Fast and Flexible Hardware Support for ECC Over Multiple Standard Prime Fields

Elliptic curve cryptography (ECC) is widely used as an efficient mechanism to secure private data using public-key protocols. We focus on ECC over five standard prime fields recommended by the National Institute of Standard and Technology (with the corresponding prime sizes of 192, 224, 256, 384, and 521 bits) and propose a novel hardware processor that enables flexible security-performance tradeoffs. To enhance performance, our processor exploits parallelism by pipelining modular arithmetic computations and associated input/output data transfers. To enhance security, modular arithmetic computations and associated data transfers are grouped into atomically executed computational blocks. The flexibility of our processor is achieved through the software-controlled hardware programmability, which allows for different scenarios of computing atomic block sequences. A Xilinx Virtex-6 FPGA implementation of the proposed hardware architecture takes between 0.30 ms (192-bit ECC) and 3.91 ms (521-bit ECC) to perform a typical scalar multiplication, which demonstrates both flexibility and efficiency of our processor.

[1]  A. P. Chandrakasan,et al.  An energy-efficient reconfigurable public-key cryptography processor , 2001, IEEE J. Solid State Circuits.

[2]  Kiamal Z. Pekmestzi,et al.  An Elliptic Curve Cryptosystem Design Based on FPGA Pipeline Folding , 2007, 13th IEEE International On-Line Testing Symposium (IOLTS 2007).

[3]  Dipanwita Roy Chowdhury,et al.  Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks , 2009, Comput. Electr. Eng..

[4]  Ingrid Verbauwhede,et al.  A Side-channel Attack Resistant Programmable PKC Coprocessor for Embedded Applications , 2007, 2007 International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation.

[5]  Ingrid Verbauwhede,et al.  Elliptic curve cryptography on embedded multicore systems , 2008, Des. Autom. Embed. Syst..

[6]  Wayne Luk,et al.  Customizable elliptic curve cryptosystems , 2005, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[7]  Patrick Schaumont,et al.  Programmable and Parallel ECC Coprocessor Architecture: Tradeoffs between Area, Speed and Security , 2009, CHES.

[8]  M. McLoone,et al.  Hardware Elliptic Curve Cryptographic Processor Over , 2006 .

[9]  Ingrid Verbauwhede,et al.  An Updated Survey on Secure ECC Implementations: Attacks, Countermeasures and Cost , 2012, Cryptography and Security.

[10]  Yusuf Leblebici,et al.  Efficient and side-channel-aware implementations of elliptic curve cryptosystems over prime fields , 2010, IET Inf. Secur..

[11]  Gang Chen,et al.  A High-Performance Elliptic Curve Cryptographic Processor for General Curves Over ${\rm GF}(p)$ Based on a Systolic Arithmetic Unit , 2007, IEEE Transactions on Circuits and Systems II: Express Briefs.

[12]  William P. Marnane,et al.  Co-\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$Z$$\end{document} ECC scalar multiplications for hardware, software , 2012, Journal of Cryptographic Engineering.

[13]  Hsie-Chia Chang,et al.  A high-performance elliptic curve cryptographic processor over GF(p) with SPA resistance , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[14]  Tim Güneysu,et al.  Ultra High Performance ECC over NIST Primes on Commercial FPGAs , 2008, CHES.

[15]  Thanos Stouraitis,et al.  An RNS Implementation of an $F_{p}$ Elliptic Curve Point Multiplier , 2009, IEEE Transactions on Circuits and Systems I: Regular Papers.

[16]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[17]  Tim Güneysu,et al.  MicroECC: A Lightweight Reconfigurable Elliptic Curve Crypto-processor , 2011, 2011 International Conference on Reconfigurable Computing and FPGAs.

[18]  Ingrid Verbauwhede,et al.  A compact FPGA-based architecture for elliptic curve cryptography over prime fields , 2010, ASAP 2010 - 21st IEEE International Conference on Application-specific Systems, Architectures and Processors.

[19]  Christof Paar,et al.  A Scalable GF(p) Elliptic Curve Processor Architecture for Programmable Hardware , 2001, CHES.

[20]  Debdeep Mukhopadhyay,et al.  Petrel: Power and Timing Attack Resistant Elliptic Curve Scalar Multiplier Based on Programmable ${\rm GF}(p)$ Arithmetic Unit , 2011, IEEE Transactions on Circuits and Systems I: Regular Papers.

[21]  Hamad Alrimeih Fast and Flexible Hardware Support for Elliptic Curve Cryptography over Multiple Standard Prime Finite Fields , 2012 .

[22]  Kendall Ananyi,et al.  Flexible Hardware Processor for Elliptic Curve Cryptography Over NIST Prime Fields , 2009, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[23]  Akashi Satoh,et al.  A Scalable Dual-Field Elliptic Curve Cryptographic Processor , 2003, IEEE Trans. Computers.

[24]  Ingrid Verbauwhede,et al.  A Parallel Processing Hardware Architecture for Elliptic Curve Cryptosystems , 2006, 2006 IEEE International Conference on Acoustics Speech and Signal Processing Proceedings.

[25]  Simon Y. Foo,et al.  Cellular automata PRNG: maximal performance and minimal space FPGA implementations , 2003 .

[26]  Chih-Tsun Huang,et al.  Elixir: High-Throughput Cost-Effective Dual-Field Processors and the Design Framework for Elliptic Curve Cryptography , 2008, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[27]  Adnan Abdul-Aziz Gutub,et al.  Efficient FPGA Implementation of a Programmable Architecture for GF(p) Elliptic Curve Crypto Computations , 2010, J. Signal Process. Syst..

[28]  Ingrid Verbauwhede,et al.  Multicore Curve-Based Cryptoprocessor with Reconfigurable Modular Arithmetic Logic Units over GF(2^n) , 2007, IEEE Transactions on Computers.

[29]  Nicolas Guillermin A High Speed Coprocessor for Elliptic Curve Scalar Multiplications over \mathbbFp\mathbb{F}_p , 2010, CHES.

[30]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[31]  Ingrid Verbauwhede,et al.  Reconfigurable Modular Arithmetic Logic Unit for High-Performance Public-Key Cryptosystems , 2006, ARC.