Journal of Cryptographic Engineering

, Volume 2, Issue 1, pp 19–29 | Cite as

Efficient software implementation of public-key cryptography on sensor networks using the MSP430X microcontroller

  • Conrado P. L. GouvêaEmail author
  • Leonardo B. Oliveira
  • Julio López
Regular Paper


In this work, we describe a software implementation of elliptic curve cryptography and pairing-based cryptography for the MSP430 microcontroller family, which is used in wireless sensors. Digital signature, short signature and key distribution protocols were implemented at the 80- and 128-bit levels of security, over both binary and prime fields. The timing results of our software implementation show an improvement of about 25–30% in the pairing computation over previous implementations. We also provide results for the MSP430X extension of the original family, which has new instructions. In particular, using the new 32-bit hardware multiplier available in some MSP430X models, we have achieved a further improvement of about 45% in the prime field multiplication and 20–30% in protocol timings. The combination of fast algorithms and improved hardware allows us to show that even the 128-bit level of security can be considered feasible for this platform.


Efficient software implementation Elliptic curve cryptography Pairing-based cryptography MSP430 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Al-Daoud E., Mahmod R., Rushdan M., Kilicman A.: A new addition formula for elliptic curves over GF(2n). IEEE Trans. Comput. 51(8), 972–975 (2002). doi: 10.1109/TC.2002.1024743 MathSciNetCrossRefGoogle Scholar
  2. 2.
    Aranha, D., Karabina, K., Longa, P., Gebotys, C., López, J.: Faster explicit formulas for computing pairings over ordinary curves. In: Advances in Cryptology—EUROCRYPT 2011. Lecture Notes in Computer Science, vol. 6632, pp. 48–68. Springer, Berlin (2011). doi: 10.1007/978-3-642-20465-4_5
  3. 3.
    Aranha D.F., Oliveira L.B., López J., Dahab R.: Efficient implementation of elliptic curve cryptography in wireless sensors. Adv. Math. Commun. 4(2), 169–187 (2011)CrossRefGoogle Scholar
  4. 4.
    Arène C., Lange T., Naehrig M., Ritzenthaler C.: Faster computation of the Tate pairing. J. Number Theory 131(5), 842–857 (2011). doi: 10.1016/j.jnt.2010.05.013 MathSciNetzbMATHCrossRefGoogle Scholar
  5. 5.
    Barreto P.S.L.M., Galbraith S., Ó hÉigeartaigh C., Scott M.: Efficient pairing computation on supersingular abelian varieties. Des. Codes Cryptogr. 42(3), 239–271 (2007)MathSciNetzbMATHCrossRefGoogle Scholar
  6. 6.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Selected Areas in Cryptography. Lecture Notes in Computer Science, vol.3897, pp. 319–331. Springer, Berlin (2006)Google Scholar
  7. 7.
    Bernstein, D.: A software implementation of NIST P-224. In: Presentation at the 5th Workshop on Elliptic Curve Cryptography (ECC 2001) (2001)Google Scholar
  8. 8.
    Bernstein, D., Lange, T.: Faster addition and doubling on elliptic curves. In: Advances in Cryptology—ASIACRYPT 2007. Lecture Notes in Computer Science, vol. 4833, pp. 29–50. Springer, Berlin (2008). doi: 10.1007/978-3-540-76900-2_3
  9. 9.
    Boneh D., Lynn B., Shacham H.: Short signatures from the Weil pairing. J. Cryptol. 17(4), 297–319 (2004)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Certicom Research: SEC 2: Recommended elliptic curve domain parameters version 1.0 (2000).
  11. 11.
    Comba P.G.: Exponentiation cryptosystems on the IBM PC. IBM Syst. J. 29(4), 526–538 (1990)CrossRefGoogle Scholar
  12. 12.
