Energy-Efficient Word-Serial Processor for Field Multiplication and Squaring Suitable for Lightweight Authentication Schemes in RFID-Based IoT Applications

Radio-Frequency Identification (RFID) technology is a crucial technology used in many IoT applications such as healthcare, asset tracking, logistics, supply chain management, assembly, manufacturing, and payment systems. Nonetheless, RFID-based IoT applications have many security and privacy issues restricting their use on a large scale. Many authors have proposed lightweight RFID authentication schemes based on Elliptic Curve Cryptography (ECC) with a low-cost implementation to solve these issues. Finite-field multiplication are at the heart of these schemes, and their implementation significantly affects the system’s overall performance. This article presents a formal methodology for developing a word-based serial-in/serial-out semisystolic processor that shares hardware resources for multiplication and squaring operations in GF(2n). The processor concurrently executes both operations and hence reduces the execution time. Furthermore, sharing the hardware resources provides savings in the area and consumed energy. The acquired implementation results for the field size n=409 indicate that the proposed structure achieves a significant reduction in the area–time product and consumed energy over the previously published designs by at least 32.3% and 70%, respectively. The achieved results make the proposed design more suitable to realize cryptographic primitives in resource-constrained RFID devices.

Word-Based Systolic Processor for Field Multiplication and Squaring Suitable for Cryptographic Processors in Resource-Constrained IoT Systems

Internet of things (IoT) technology provides practical solutions for a wide range of applications, including but not limited to, smart homes, smart cities, intelligent grid, intelligent transportation, and healthcare. Security and privacy issues in IoT are considered significant challenges that prohibit its utilization in most of these applications, especially relative to healthcare applications. Cryptographic protocols should be applied at the different layers of IoT framework, especially edge devices, to solve all security concerns. Finite-field arithmetic, particularly field multiplication and squaring, represents the core of most cryptographic protocols and their implementation primarily affects protocol performance. In this paper, we present a compact and combined two-dimensional word-based serial-in/serial-out systolic processor for field multiplication and squaring over GF(2m). The proposed structure features design flexibility to manage hardware utilization, execution time, and consumed energy. Application Specific Integrated Circuit (ASIC) Implementation results of the proposed word-serial design and the competitive ones at different embedded word-sizes show that the proposed structure realizes considerable saving in the area and consumed energy, up to 93.7% and 98.2%, respectively. The obtained results enable the implementation of restricted cryptographic primitives in resource-constrained IoT edge devices such as wearable and implantable medical devices, smart cards, and wireless sensor nodes.

Evaluation of the efficiency of differential addition of points of curves in the generalized Edwards form

A survey of the main properties of three classes of curves in the generalized Edwards form is given: complete, quadratic and twisted Edwards curves. The analysis of the Montgomery algorithm for differential addition of points for the Montgomery curve is carried out. An estimation of the record low cost of computing the scalar product kP of a point P is given, which is equal to 5M+4S+1U on one step of the iterative cycle (M is the cost of finite field multiplication, S is the cost of squaring, U is the cost of field multiplication by a known constant). A detailed derivation of the formulas for addition-subtraction and doubling points for the curve in the generalized Edwards form in projective coordinates of Farashahi-Hosseini is carried out. Moving from three-dimensional projective coordinates (X: Y: Z) to two-dimensional coordinates (W: Z) allows achieving the same minimum computational cost for the Edwards curves as for the Montgomery curve. Aspects of the choice of an Edwards-form curve acceptable for cryptography and its parameters optimization in the problem of differential addition of points are discussed. Twisted Edwards curves with the order of NE=4n (n is prime) at p≡5mod8 are recommended, minimizing the parameters a and d allows achieving the minimum cost estimation 5M+4S for one step of computing the point product. It is shown that the transition from the Weierstrass curves (the form used in modern cryptographic standards) to the Edwards curves makes it possible to obtain a potential gain in the speed of computing the scalar product of the point by a factor of 3.09.

EFFICIENT OPERATIONS IN LARGE FINITE FIELDS FOR ELLIPTIC CURVE CRYPTOGRAPHIC

An efficient method to compute the finite field multiplication for Elliptic Curve point multiplication at high speed encryption of the message is presented. The methods of the operations are based on dynamic lookup table and modified Horner rule method. The modified Horner rule method is not only to finite field operations but also to Elliptic curve scalar multiplication in the encryption and decryption. By comparison with using Russian Peasant method and in the new proposed method, one of the advantages of utilizing the proposed algorithm is that in the Elliptic Curve point addition are reduced by a factor of three in GF (2163). Therefore, using the Algorithm 1 running on Intel CPU, computation cost of the multiplication method is above 70% faster than using standard multiplication by Russian Peasant method. Ultimately, the proposed Algorithm 1 for evaluating multiplication can be made regular, simple and suitable for software implementations.

Highly Efficient SCA-Resistant Binary Field Multiplication on 8-Bit AVR Microcontrollers

Binary field ( B F ) multiplication is a basic and important operation for widely used crypto algorithms such as the GHASH function of GCM (Galois/Counter Mode) mode and NIST-compliant binary Elliptic Curve Cryptosystems (ECCs). Recently, Seo et al. proposed a novel SCA-resistant binary field multiplication method in the context of GHASH optimization in AES GCM mode on 8-bit AVR microcontrollers (MCUs). They proposed a concept of Dummy XOR operation with a kind of garbage registers and a concept of instruction level atomicity ( I L A ) for resistance against Timing Analysis (TA) and Simple Power Analysis (SPA) and used a Karatsuba Block-Comb multiplication approach for efficiency. Even though their method achieved a large performance improvement compared with previous works, it still has room for improvement on the 8-bit AVR platform. In this paper, we propose a more improved binary field multiplication method on 8-bit AVR MCUs. Our method basically adopts a Dummy XOR technique using a set of garbage registers for TA and SPA security; however, we save the number of used garbage registers from eight to one by using the fact that the number of used garbage registers does not affect TA and SPA security. In addition, we apply a multiplier encoding approach so as to decrease the number of required registers when accessing the multiplier, which enables the use of extended block size in the Karatsuba Block-Comb multiplication technique. Actually, the proposed technique extends the block size from four to eight and the proposed binary field multiplication method can compute a 128-bit B F multiplication with only 3816 clock cycles ( c c ) (resp. 3490 c c ) with (resp. without) the multiplier encoding process, which is almost a 32.8% (resp. 38.5%) improvement compared with 5675 c c of the best previous work. We apply the proposed technique to the GHASH function of the GCM mode with several additional optimization techniques. The proposed GHASH implementation provides improved performance by over 42% compared with the previous best result. The concept of the proposed B F method can be extended to other MCUs, including 16-bit MSP430 MCUs and 32-bit ARM MCUs.

Elliptic Curve Cryptography for Wireless Sensor Networks Using the Number Theoretic Transform

We implement elliptic curve cryptography on the MSP430 which is a commonly used microcontroller in wireless sensor network nodes. We use the number theoretic transform to perform finite field multiplication and squaring as required in elliptic curve scalar point multiplication. We take advantage of the fast Fourier transform for the first time in the literature to speed up the number theoretic transform for an efficient realization of elliptic curve cryptography. Our implementation achieves elliptic curve scalar point multiplication in only 0.65 s and 1.31 s for multiplication of fixed and random points, respectively, and has similar or better timing performance compared to previous works in the literature.