Fundamentals of Asymmetric Cryptography

  • Thomas Wollinger
  • Sandeep Kumar

Summary

Cryptology provides two different flavors of algorithms, namely symmetric and asymmetric (public-key) algorithms. This contribution deals with asymmetric algorithms.

Asymmetric cryptography provides the ability and is used in practical applications to: (a) exchange keys securely over a unprotected channel and (b) sign electronic document (Digital signature). Especially the first scenario is important in any kind of communication between systems. Hence, these cryptographic primitives are a necessity for securely exchanging messages in the car (e.g. between components) and between the car and a third party (e.g. tool station, other car, service provider).

This chapter gives first an introduction to asymmetric cryptography, helping the reader to understand the advantages as well as the problems. In the main part of the chapter we focus on two asymmetric cryptosystems, namely RSA and Elliptic Curve Cryptosystems (ECC). ECC is especially interesting for the usage in the automotive environment, because it is much better suited for the implementation on embedded processors. For each of the two cryptographic primitives we cover briefly the mathematical background and focus then on the engineering aspects (including fast implementation techniques) of these systems. In order to give the reader an idea about the performance of these algorithms we summarize available publications.

Keywords

asymmetric cryptography embedded systems cryptographical applications efficient implementation previous implementation 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    C. Ajluni. Two New Imaging Techniques to Improve IC Defect Indentification. Electronic Design, 43(14):37–38, July 1995.Google Scholar
  2. 2.
    P. Barrett. Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor. In A. M. Odlyzko, editor, Advances in Cryptology — CRYPTO’ 86, LNCS 263, pages 311–323, Berlin, Germany, August 1986. Springer-Verlag.Google Scholar
  3. 3.
    E. Biham and A. Shamir. Differential Fault Analysis of Secret Key Cryptosystems. In Burt Kaliski, editor, Advances in Cryptology — Crypto’ 97, pages 513–525, Berlin, 1997. Springer-Verlag. LNCS 1294.Google Scholar
  4. 4.
    I. Blake, G. Seroussi, and N. Smart. Elliptic Curves in Cryptography. Cambridge University Press, London Mathematical Society Lecture Notes Series 265, 1999.Google Scholar
  5. 5.
    T. Blum and C. Paar. Montgomery modular multiplication on reconfigurable hardware. In Proceedings of the 14th IEEE Symposium on Computer Arithmetic (ARITH-14), pages 70–77, 1999.Google Scholar
  6. 6.
    D. Boneh, R. A. DeMillo, and R. J. Lipton. On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract). In Walter Fumy, editor, Advances in Cryptology — EuroCrypt’ 97, pages 37–51, Berlin, 1997. Springer-Verlag. LNCS 1233.Google Scholar
  7. 7.
    Cavium. CN1540, NitroxPlus. www.cavium.com, 2004.Google Scholar
  8. 8.
    Ç. K. Koç, T. Acar, and B. Kaliski. Analyzing and Comparing Montgomery Multiplication Algorithms. IEEE Micro, pages 26–33, June 1996.Google Scholar
  9. 9.
    Jae Wook Chung, Sang Gyoo Sim, and Pil Joong Lee. Fast Implementation of Elliptic Curve Defined over GF(pm) on CalmRISC with MAC2424 Coprocessor. In Çetin K. Koç and Christof Paar, editors, Workshop on Cryptographic Hardware and Embedded Systems — CHES 2000, LNCS 1965, pages 57–70, Berlin, 2000. Springer-Verlag.Google Scholar
  10. 10.
    D. De Waleffe and J. J. Quisquater. CORSAIR: A smart card for public key cryptosystems. In A. J. Menezes and S. A. Vanstone, editors, Advances in Cryptology — CRYPTO’ 90, LNCS 537, pages 502–514, Berlin, 1990. Springer-Verlag.Google Scholar
  11. 11.
    Henna Pietiläinen. Elliptic curve cryptography on smart cards. Master’s thesis, Helsinki University of Technology, October 2000.Google Scholar
  12. 12.
    E. DeWin, S. Mister, B. Preneel, and M. Wiener. On the Performance of Signature Schemes Based on Elliptic Curves. In J. P. Buhler, editor, Algorithmic Number Theory: Third International Symposium (ANTS 3), LNCS 1423, pages 252–266. Springer-Verlag, June 21–25 1998.Google Scholar
  13. 13.
    W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22:644–654, 1976.MathSciNetGoogle Scholar