    Coppersmith D.: Fast evaluation of logarithms in fields of characteristic two. IEEE Trans. Inf. Theory 30(4), 587–594 (1984)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Dudacek, K., Vavricka, V.: Experimental evaluation of the MSP430 microcontroller power requirements. In: The International Conference on “Computer as a Tool”—EUROCON, 2007, pp. 400–404 (2007)Google Scholar
  14. 14.
    Dupont R., Enge A.: Provably secure non-interactive key distribution based on pairings. Discret. Appl. Math. 154(2), 270–276 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  15. 15.
    Fong K., Hankerson D., López J., Menezes A.: Field inversion and point halving revisited. IEEE Trans. Comput. 53(8), 1047–1059 (2004)CrossRefGoogle Scholar
  16. 16.
    Fuentes-Castañeda L., Knapp, E., Rodríguez-Henríquez, F.: Faster hashing to \({\mathbb{G}_2}\). In: Selected Areas in Cryptography—SAC 2011 (2011)Google Scholar
  17. 17.
    Galindo, D., Roman, R., Lopez, J.: A killer application for pairings: Authenticated key establishment in underwater wireless sensor networks. In: Cryptology and Network Security. Lecture Notes in Computer Science, vol. 5339, pp. 120–132. Springer, Berlin (2008)Google Scholar
  18. 18.
    Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Advances in Cryptology—CRYPTO 2001. Lecture Notes in Computer Science, vol. 2139, pp. 190–200. Springer, Berlin (2001)Google Scholar
  19. 19.
    Gouvêa, C.P.L., López, J.: Software implementation of pairing-based cryptography on sensor networks using the MSP430 microcontroller. In: Progress in Cryptology—INDOCRYPT 2009. Lecture Notes in Computer Science, vol. 5922, pp. 248–262. Springer, Berlin (2009)Google Scholar
  20. 20.
    Granger, R., Scott, M.: Faster squaring in the cyclotomic subgroup of sixth degree extensions. In: Public Key Cryptography—PKC 2010. Lecture Notes in Computer Science, vol. 6056, pp. 209–223. Springer, Berlin (2010)Google Scholar
  21. 21.
    Großschädl, J.: TinySA: A security architecture for wireless sensor networks. In: Proceedings of the 2006 ACM CoNEXT conference, pp.55. ACM, New York (2006)Google Scholar
  22. 22.
    Guajardo, J., Blümel, R., Krieger, U., Paar, C.: Efficient implementation of elliptic curve cryptosystems on the TI MSP430x33x family of microcontrollers. In: Public Key Cryptography. Lecture Notes in Computer Science, vol. 1992, pp. 365–382. Springer, Berlin (2001)Google Scholar
  23. 23.
    Hankerson D., Menezes A., Vanstone S.: Guide to Elliptic Curve Cryptography. Springer, New York (2004)zbMATHGoogle Scholar
  24. 24.
    Karabina, K.: Squaring in cyclotomic subgroups. Cryptology ePrint Archive, Report 2010/542 (2010).
  25. 25.
    Karatsuba A., Ofman Y.: Multiplication of multidigit numbers on automata. Soviet Phys. Doklady 7, 595 (1963)Google Scholar
  26. 26.
    Knežević M., Vercauteren F., Verbauwhede I.: Faster interleaved modular multiplication based on Barrett and Montgomery reduction methods. IEEE Trans. Comput. 59(12), 1715–1721 (2010)MathSciNetCrossRefGoogle Scholar
  27. 27.
    Law L., Menezes A., Qu M., Solinas J., Vanstone S.: An efficient protocol for authenticated key agreement. Des. Codes Cryptogr. 28, 119–134 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  28. 28.
    Lim, C.H., Lee, P.J.: More flexible exponentiation with precomputation. In: Advances in Cryptology—CRYPTO’94. Lecture Notes in Computer Science, vol. 839, pp. 95–107. Springer, Berlin (1994)Google Scholar
  29. 29.
    López, J., Dahab, R.: High-speed software multiplication in \({\mathbb{F}_{2^m}}\). In: Progress in Cryptology—INDOCRYPT 2000. Lecture Notes in Computer Science, vol. 1977, pp. 93–102. Springer, Berlin (2000)Google Scholar
  30. 30.
