Skip to main content
SpringerLink
Log in

Efficient Hardware Implementations for Elliptic Curve Cryptography over Curve448

  • Conference paper
  • First Online:
Progress in Cryptology – INDOCRYPT 2020 (INDOCRYPT 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12578))

Included in the following conference series:

Abstract

In this paper, we present different implementations of point multiplication over Curve448. Curve448 has recently been recommended by NIST to provide 224-bit security over elliptic curve cryptography. Although implementing high-security cryptosystems should be considered due to recent improvements in cryptanalysis, hardware implementation of Curve488 has been investigated in a few studies. Hence, in this study, we propose three variable-base-point FPGA-based Curve448 implementations, i.e., lightweight, area-time efficient, and high-performance architectures, which aim to be used for different applications. Synthesized on a Xilinx Zynq 7020 FPGA, our proposed high-performance design increases 12% throughput with executing 1,219 point multiplication per second and increases 40% efficiency in terms of required clock cycles\(\times \)utilized area compared to the best previous work. Furthermore, the proposed lightweight architecture works 250 MHz and saves 96% of resources with the same performance. Additionally, our area-time efficient design considers a trade-off between time and required resources, which shows a 48% efficiency improvement with 52% fewer resources. Finally, effective side-channel countermeasures are added to our proposed designs, which also outperform previous works.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Chen, L., Moody, D., Regenscheid, A., Randall, K.: Recommendations for discrete logarithm-based cryptography: elliptic curve domain parameters. In: Computer Security, Draft NIST Special Publication, National Institute of Standards and Technology, pp. 800–186 (2019)

    Google Scholar 

  2. Langley, A., Hamburg, M., Turner, S.: Elliptic curves for security (2016)

    Google Scholar 

  3. Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science, Santa Fe, New Mexico, USA, 20–22 November 1994, pp. 124–134 (1994)

    Google Scholar 

  4. Elkhatib, R., Azarderakhsh, R., Mozaffari Kermani, M.: Highly optimized montgomery multiplier for SIKE primes on FPGA. In: 27th IEEE Symposium on Computer Arithmetic, ARITH 2020, Portland, OR, USA, 7–10 June 2020, pp. 64–71 (2020)

    Google Scholar 

  5. Seo, H., Sanal, P., Jalali, A., Azarderakhsh, R.: Optimized implementation of SIKE round 2 on 64-bit ARM cortex-a processors. IEEE Trans. Circuits Syst. I Regul. Pap. 67-I(8), 2659–2671 (2020)

    Google Scholar 

  6. Seo, H., Anastasova, M., Jalali, A., Azarderakhsh, R.: Supersingular isogeny key encapsulation (SIKE) round 2 on ARM cortex-m4. IACR Cryptol. ePrint Arch. 2020, 410 (2020)

    Google Scholar 

  7. Bindel, N., Herath, U., McKague, M., Stebila, D.: Transitioning to a quantum-resistant public key infrastructure. IACR Cryptology ePrint Archive 2017, 460 (2017)

    Google Scholar 

  8. Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446 (2018)

    Google Scholar 

  9. Hamburg, M.: Ed448-goldilocks, a new elliptic curve. IACR Cryptology ePrint Archive 2015, 625 (2015)

    Google Scholar 

  10. Hamburg, M.: Ed448-goldilocks, a new high-strength curve and implementation. https://csrc.nist.gov/csrc/media/events/workshop-on-elliptic-curve-cryptography-standards/documents/presentations/session7-hamburg-michael.pdf. Accessed June 2015

  11. Bernstein, D.J., Lange., T.: Safecurves: choosing safe curves for elliptic-curve cryptography (2016). https://safecurves.cr.yp.to/

  12. Sasdrich, P., Güneysu, T.: Efficient elliptic-curve cryptography using curve25519 on reconfigurable devices. In: Goehringer, D., Santambrogio, M.D., Cardoso, J.M.P., Bertels, K. (eds.) ARC 2014. LNCS, vol. 8405, pp. 25–36. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-05960-0_3

    Chapter  Google Scholar 

  13. Sasdrich, P., Güneysu, T.: Exploring RFC 7748 for hardware implementation: curve25519 and curve448 with side-channel protection. J. Hardw. Syst. Secur. 2(4), 297–313 (2018)

    Article  Google Scholar 

  14. Bisheh Niasar, M., Elkhatib, R., Azarderakhsh, R., Mozaffari Kermani, M.: Fast, small, and area-time efficient architectures for key-exchange on curve25519. In: 27th IEEE Symposium on Computer Arithmetic, ARITH 2020, Portland, OR, USA, 7–10 June 2020, pp. 72–79 (2020)

