Cryptography for next generation TLS: Implementing the RFC 7748 elliptic Curve448 cryptosystem in hardware

With RFC 7748 the two elliptic curves Curve25519 and Curve448 were proposed for the next generation of TLS. Both curves were designed and optimized purely for software implementation; their implementation in hardware or physical protection against side-channel attacks were not considered in the design phase. Recently, it has been shown that for Curve25519 an efficient implementations in hardware along with side-channel protection is feasible - yet results for the high-security Curve448 are missing. In this work we demonstrate that Curve448 can indeed be efficiently and securely implemented in hardware. We present a novel architecture for Curve448 that can compute more than 1000 point multiplications per second with 1580 logic slices and 33 DSP units of a Xilinx XC7Z020 FPGA.

[1]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[2]  Tim Güneysu,et al.  Efficient Elliptic-Curve Cryptography Using Curve25519 on Reconfigurable Devices , 2014, ARC.

[3]  Joos Vandewalle,et al.  Hardware implementation of an elliptic curve processor over GF(p) , 2003, Proceedings IEEE International Conference on Application-Specific Systems, Architectures, and Processors. ASAP 2003.

[4]  Michael Hamburg,et al.  Ed448-Goldilocks, a new elliptic curve , 2015, IACR Cryptol. ePrint Arch..

[5]  Tim Güneysu,et al.  Implementing Curve25519 for Side-Channel--Protected Elliptic Curve Cryptography , 2015, ACM Trans. Reconfigurable Technol. Syst..

[6]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[7]  Christof Paar,et al.  A Scalable GF(p) Elliptic Curve Processor Architecture for Programmable Hardware , 2001, CHES.

[8]  Reza Azarderakhsh,et al.  Four ℚ on FPGA: New Hardware Speed Records for Elliptic Curve Cryptography over Large Prime Characteristic Fields , 2016, CHES.

[9]  Tim Güneysu,et al.  Ultra High Performance ECC over NIST Primes on Commercial FPGAs , 2008, CHES.

[10]  Jean-Jacques Quisquater,et al.  High-speed hardware implementations of Elliptic Curve Cryptography: A survey , 2007, J. Syst. Archit..

[11]  Shirley M. Radack Updated Digital Signature Standard Approved as Federal Information Processing Standard (FIPS)186-3 | NIST , 2009 .

[12]  Johannes Merkle,et al.  Elliptic Curve Cryptography (ecc) Brainpool Standard Curves and Curve Generation , 2010 .

[13]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[14]  W. Schindler Efficient Side-Channel Attacks on Scalar Blinding on Elliptic Curves with Special Structure , 2015 .

[15]  Patrick Schaumont,et al.  State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).