    Miller V.S.: The Weil pairing, and its efficient calculation. J. Cryptol. 17, 235–261 (2004)zbMATHCrossRefGoogle Scholar
  31. 31.
    Möller, B.: Algorithms for multi-exponentiation. In: Selected Areas in Cryptography. Lecture Notes in Computer Science, vol. 2259, pp. 165–180. Springer, Berlin (2001)Google Scholar
  32. 32.
    Montgomery P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)zbMATHCrossRefGoogle Scholar
  33. 33.
    National Institute of Standards and Technology: Recommendation for key management (2007).
  34. 34.
    National Institute of Standards and Technology: FIPS 186-3: Digital signature standard (DSS) (2009).
  35. 35.
    Nogami, Y., Akane, M., Sakemi, Y., Kato, H., Morikawa, Y.: Integer variable χ-based Ate pairing. In: Pairing-Based Cryptography—Pairing 2008. Lecture Notes in Computer Science, vol. 5209, pp. 178–191. Springer, Berlin (2008)Google Scholar
  36. 36.
    Oliveira L.B., Aranha D.F., Gouvêa C.P.L., Scott M., Câmara D.F., López J., Dahab R.: TinyPBC: pairings for authenticated identity-based non-interactive key distribution in sensor networks. Comput. Commun. 34(3), 485–493 (2010)CrossRefGoogle Scholar
  37. 37.
    Oliveira, L.B., Kansal, A., Gouvêa, C.P.L., Aranha, D.F., López, J., Priyantha, B., Goraczko, M., Zhao, F.: Secure-TWS: Authenticating node to multi-user communication in shared sensor networks. Comput. J. (2011). doi: 10.1093/comjnl/bxr089
  38. 38.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan (2000)Google Scholar
  39. 39.
    Schnorr C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)MathSciNetzbMATHCrossRefGoogle Scholar
  40. 40.
    Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L.J., Kachisa, E.J.: On the final exponentiation for calculating pairings on ordinary elliptic curves. In: Pairing-Based Cryptography—Pairing 2009. Lecture Notes in Computer Science, vol. 5671. Springer, Berlin (2009)Google Scholar
  41. 41.
    Scott, M., Szczechowiak, P.: Optimizing multiprecision multiplication for public key cryptography. Cryptology ePrint Archive, Report 2007/299 (2007).
  42. 42.
    Solinas J.A.: Efficient arithmetic on Koblitz curves. Des. Codes Cryptogr. 19(2), 195–249 (2000)MathSciNetzbMATHCrossRefGoogle Scholar
  43. 43.
    Szczechowiak, P., Kargl, A., Scott, M., Collier, M.: On the application of pairing based cryptography to wireless sensor networks. In: Proceedings of the second ACM conference on Wireless network security, pp. 1–12. ACM, New York (2009)Google Scholar
  44. 44.
    Szczechowiak, P., Oliveira, L.B., Scott, M., Collier, M., Dahab, R.: NanoECC: Testing the limits of elliptic curve cryptography in sensor networks. In: Wireless Sensor Networks. Lecture Notes in Computer Science, vol. 4913. Springer, Berlin (2008)Google Scholar
  45. 45.
    Vercauteren F.: Optimal pairings. IEEE Trans. Inf. Theory 56(1), 455–461 (2010)MathSciNetCrossRefGoogle Scholar
  46. 46.
    Weber, D., Denny, T.: The solution of McCurley’s discrete log challenge. In: Advances in Cryptology—CRYPTO ’98. Lecture Notes in Computer Science, vol. 1462, pp. 458–471. Springer, Berlin (1998). doi: 10.1007/BFb0055747
  47. 47.
    Zhang, F., Safavi-Naini, R., Susilo, W.: An efficient signature scheme from bilinear pairings and its applications. In: Public Key Cryptography—PKC 2004. Lecture Notes in Computer Science, vol. 2947, pp. 277–290. Springer, Berlin (2004)Google Scholar

Copyright information

© Springer-Verlag 2012

Authors and Affiliations

  • Conrado P. L. Gouvêa
    • 1
    Email author
  • Leonardo B. Oliveira
    • 2
  • Julio López
    • 1
  1. 1.University of CampinasCampinasBrazil
  2. 2.Federal University of Minas GeraisBelo HorizonteBrazil

Personalised recommendations