    Google Scholar 

  15. Salarifard, R., Sarmadi, S.B.: An efficient low-latency point-multiplication over curve25519. IEEE Trans. Circuits Syst. 66-I(10), 3854–3862 (2019)

    Google Scholar 

  16. Sasdrich, P., Güneysu, T.: Cryptography for next generation TLS: implementing the RFC 7748 elliptic curve448 cryptosystem in hardware. In: Proceedings of the 54th Annual Design Automation Conference, DAC 2017, Austin, TX, USA, 18–22 June 2017, pp. 16:1–16:6 (2017)

    Google Scholar 

  17. Shah, Y.A., Javeed, K., Shehzad, M.I., Azmat, S.: LUT-based high-speed point multiplier for goldilocks-curve448. IET Comput. Digit. Tech. 14(4), 149–157 (2020)

    Article  Google Scholar 

  18. Bisheh Niasar, M., Azarderakhsh, R., Mozaffari Kermani, M.: Optimized architectures for elliptic curve cryptography over curve448. Cryptology ePrint Archive, Report 2020/1338 (2020)

    Google Scholar 

  19. Ananyi, K., Alrimeih, H., Rakhmatov, D.: Flexible hardware processor for elliptic curve cryptography over NIST prime fields. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 17(8), 1099–1112 (2009)

    Google Scholar 

  20. Alrimeih, H., Rakhmatov, D.: Fast and flexible hardware support for ECC over multiple standard prime fields. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 22(12), 2661–2674 (2014)

    Google Scholar 

  21. Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. Math. Comput. 48, 243–264 (1987)

    Article  MathSciNet  Google Scholar 

  22. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25

    Chapter  Google Scholar 

  23. Bisheh Niasar, M., Azarderakhsh, R., Mozaffari Kermani, M.: EdDSA for hardware implementation: highly optimized Ed25519 and Ed448 signatures. IEEE Trans. Circuits Syst. I: Reg. Pap. (2020, Accepted)

    Google Scholar 

  24. Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Soviet physics doklady 7, 595 (1963)

    Google Scholar 

  25. Bernstein, D.J.: Batch binary edwards. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 317–336. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_19

    Chapter  Google Scholar 

  26. Bernstein, D.J., Chuengsatiansup, C., Lange, T.: Curve41417: Karatsuba revisited. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 316–334. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44709-3_18

    Chapter  Google Scholar 

  27. Schindler, W., Wiemers, A.: Efficient side-channel attacks on scalar blinding on elliptic curves with special structure. In: NIST Workshop on ECC Standards (2015)

    Google Scholar 

  28. Ogawa, H.S., et al.: Accelerated v2x provisioning with extensible processor platform. Cryptology ePrint Archive, Report 2019/1039 (2019)

    Google Scholar 

Download references

Acknowledgment

The authors would like to thank the reviewers for their comments. Also, we thank Mike Hamburg for his constructive comments. This work is supported by a grant from ARO W911NF-17-1-0311.

Author information

Authors and Affiliations

  1. Department of Computer and Electrical Engineering and Computer Science, Florida Atlantic University, Boca Raton, FL, USA

    Mojtaba Bisheh Niasar & Reza Azarderakhsh

  2. PQSecure Technologies, LLC, Boca Raton, FL, USA

    Reza Azarderakhsh

  3. Department of Computer Science and Engineering, University of South Florida, Tampa, FL, USA

    Mehran Mozaffari Kermani

Authors
  1. Mojtaba Bisheh Niasar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reza Azarderakhsh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehran Mozaffari Kermani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mojtaba Bisheh Niasar .

Editor information

Editors and Affiliations

  1. Inria Paris, Paris, France

    Karthikeyan Bhargavan

  2. University of Klagenfurt, Klagenfurt, Austria

    Elisabeth Oswald

  3. Department of Computer Science and Engineering, Indian Institute of Technology Bombay, Mumbai, Maharashtra, India

    Manoj Prabhakaran

Appendix A: Results Verification

Appendix A: Results Verification

1.1 First Test

Input Scalar:

0xd30a601c4f9a25294bf568a3eb4349f4bf8fd7cdf8244c989c770a7

021e1aad1d0045104efac8288d2349aa1fe665249888eecf9dd2f263c

Base Point u-coordinate:

0x86a0f84efba7a78aa1ad94db2954fa8325dac6198cc3bddd31c04d8

1f9080f027f4307bd4c3388ad8a3f26d5f26c5fdabf8734fa40e6fc06

Montgomery Step 1 Output:

