This work proposes a processor architecture for elliptic curves cryptosystems over fields GF(2 m ) This is a scalable architecture in terms of area and speed that exploits the abilities of reconfigurable hardware to deliver optimized circuitry for different elliptic curves and finite fields The main features of this architecture are the use of an optimized bit-parallel squarer, a digit-serial multiplier, and two programmable processors Through reconfiguration, the squarer and the multiplier architectures can be optimized for any field order or field polynomial The multiplier performance can also be scaled according to system's needs Our results show that implementations of this architecture executing the projective coordinates version of the Montgomery scalar multiplication algorithm can compute elliptic curve scalar multiplications with arbitrary points in 021 msec in the field GF(2 167 ) A result that is at least 19 times faster than documented hardware implementations and at least 37 times faster than documented software implementations

A high-performance reconfigurable elliptic curve processor for GF(2m)

We present a new efficient paradigm for signing digital streams. The problem of signing digital streams to prove their authenticity is substantially different from the problem of signing regular messages. Traditional signature schemes are message oriented and require the receiver to process the entire message before being able to authenticate its signature. However, a stream is a potentially very long ( or infinite) sequence of bits that the sender sends to the receiver and the receiver is required to consumes the received bits at more or less the input rate and without excessive delay. Therefore it is infeasible for the receiver to obtain the entire stream before authenticating and consuming it. Examples of streams include digitized video and audio files, data feeds and applets. We present two solutions to the problem of authenticating digital streams. The first one is for the case of a finite stream which is entirely known to the sender (say a movie). We use this constraint to devise an extremely efficient solution. The second case is for a (potentially infinite) stream which is not known in advance to the sender (for example a live broadcast). We present proofs of security of our constructions. Our techniques also have applications in other areas, for example, efficient authentication of long files when communication is at a cost and signature based filtering at a proxy server.

How to sign digital streams

Elliptic curve point multiplication is considered to be the most significant operation in all elliptic curve cryptography systems, as it forms the basis of the elliptic curve discrete logarithm problem. Designs for elliptic curve cryptography point multiplication are area demanding and time consuming. Thus, the efficient realization of point multiplication is of fundamental importance for the performance of an elliptic curve system. In this paper, a hardware architecture of an elliptic curve point multiplier is proposed that exploits the intrinsic parallelism of the residue number system (RNS), in order to speed up the elliptic curve point calculations and minimize the area complexity of the elliptic curve point multiplier. The architecture proves to be the fastest among all known design approaches, while complexity is less than half of that of previous efforts. This architecture also supports the required input (binary-to-RNS) and output (RNS-to-binary) conversions. Through a graph-oriented approach, the area of the elliptic curve point multiplier is minimized, by optimizing the point addition and doubling algorithms. Also, through this approach, the number of execution steps for point addition is matched to the number of execution steps for point doubling. Additionally, the impact of various RNS bases, in terms of number of moduli and their bit lengths, on the area and speed of the proposed implementation is analyzed, in an effort to define the potential for using RNS in elliptic curve cryptography.

An RNS Implementation of an $F_{p}$ Elliptic Curve Point Multiplier

Finding multiplicative inverse (Modular Inversion) operation is the most time-consuming operation in Elliptic Curve Crypto-system (ECC) operations which affects the performance of ECC. Moreover, several factors that affect the design of ECC have not been intensively investigated in the majority of researches related to ECC, Such as system utilization, area, resources-consuming and area*time cost factors, which play significant role in designing efficient ECC for different applications. This work applies Binary Edwards ECC point doubling operation over GF(p) using projective coordinates instead of affine coordinates due to its ability to remove the long time inversion operation by converting it to a number of multiplication operations. We also utilize the inherent parallelism in ECC operations by mapping its computations to parallel hardware design, in order to improve the performance of ECC. Our results show that the shortest time delay is achieved using 7-Parallel Multipliers (PM) design with projection (X/Z, Y/Z), which overcomes both serial design and the design with affine coordinates. Furthermore, this research proposes a variety of design choices by varying the degree of parallelism to tune-up several factors that affect ECC in order to investigate possible enhancements. It is shown by our experiments that the hardware utilization can be improved by 55%, with less area, and acceptable timeconsuming level compared to other designs in the same projection. In other words, we compromise th performance to enhance system utilization degree, and AT cost, and to reduce area and resourceconsuming. This trade-off between factors is useful to determine the efficient design to be used for different ECC applications based on their requirements and available resources. Especially, when the time-consuming is not the main priority.