  14. 14.
    S. R. Dussé and B. S. Kaliski. A Cryptographic Library for the Motorola DSP56000. In I. B. Damgård, editor, Advances in Cryptology — EUROCRYPT’ 90, LNCS 473, pages 230–244, Berlin, Germany, May 1990. Springer-Verlag.Google Scholar
  15. 15.
    E. F. Brickell. A fast modular multiplication algorithm with applications to two key cryptography. In D. Chaum, R. L. Rivest and A. T. Sherman, editors, Advances in Cryptology — CRYPTO’ 82, pages 51–60, New York, USA, 1982. Plenum Publishing.Google Scholar
  16. 16.
    D. M. Gordon. A Survey of Fast Exponentiation Methods. Journal of Algorithms, 27:129–146, 1998.CrossRefMATHMathSciNetGoogle Scholar
  17. 17.
    J. Guajardo, R. Bluemel, U. Krieger, and C. Paar. Efficient Implementation of Elliptic Curve Cryptosystems on the TI MSP430x33x Family of Microcontrollers. In K. Kim, editor, Fourth International Workshop on Practice and Theory in Public Key Cryptography — PKC 2001, LNCS 1992, pages 365–382, Berlin, February 13–15 2001. Springer-Verlag.Google Scholar
  18. 18.
    N. Gura, S. Chang, H. Eberle, G. Sumit, V. Gupta, D. Finchelstein, E. Goupy, and D. Stebila. An End-to-End Systems Approach to Elliptic Curve Cryptography. In Ç. K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2001, LNCS 1965, pages 351–366. Springer-Verlag, 2001.Google Scholar
  19. 19.
    N. Gura, A. Patel, A. Wander, H. Eberle, and S. C. Shantz. Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs. In Workshop on Cryptographic Hardware and Embedded Systems — CHES 2004, LNCS. Springer-Verlag, 2004.Google Scholar
  20. 20.
    D. Hankerson, J. López Hernandez, and A. Menezes. Software Implementation of Elliptic Curve Cryptography Over Binary Fields. In Ç. Koç and C. Paar, editors, Second International Workshop on Cryptographic Hardware and Embedded Systems — CHES 2000, LNCS 1965, Berlin, 2000. Springer-Verlag.Google Scholar
  21. 21.
    D. Hankerson, A. Menezes, and S. Vanstone. Guide to Elliptic Curve Cryptography. Springer-Verlag, New York, USA, 2004.Google Scholar
  22. 22.
    ISO. ISO/IEC 9796-2: Information technology — Security techniques — Digital signature scheme giving message recovery, Part 2: Mechanisms using a hash-function, 1997.Google Scholar
  23. 23.
    ISO. ISO/IEC 9796: Information technology — Security techniques — Digital signature scheme giving message recovery, Part 1: Mechanisms using redundancy, 1999.Google Scholar
  24. 24.
    N. Koblitz. Elliptic Curve Cryptosystems. Mathematics of Computation, 48:203–209, 1987.MATHMathSciNetGoogle Scholar
  25. 25.
    RSA Laboratories. PKCS #1: RSA cryptography specifcations, version 2.0, September 1998.Google Scholar
  26. 26.
    A. K. Lenstra and E. R. Verheul. Selecting Cryptographic Key Sizes. Journal of Cryptology, 14(4):255–293, 2001.MathSciNetGoogle Scholar
  27. 27.
    J. López and R. Dahab. Fast Multiplication on Elliptic Curves over GF(2n). In Ç. K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 1999, LNCS 1717, pages 316–327. Springer-Verlag, 1999.Google Scholar
  28. 28.
    M. Mazzeo, L. Romano, G. P. Saggese, and M. Mazzocca. FPGA-based Implementation of a serial RSA processor. In Design, Automation and Test in Europe Conference and Exhibition (DATE’03), pages 10582–10590, March 2003.Google Scholar
  29. 29.
    A. Menezes and D. Johnson. The elliptic curve digitial signature algorithm (ECDSA). Technical report CORR 99-34, Department of C & O, University of Waterloo, Ontario, Canada, August 1999.Google Scholar
  30. 30.
    A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, Boca Raton, Florida, USA, 1997.Google Scholar
  31. 31.
    T. S. Messerges, E. A. Dabbish, R. H. Sloan Power Analysis Attacks of Modular Exponentiation in Smartcards. In Ç. K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 1999, LNCS 1717, pages 144–157, Berlin, 1999. Springer-Verlag.Google Scholar
  32. 32.
    V. Miller. Uses of Elliptic Curves in Cryptography. In H. C. Williams, editor, Advances in Cryptology — CRYPTO’ 85, LNCS 218, pages 417–426, Berlin, Germany, 1986. Springer-Verlag.Google Scholar
  33. 33.
