A Flexible and Lightweight ECC-Based Authentication Solution for Resource Constrained Systems

RFID-based and NFC-based applications can be found, apart from others, in security critical application fields, such as payment or access control. For this purpose, Elliptic-Curve Cryptography (ECC) is commonly used hardware integrated in resource constrained applications in order to provide authenticity and data integrity. On the one hand, specialized crypto hardware approaches provide good performance and consume low power. On the other hand, they often lack flexibility, caused, for example, by hardware integrated protocols and cryptographic parameters. Here we present a flexible and lightweight ECC-based authentication solution that takes into account resource constrained systems. This technique permits to shift parts of the computational intense ECC calculations from the resource constrained device to the authentication terminal. By employing a security controller with a small multi-purpose hardware acceleration core, high computation speed is achieved and a maximum level of flexibility is maintained at the same time. We demonstrate the feasible implementation of the proposed technique by means of an Android-based reader / smart card system, which represent a prime example of contemporary power-constrained and performance-constrained embedded systems. An ECC-based authentication can be carried out on average within 25 ms and checked against a back-end server within 66 ms in a secured manner. Thus, a secured and flexible one-way authentication system is given that shows high performance. This solution can be utilized in a wide variety of application fields, such as anti-counterfeiting, where flexibility and low chip prices are essential.

[1]  Erich Wenger,et al.  An 8-bit AVR-Based Elliptic Curve Cryptographic RISC Processor for the Internet of Things , 2012, 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops.

[2]  Sheikh Iqbal Ahamed,et al.  ERAP: ECC Based RFID Authentication Protocol , 2008, 2008 12th IEEE International Workshop on Future Trends of Distributed Computing Systems.

[3]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[4]  Christian Steger,et al.  A secure zero-energy NFC solution for everyday electronic devices , 2013, Elektrotech. Informationstechnik.

[5]  Martin Feldhofer,et al.  Security-Enabled Near-Field Communication Tag With Flexible Architecture Supporting Asymmetric Cryptography , 2013, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[6]  Holger Bock,et al.  A Low-Cost ECC Coprocessor for Smartcards , 2004, CHES.

[7]  Thomas Unterluggauer,et al.  8/16/32 Shades of Elliptic Curve Cryptography on Embedded Processors , 2013, INDOCRYPT.

[8]  Sándor Imre,et al.  Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems - performance analysis by simulations , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[9]  Christian Steger,et al.  Emulation-Based Fault Effect Analysis for Resource Constrained, Secure, and Dependable Systems , 2013, 2013 Euromicro Conference on Digital System Design.

[10]  Norbert Felber,et al.  ECC Is Ready for RFID - A Proof in Silicon , 2008, Selected Areas in Cryptography.

[11]  Erwin Hess,et al.  Using Elliptic Curves on RFID Tags , 2008 .

[12]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[13]  Tim Kerins,et al.  Public-Key Cryptography for RFID-Tags , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[14]  Christof Paar,et al.  Efficient Software-Implementation of Finite Fields with Applications to Cryptography , 2006 .

[15]  Christian Steger,et al.  Hardware/software co-design of elliptic-curve cryptography for resource-constrained applications , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[16]  Holger Bock,et al.  A Milestone Towards RFID Products Offering Asymmetric Authentication Based on Elliptic Curve Cryptography , 2008 .

[17]  Hamad Alrimeih,et al.  Fast and Flexible Hardware Support for ECC Over Multiple Standard Prime Fields , 2014, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.