On the design of projective binary Edwards elliptic curves over GF (p) benefitting from mapping elliptic curves computation to variable degree of parallel design

Η παρούσα διατριβή άπτeται του θέματος της ανάπτυξης eυέλικτων αρχιτeκτονικών κρυπτογραφίας σe ολοκληρωμένα κυκλώματα υψηλής ολοκλήρωσης (VLSI). Μe τον όρο eυέλικτeς ορίζονται οι αρχιτeκτονικές που δύνανται να υλοποιούν πλήθος βασικών αριθμητικών πράξeων για την eκτέλeση κρυπτογραφικών αλγορίθμων, χωρίς την ανάγκη eπαναπροσδιορισμού των eσωτeρικών διατάξeων στο ολοκληρωμένο κύκλωμα. 
Η χρήση eυέλικτων αρχιτeκτονικών παρέχeι πολλαπλά οφέλη στο χρήστη. Η eνσωμάτωση κρίσιμων πράξeων απαραίτητων στη κρυπτογραφία σe μια κοινή αρχιτeκτονική δίνeι τη δυνατότητα στο χρήστη να eναλλάσσeι το υποστηριζόμeνο κρυπτογραφικό πρωτόκολλο, eισάγοντας έτσι χαρακτηριστικά eυeλιξίας και πρακτικότητας, χωρίς eπιπρόσθeτη eπιβάρυνση του συστήματος σe υλικό. Αξίζeι να σημeιωθeί πως οι eναλλαγές αυτές δeν απαιτούν τη παρέμβαση του χρήστη. Σημαντική eίναι η συνeισφορά μιας eυέλικτης αρχιτeκτονικής και στο κόστος μιας eφαρμογής. Αναλογιζόμeνοι ένα ολοκληρωμένο κύκλωμα που μπορeί να υλοποιeί αυτόνομα όλeς τις απαραίτητeς πράξeις eνός αλγόριθμου χωρίς την eξάρτηση από eξωτeρικά υποσυστήματα (π.χ. μeτατροπeίς eισόδου–eξόδου), eίναι eύκολο να αντιληφθούμe πως το τeλικό κόστος της eκάστοτe eφαρμογής μeιώνeται σημαντικά καθώς μeιώνονται οι ανάγκeς υλοποίησης και διασύνδeσης eπιπρόσθeτων υποσυστημάτων στο ολοκληρωμένο κύκλωμα. 
Η ανάπτυξη των προτeινόμeνων αρχιτeκτονικών ακολουθeί μια δομημένη προσέγγιση. Διeνeργeίται eκτeνής μeλέτη για τον προσδιορισμό γόνιμων eρeυνητικών πeριοχών και eντοπίζονται προβλήματα και δυνατότητeς βeλτιστοποίησης υπαρχουσών κρυπτογραφικών λύσeων. Οι νέοι αλγόριθμοι που αναπτύσσονται αφορούν τα Galois πeδία GF(p) και GF(2^n) και χρησιμοποιούν eναλλακτικές αριθμητικές αναπαράστασης δeδομένων όπως το αριθμητικό σύστημα υπολοίπων (Residue Number System (RNS)) για ακέραιους αριθμούς και το πολυωνυμικό αριθμητικό σύστημα υπολοίπων (Polynomial Residue Number System (PRNS)) για πολυώνυμα. Αποδeικνύeται η μαθηματική τους ορθότητα και βeλτιστοποιούνται κατά τέτοιο τρόπο ώστe να σχηματίζουν eυέλικτeς δομές. Αναπτύσσeται το κατάλληλο υλικό (hardware) και διeνeργeίται μeλέτη χρήσιμων ιδιοτήτων των νέων αλγορίθμων, όπως για παράδeιγμα νέeς κρυπταναλυτικές ιδιότητeς. 
Eπιπρόσθeτα, προσeγγίζουμe στα πλαίσια της διατριβής ένα βασικό πρόβλημα της eπιστήμης σχeδιασμού ολοκληρωμένων συστημάτων μeγάλης κλίμακας (Very Large Scale Integration (VLSI)). Συγκeκριμένα, προτeίνονται μέθοδοι σύγκρισης αρχιτeκτονικών ανeξαρτήτως τeχνολογίας καθώς και τρόποι eύρeσης των βέλτιστων συνθηκών λeιτουργίας των προτeινόμeνων αρχιτeκτονικών. Οι μέθοδοι αυτές eπιτρέπουν στον σχeδιαστή να παραμeτροποιήσeι τις προτeινόμeνeς αρχιτeκτονικές μe βάση τη ταχύτητα, eπιφάνeια, ή το γινόμeνο ταχύτητα x eπιφάνeια. Οι προτeινόμeνeς μeθοδολογίeς μπορούν eύκολα να eπeκταθούν και σe άλλeς eφαρμογές πέραν της κρυπτογραφίας. 
Τέλος, προτeίνονται νέοι αλγόριθμοι για τη σημαντικότατη για την κρυπτογραφία πράξη του πολλαπλασιασμού μe υπόλοιπα. Οι νέοι αλγόριθμοι eνσωματώνουν από τη μία τις ιδέeς των eυέλικτων δομών, από την άλλη όμως βασίζονται σe νέeς ιδέeς και μαθηματικά προβλήματα τα οποία προσπαθούμe να προσeγγίσουμe και να eπιλύσουμe. Αποδeικνύeται πως eίναι δυνατή η eνοποίηση μιας μeγάλης οικογένeιας αλγορίθμων για χρήση στην κρυπτογραφία, υπό τη στέγη των προτeινόμeνων μeθοδολογιών για eυέλικτο σχeδιασμό.

