Single-chip implementation of a cryptosystem for financial applications
This article presents a hardware architecture called “GCD - General Crypto Device”, realized as a single chip for system solutions in the EFT area. Special emphasis is put to this application area as the GCD supports all functions and security mechanisms commonly required by financial security systems (DES, RSA, key generation schemes).
The GCD mainly targets at the electronic financial area, like electronic funds transfer, Electronic Cash, Electronic Banking and Chipcard applications. Other typical applications of the GCD are network security (e.g. on ATM or ISDN), access control systems (ACS), or upcoming consumer cryptosystems like pay TV or pay radio.
Keyfeature of the devices new concept is an optimized processor containing instructions especially required by crpto functions. Additionally the single chip realisation reduces the required space and the accessibility of sensitive signals. Probing sensitive internal data like a generated session key or global master keys requires a very high level of technical skills (like microprobes) not to be expected to become commonly available in the near future
The ASIC is based on a 32-Bit RISC special processor with embedded high speed crypto functions. The major new achivement lies in the processor architecture, which includes a pipeline stage, designed for efficient long number arithmetic, like it is needed in the RSA cryptosystem . The resulting overall performance of the device is significantly higher than that of existing realizations due to the used design concept, the performance is further enhanced due to the direct linking of the embedded components. The physical security combined with a high cryptographic flexibility at reasonable costs allows the usage of new cryptographic algorithms even in consumer market applications.
The paper is organized as follows: Section 1 gives an introduction. Section 2 pointes out the motiviation to design a device dedicated to the efficient realization of cryptosystems. Section 3 described the requirements and the architecture of typical cryptosystems used in the financial cryptography area. Section 4 presents the architecure of the General Crypto Device and its contents. While section 5 shows two examples, section 6 concludes the paper.
Unable to display preview. Download preview PDF.
- A proposed Federal information processing standard for digital signature standard (DSS), Federal Register 56 (169), Aug. 1991, pp. 42980–42982Google Scholar
- A. Glade, H. Reimer, B. Struif, “Digitale Signatur & Sicherheitssensitive Anwendungen”, Vieweg TeleTrusT Publications, 1995, pp. 66–88Google Scholar
- National Bureau of Standards, “Data Encryption Standard”, FIPS pub. 46, 1977Google Scholar
- X. Lai, J. Massey, “A proposal for a new block encryption standard”, Proc. Eurocrypt '90, 1990Google Scholar
- E. F. Brickel, “A Survey of Hardware Implementation of RSA”, Advances in Cryptology-CRYPTO '89, 1989, pp. 368-370Google Scholar
- B. Schneier, “Applied Cryptography: Protocols, Algorithms, and Source Code in C”, Wiley, 1994Google Scholar
- K.E. Knuth, “The art of computer programming”, Addison-Wesley, 1981Google Scholar
- P. L. Montgomery, “Modular Multiplication Without Trial Division”, Mathematics of Computation, Vol. 44, 170, April 1985, pp. 519–521Google Scholar
- N. Koblitz, “Elliptic curve Cryptosystems“, Mathematics of Computation, Vol. 48, 177, 1987, pp. 203–209Google Scholar