DOI QR코드

DOI QR Code

Compact implementations of Curve Ed448 on low-end IoT platforms

  • Seo, Hwajeong (Division of IT Convergence Engineering, Hansung University)
  • Received : 2018.08.12
  • Accepted : 2019.03.12
  • Published : 2019.12.06

Abstract

Elliptic curve cryptography is a relatively lightweight public-key cryptography method for key generation and digital signature verification. Some lightweight curves (eg, Curve25519 and Curve Ed448) have been adopted by upcoming Transport Layer Security 1.3 (TLS 1.3) to replace the standardized NIST curves. However, the efficient implementation of Curve Ed448 on Internet of Things (IoT) devices remains underexplored. This study is focused on the optimization of the Curve Ed448 implementation on low-end IoT processors (ie, 8-bit AVR and 16-bit MSP processors). In particular, the three-level and two-level subtractive Karatsuba algorithms are adopted for multi-precision multiplication on AVR and MSP processors, respectively, and two-level Karatsuba routines are employed for multi-precision squaring. For modular reduction and finite field inversion, fast reduction and Fermat-based inversion operations are used to mitigate side-channel vulnerabilities. The scalar multiplication operation using the Montgomery ladder algorithm requires only 103 and 73 M clock cycles on AVR and MSP processors.

Keywords

References

  1. L. O. Wallin and T. Zimmerman, Strategic Roadmap for IoT Network Technology, 2017, available at: https://www.gartner.com/doc/3587517/-strategic-roadmap-iot-network.
  2. N. Gura et al., Comparing elliptic curve cryptography and RSA on 8-bit CPUs, in Int. Workshop Cryptographic Hardw. Embedded Syst., Cambridge, MA, USA, Aug. 2004, pp. 119-132.
  3. D. J. Bernstein, Curve25519: new Diffie-Hellman speed records, in Int. workshop Public Key Cryptography, New York, USA, Apr. 2006, pp. 207-228.
  4. M. Hamburg, Ed448-Goldilocks, a new elliptic curve, Cryptology ePrint Archive: Report 2015/625, 2015.
  5. M. Hutter and E. Wenger, Fast multi-precision multiplication for public-key cryptography on embedded microprocessors, in Int. Workwhop Crytographic Hardw. Embedded Syst., Nara, Japan, 2011, pp. 459-474.
  6. Z. Liu et al., Reverse product-scanning multiplication and squaring on 8-bit AVR processors, in Int. Conf. Inform. Commun. Security, Hong Kong, China, Dec. 2014, pp. 158-175.
  7. Z. Liu, E. Wenger, and J. Grossschadl, MoTE-ECC: Energy-scalable elliptic curve cryptography for wireless sensor networks, in Int. Conf. Appl. Cryptography Netw. Security., Lausanne, Switzerland, June 2014, pp. 361-379.
  8. E. Rescorla et al., The Transport Layer Security (TLS) Protocol Version 1.3., 2017, available at https://tools.ietf.org/html/draft-ietf-tls-tls13-21.
  9. H. Edwards, A normal form for elliptic curves, Bull. Amer. Math. Soc. 44 (2007), no. 3, 393-422. https://doi.org/10.1090/S0273-0979-07-01153-6
  10. D. J. Bernstein et al., High-speed high-security signatures. J. Crypto. Eng. 2 (2012), no. 2, 77-89. https://doi.org/10.1007/s13389-012-0027-1
  11. Z. Liu et al., On emerging family of elliptic curves to secure internet of things: ECC comes of age, IEEE Trans. Dependable Secure Comput. 14 (2017), no. 3, 237-248. https://doi.org/10.1109/TDSC.2016.2577022
  12. D. J. Bernstein et al., SafeCurves: choosing safe curves for elliptic-curve cryptography, 2013, available at: http://safecurves.cr.yp.to.
  13. A. J. Menezes, P. C. Van Oorschot, and S. A. Vanstone, Handbook of applied cryptography, CRC press, Boca Raton, FL, USA, 1996.
  14. P. G. Comba, Exponentiation cryptosystems on the IBM PC, IBM Syst. J. 29 (1990), no. 2, 526-538. https://doi.org/10.1147/sj.294.0526
  15. P. L. Gouvea and J. Lopez, Software implementation of pairingbased cryptography on sensor networks using the MSP430 microcontroller, in Int. Conf. Cryptology India New Delhi, India, Dec. 2009, pp. 248-262.
  16. Z. Liu et al., Efficient implementation of ECDH key exchange for MSP430-based wireless sensor networks, in Proc. ACM Symp. Inform., Comput. Commun. Security, Singapore, 2015, pp. 145-153.
  17. L. Qiu et al., Implementing RSA for sensor nodes in smart cities, Pers. Ubiquit. Comput. 21 (2017), no. 5, 807-813. https://doi.org/10.1007/s00779-017-1044-y
  18. H. Seo and H. Kim, Multi-precision multiplication for public-key cryptography on embedded microprocessors, in Int. Workshop Inform. Security Applicat., Nara, Japan, 2012, pp. 55-67.
  19. H. Seo and H. Kim, Optimized multi-precision multiplication for public-key cryptography on embedded microprocessors, Inter. J. Comput. Commun. Eng. 2 (2013), no. 3, 255-259.
  20. M. Dull et al., High-speed Curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers, Des. Codes Crypt. 77 (2015), no. 2-3, 493-514. https://doi.org/10.1007/s10623-015-0087-1
  21. M. Hutter and P. Schwabe, Multiprecision multiplication on AVR revisited, J. Crypto. Eng. 5 (2015), no. 3, 201-214. https://doi.org/10.1007/s13389-015-0093-2
  22. H. Seo et al., Hybrid Montgomery reduction, ACM Trans. Emb. Comput. Syst. 15 (2016), no. 3, Article no. 58.
  23. H. Seo et al., Multi-precision squaring for public-key cryptography on embedded microprocessors, in Int. Conf. Cryptology in India, Munbai, India, 2013, pp. 227-243.
  24. P. L. Montgomery, Speeding the Pollard and elliptic curve methods of factorization, Math. Comp. 48 (1987), no. 177, 243-264. https://doi.org/10.1090/S0025-5718-1987-0866113-7
  25. G. Hinterwalder et al., Full-size high-security ECC implementation on MSP430 microcontrollers, in Int. Conf. Cryptology Inform. Security Latin America, Florianopolis, Brazil, 2014, pp. 31-47.
  26. E. Wenger, T. Unterluggauer, and M. Werner, 8/16/32 shades of elliptic curve cryptography on embedded processors. in Int. Conf. Cryptology India, Mumbai, India, 2013, pp. 244-261.

Cited by

  1. Fast Number Theoretic Transform for Ring-LWE on 8-bit AVR Embedded Processor vol.20, pp.7, 2019, https://doi.org/10.3390/s20072039
  2. Montgomery Multiplication for Public Key Cryptography on MSP430X vol.19, pp.3, 2020, https://doi.org/10.1145/3387919