptic Curve Processors (ECP) have been proposed in the literature associated with various architectures using different and sometimes confusing terminologies. This paper is a short review study of ECP architectures, considering the hardware platforms used for their implementations. The main design parameters of the ECP architectures, including the field choice and scalar multiplication algorithms were identified. Based on these parameters, a statistical study is conducted on a large collection of the published work. From the analysis of the collected data, several conclusions were deduced, such as the notion that binary field is easier to be implemented in hardware than prime field as well as the polynomial basis is dominant over other bases representation. Another significant conclusion is that Montgomery scalar multiplier has been used more than Lopez-Dahab, Binary, and NAF methods, particularly with the dominance of Lopez-dahab Projective coordinate.

High performance elliptic curve point operations with pipelined GF(2 m ) field multiplier

This paper studies the effect of high performance pipelined GF(2256) bit-serial multiplier on elliptic curve point operations. A 3-stage pipelined version of the Massy-Omura GF(2m) normal basis multiplier for 160 lesm les 256 was studied in terms of area overhead and throughput improvement. Simple gate area and delay models were used to estimate the throughput of the pipelined and the non-pipelined multipliers. The proposed pipelined architecture has been shown to have a significant improvement in throughput allowing a single 3-stage pipelined multiplier to have higher throughput than an architecture employing three parallel non-pipelined multipliers. The AT2 performance metric has shown an even more significant improvement.

Interleaved generic-point parallel scalar multiplication

This paper presents an efficient scheme for generic-point postcomputation-based parallel scalar multiplication. The proposed scheme processes more than one request simultaneously by interleaving parallel scalar multiplications. The results show that the proposed scheme outperforms the previous postcomputation-based methods when the consecutive requests number is eight or more. Furthermore, the proposed scheme is scalable for any number of parallel processors and performs better as the number of consecutive requests increases. Accordingly, the proposed scheme is very attractive for use in high-performance end servers that use parallel elliptic curve processors.

Accelerating higher-order masking of AES using composite field and SIMD

This paper introduces an efficient technique to speed up the higher-order masking scheme of the advanced encryption standard (AES), in which the S-box computation is based on the composite field, using Intels Supplemental Streaming SIMD Extensions 3 (SSSE 3) instruction set. Different side-channel attack (SCA) countermeasures are combined to mitigate more than one type of SCA. The proposed technique solves the problem of higher-order maskings negative impact on performance and removes the need for lookup tables by applying parallel processing at the data level using single instruction multiple data (SIMD) technology. We implemented the technique on a Linux machine with an Intel processor that supports SSSE3 instructions. The technique performed nine times faster than the second order masking scheme and was seven times faster than the third order masking scheme reported in the literature. The results that we achieved through applying SIMD technology make our proposed technique practical and attractive.

An efficient high-order masking of AES using SIMD

This paper presents an efficient technique to speed up the higher-order masking algorithm for AES using single instruction multiple data (SIMD) instructions. In this paper, several countermeasures are combined to mitigate more than one type of side channel attacks (SCA). Furthermore, we enhanced the performance by applying higher-order masking and removing the use of any lookup tables using SIMD instructions. We implemented the proposed scheme on a Linux machine with an Intel processor that supports SSSE3 instructions. The proposed method performed six times faster than the second order and was five times faster than the third order masking scheme in the literature. The speed of our implementation makes it more practical and hence attractive.