    J. F. Misarsky. How (not) to design signature schemes. In Hideki Imai and Yuliang Zheng, editors, First International Workshop on Practice and Theory in Public Key Cryptography — PKC’98, LNCS 1431, pages 14–28, Berlin, 1998. Springer-Verlag.Google Scholar
  34. 34.
    P. L. Montgomery. Modular multiplication without trial division. Mathematics of Computation, 44(170):519–521, April 1985.MATHMathSciNetGoogle Scholar
  35. 35.
    US Department of Commerce/ National Institute of Standard and Technology. Digital Signature Standard (DSS), January 27, 2000.Google Scholar
  36. 36.
    S. Okada, N. Torii, K. Itoh, and M. Takenaka. Implementation of Elliptic Curve Cryptographic Coprocessor over GF(2m) on an FPGA. In Çetin K. Koç and Christof Paar, editors, Proceedings of the Second Workshop on Cryptographic Hardware and Embedded Systems — CHES 2000, pages 25–52, Berlin, Germany, 2000. Springer-Verlag.Google Scholar
  37. 37.
    G. Orlando and C. Paar. A High-Performance Reconfigurable Elliptic Curve Processor for GF(2m). In Ç. K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2000, LNCS 1965, pages 41–56. Springer-Verlag, 2000.Google Scholar
  38. 38.
    G. Orlando and C. Paar. A Scalable GF(p) Elliptic Curve Processor Architecture for Programmable Hardware. In Ç. K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2001, LNCS 2162, pages 348–363. Springer-Verlag, 2001.Google Scholar
  39. 39.
    IEEE P1363-2000: IEEE Standard Specifications for Public Key Cryptography, 2000. Available at standards.ieee.org/catalog/olis/busarch.html.Google Scholar
  40. 40.
    J.-J. Quisquater. Fast modular exponentiation without division. Rump session of EUROCRYPT’ 90.Google Scholar
  41. 41.
    J.-J. Quisquater. Encoding system according to the so-called RSA method, by means of a microcontroller and arrangement implementing this system. United States Patent, Patent Number 5166978, November 24 1992.Google Scholar
  42. 42.
    J.-J. Quisquater and D. Samyde. Electro Magnetic Analysis (EMA): Measures and Countermeasures for Smart Cards. In International Conference on Research in Smart Cards, E-smart 2001, pages 200–210, Cannes, France, September 2001.Google Scholar
  43. 43.
    R. L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and public-key Cryptosystems. Communications of the ACM, 21(2):120–126, February 1978.CrossRefMathSciNetGoogle Scholar
  44. 44.
    RSA Labratories. www.rsasecurity.com/rsalabs.Google Scholar
  45. 45.
    SafeNet. SafeXcel 1842. www.safenet-inc.com, 2004.Google Scholar
  46. 46.
    K. Schramm, K. Lemke, and C. Paar. Embedded Cryptography: Side Channel Attacks. This book.Google Scholar
  47. 47.
    R. Schroeppel, H. Orman, S. O’Malley, and O. Spatscheck. Fast key exchange with elliptic curve systems. In D. Coppersmith, editor, Advances in Cryptology — CRYPTO’ 95, LNCS 963, pages 43–56, Berlin, Germany, 1995. Springer-Verlag.Google Scholar
  48. 48.
    H. Sedlak. The RSA cryptography processor. In D. Chaum and W. L. Price, editors, Advances in Cryptology — EUROCRYPT’ 87, LNCS 304, pages 95–105, Berlin, Germany, 1987. Springer-Verlag.Google Scholar
  49. 49.
    S. Skorobogatov and R. Anderson. Optical Fault Induction Attacks. In Ç. K. Koç B. S. Kaliski and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2002, LNCS 2523, pages 2–12. Springer-Verlag, 2002.Google Scholar
  50. 50.
    The Side Channel Cryptanalysis Lounge. www.crypto.rub.de/en_sclounge.html.Google Scholar
  51. 51.
    A. Weimerskirch, C. Paar, and S. Chang Shantz. Elliptic Curve Cryptography on a Palm OS Device. In V. Varadharajan and Y. Mu, editors, The 6th Australasian Conference on Information Security and Privacy — ACISP 2001, LNCS 2119, pages 502–513, Berlin, 2001. Springer-Verlag.Google Scholar
  52. 52.
    A. Woodbury, D. V. Bailey, and C. Paar. Elliptic curve cryptography on smart cards without coprocessors. In IFIP CARDIS 2000, Fourth Smart Card Research and Advanced Application Conference, Bristol, UK, September, 2000. Kluwer.Google Scholar
  53. 53.
    Kerstin Lemke. Embedded Security: Physical Protection Against Tampering Attacks. This book.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Thomas Wollinger
    • 1
  • Sandeep Kumar
    • 1
  1. 1.Horst Görtz Institute (HGI) for Security in Information TechnologyRuhr University of BochumGermany

Personalised recommendations