/pdf/versatile-architectures-for-cryptographic-systems-45bnzqxdpi.pdf

Versatile architectures for cryptographic systems

Summary This research paper aims at analyzing the impact of exploiting the parallelism available in two common Elliptic Curve Cryptography (ECC) projective forms on speed and cost factors, assuming point-multiplication is implemented using the m-ary algorithm instead of the popular binary algorithm. Point-multiplication is implemented using scalable multipliers in order to replicate the design for varying-size security keys. Simulation results are shown for each projective form and a cross comparison is also performed as well.

/pdf/cost-effective-implementations-of-gf-p-elliptic-curve-31s4xuoccs.pdf

Cost-Effective Implementations of GF (p) Elliptic Curve Cryptography Computations

Summary This paper presents two new multi-signature schemes which aim at providing data authenticity, integrity, and non-repudiation. The proposed signing/verifying schemes are extensions of standardized algorithms, such as DSA (Digital Signature Algorithm) and ECDSA (Elliptic Curve DSA) algorithms. These schemes are faster than repeated individual signature (RDSA) using DSA or ECDSA (RECDSA) to generate a multi-signature. The final multi-signature of a message can be verified individually for each signer or collectively for a subgroup or entire group as well. Moreover, these schemes can also be used for group membership authentication. Finally, the proposed schemes can be used in E-commerce and E-government application. The security of the proposed schemes corresponds to the security of DSA and ECDSA algorithms respectively.

/pdf/dsa-and-ecdsa-based-multi-signature-schemes-4yw6aqrbnn.pdf

DSA and ECDSA-based Multi-Signature Schemes

In this research paper, we aim at proposing a new energy-aware approach in order to authenticate packet flows in systems with limited energy. Reduction of power consumption is obtained by dynamically merging data packets and using lower message digests as a function of the system energy. This approach allows increasing the lifetime of battery-operated devices and avoids packets loss while maintaining an acceptable security level. Simulation results are presented in order to show energy savings.

Ahcene Farah

Papers

Cost-Effective Implementations of GF (p) Elliptic Curve Cryptography Computations

DSA and ECDSA-based Multi-Signature Schemes

A new energy-aware approach for packets flow signature