Hardware implementation of elliptic curve cryptography based on residue number systems
thesisposted on 29.03.2022, 01:40 authored by Mohamad Ali Mehrabi
In today's technology, a sheer number of Internet of things applications use hardware security modules for secure communications. The widely used algorithms in security modules, for example, digital signatures and key agreement, are based upon elliptic curve cryptography (ECC). In many IoT applications, such as intelligent transportation systems and distributed control systems, thousands of safety messages need to be signed and verified within a very short time frame. Considerable research has been conducted in the design of fast elliptic curve arithmetic on finite fields using residue number systems (RNS). This thesis investigates fast hardware implementations for RNS elliptic curve cryptography (ECC) co-processors. Our focus is to speed up the ECC point multiplication operation by exploiting the properties of the residue number system (RNS). The RNS consists of independent and carry-free small-sized integer channels that make it suitable for long-integer arithmetic. By harnessing the RNS properties, hardware parallelism, and utilising different point multiplication algorithms, we designed a low-latency ECC point multiplication co-processor for the standard elliptic curves SECP256K1, ED25519, and Brainpool256r1 which are widely used in the industry. This thesis contributes to the field of hardware cryptography as follows: Two new architectures for RNS modular reduction are proposed. The first improvement is on the RNS Montgomery reduction algorithm in which its FPGA implementation utilises fewer hardware resources and is also much faster in terms of speed compared to the literature. In addition to the RNS modular reduction algorithm, a new modular reduction based on the sum of residues (SOR) is proposed. The SOR algorithm is highly parallelisable. Two variants of the SOR algorithm with different levels of parallelism are implemented on FPGA. Furthermore, the elliptic curve group law operations are optimised for parallel computation and are used in the design of an RNS ECC co-processor. This thesis analyses the security of RNS GLV ECC co-processors with respect to side-channel, power data analysis by making use of machine and deep learning algorithms. Finally, suitable countermeasures are proposed to make such co-processors immune to side-channel attacks -- abstract.