PD u-coordinate:

0x3e879c31a54024c414621015d187660e4c7e382a9fef38df0efda70

06ecf8bd646fce4bf306851ded30e75459c38f123966a03974b18c5ec

PD v-coordinate:

0x1a83e13bee9e9e2a86b6536ca553ea0c976b1866330ef774c701360

9e4203c09fd0c1ef530ce22b628fc9b57c9b17f6afe1cd3e9039bf01a

PA u-coordinate:

0x7a79bd1ad7648eb3ab29e261e12a1c5730b118aed0689eee174941d

c293c813128923a73a5b4705d117e58600fc0284d9350e77c1fd63967

PA v-coordinate:

0x0e52da5553724918c90f2899c19cafde89b3219412ed056af7c80c5

65b6a89ee24ae7bd2ba04801d71fa78cac7fb5f2ce94c97309399d5c8

Montgomery Ladder Output:

u-coordinate:

0x8d9f3cf3d03349946f8c43a739cb850ea3f23bb86a928437642c571

96c0a92618c3986acba9a2cfbd1aae68e512d2624d1b8e356f346517c

v-coordinate:

0xa505a4d63048e2e6ba936b14058a54c2a89ed67f04ca3743f3de4ee

4230a6d321b8a773337ba1d0f07ea43d355c434a747ccbab1a71a6ed3

Inversion Result:

0x52400c75833eda03da566d370715fec2d9da28cfc3d75775a259aa7

84f7c537ef12e04f83753757ae1f84088afec692a805d419817fb771f

Output u-coordinate:

0x6f6bd93df7826276211e11613922989d77b0016ac65f44ebadba4fe

19f235f6d54d712240ab579dffb6a5ed8b11dda9766dc605af94f3ece

1.2 Second Test

Input Scalar:

0xdf09e35b8d2cdd821237b4a5e0445c31d3465fe206483e7cd75d343

8c5f821b01c460d8e9000f6fee89d2fa4dc5d66529339b82844493d20

Base Point u-coordinate:

0xdb57d1e81ce7bddf1cb9788ae205e22fe5be70354d6ce59458015d1

61b20b6e9a1e9f852bb5dfba8c1d4559e7d0b5b30d356cd93f9c2bc0f

Montgomery Step 1 Output:

PD u-coordinate:

0xc3646e5f0e08414b984cf54d71ce7174c98acd1772958c00f319b76

600260905bc76c0a9a0d5582419a441c1d74155cce380b369dfcaac3b

PD v-coordinate:

0x6d5f47a0739ef77c72e5e22b881788bf96f9c0d535b396516005745

b6c82dba687a7e14aed77eea307515679f42d6cc34d5b364fe70af03f

PA u-coordinate:

0x271ec0c38807ed7a6d0192b9426234b93edd6c8f07b3cb101079a28

e21afedf0bb71773e399969f21a46e0def3fa5b750dd7d33cc6ea141e

PA v-coordinate:

0xe71bc00954babc2b8622d0a277814753667b681ea1bdc7cb069b2d9

9c1b9a43943fd068f72489c11b35d74335c6e8086d6170b64b04092ba

Montgomery Ladder Output:

u-coordinate:

0xd6a94f6c104340d4ffb77266aa5e5adc0f2369a14778ca0428870ea

27c3cf120047063c683a91836b092eee9715021cd80a5219796f3074d

v-coordinate:

0xe657de528c9e910514bbd98727e38977462d31b7df50b877b1f0231

3a0b96787caaed38f7eafe9cc5dfbcd742f844ca5a9ceea557edfc25f

Inversion Result:

0x4535e009122201e56ae054cdf012fa153f57a10cc8c7189c604bddc

67fa07539d77ccc68864a62204c615e7b86ec81e32c90d8e7d537b7a1

Output u-coordinate:

0x9d177cda994e5154c9c175c53336e67720d62143f30d70a5e33e1ba

da7c463fe301e8e5613ac4770f39f6adbb2632f2f7aff396257024a88

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bisheh Niasar, M., Azarderakhsh, R., Kermani, M.M. (2020). Efficient Hardware Implementations for Elliptic Curve Cryptography over Curve448. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds) Progress in Cryptology – INDOCRYPT 2020. INDOCRYPT 2020. Lecture Notes in Computer Science(), vol 12578. Springer, Cham. https://doi.org/10.1007/978-3-030-65277-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-65277-7_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-65276-0

  • Online ISBN: 978-3-030-65277-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation