A Cryptographic Processor for Low-Resource Devices: Canning ECDSA and AES Like Sardines

The Elliptic Curve Digital Signature Algorithm (ECDSA) and the Advanced Encryption Standard (AES) are two of the most popular cryptographic algorithms used worldwide. In this paper, we present a hardware implementation of a low-resource cryptographic processor that provides both digital signature generation using ECDSA and encryption/ decryption services using AES. The implementation of ECDSA is based on the recommended Fp192 NIST elliptic curve and AES uses 128-bit keys. In order to meet the low-area requirements, we based our design on a sophisticated hardware architecture where a 16-bit datapath gets heavily reused by all algorithms and the memory is implemented as a dedicated RAM macro. The proposed processor has a total chip area of 21 502 GEs where AES needs only 2 387 GEs and SHA-1 requires 889 GEs.

[1]  Jean-Jacques Quisquater,et al.  Montgomery Exponentiation with no Final Subtractions: Improved Results , 2000, CHES.

[2]  Nevine Maurice Ebeid,et al.  Securing the Elliptic Curve Montgomery Ladder against Fault Attacks , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[3]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[4]  Gene Tsudik,et al.  Security and Privacy in Ad-hoc and Sensor Networks, Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005, Revised Selected Papers , 2005, ESAS.

[5]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[6]  Norbert Felber,et al.  ECC Is Ready for RFID - A Proof in Silicon , 2008, Selected Areas in Cryptography.

[7]  Norbert Felber,et al.  Low-Resource Hardware Design of an Elliptic Curve Processor for Contactless Devices , 2010, WISA.

[8]  Akashi Satoh,et al.  A Scalable Dual-Field Elliptic Curve Cryptographic Processor , 2003, IEEE Trans. Computers.

[9]  Martin Feldhofer,et al.  An ECDSA pocessor for RFID athentication , 2010, RFIDSec 2010.

[10]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[11]  Jens-Peter E Kaps,et al.  Cryptography for Ultra-Low Power Devices , 2006 .

[12]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[13]  Masakatsu Nishigaki,et al.  Advances in Information and Computer Security - 6th International Workshop, IWSEC 2011, Tokyo, Japan, November 8-10, 2011. Proceedings , 2011, IWSEC.

[14]  J. Solinas CORR 99-39 Generalized Mersenne Numbers , 1999 .

[15]  P. Kocher,et al.  Differential power analysis, advances in cryptology-CRYPTO'99 , 1999 .

[16]  Nicolas Meloni,et al.  Fast and Secure Elliptic Curve Scalar Multiplication Over Prime Fields Using Special Addition Chains , 2006, IACR Cryptol. ePrint Arch..

[17]  Martin Feldhofer,et al.  An ECDSA Processor for RFID Authentication , 2010, RFIDSec.

[18]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[19]  Jaecheol Ryou,et al.  Low Power AES Hardware Architecture for Radio Frequency Identification , 2006, IWSEC.

[20]  Alfred Menezes,et al.  Progress in Cryptology — INDOCRYPT 2002 , 2002, Lecture Notes in Computer Science.

[21]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[22]  Ingrid Verbauwhede,et al.  Elliptic-Curve-Based Security Processor for RFID , 2008, IEEE Transactions on Computers.

[23]  Ingrid Verbauwhede,et al.  Low-Cost Elliptic Curve Cryptography for Wireless Sensor Networks , 2006, ESAS.

[24]  Marc Joye,et al.  The Montgomery Powering Ladder , 2002, CHES.

[25]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[26]  Johannes Wolkerstorfer,et al.  ECC Processor with Low Die Size for RFID Applications , 2007, 2007 IEEE International Symposium on Circuits and Systems.

[27]  Yupu Hu,et al.  A FAST AND SECURE ELLIPTIC CURVE SCALAR MULTIPLICATION ALGORITHM OVER GF(pm) , 2009 .

[28]  Burton S. Kaliski,et al.  The Montgomery Inverse and Its Applications , 1995, IEEE Trans. Computers.

[29]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[30]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[31]  Ors Yalcin,et al.  Radio Frequency Identification: Security and Privacy Issues - 6th International Workshop, RFIDSec 2010, Istanbul, Turkey, June 8-9, 2010, Revised Selected Papers , 2010, RFIDSec.

[32]  Christof Paar,et al.  Are standards compliant Elliptic Curve Cryptosystems feasible on RFID ? , 2006 .

[33]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[34]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[35]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[36]  Panu Hämäläinen,et al.  Design and Implementation of Low-Area and Low-Power AES Encryption Hardware Core , 2006, 9th EUROMICRO Conference on Digital System Design (DSD'06).

[37]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.