Energy-Architecture Tuning for ECC-Based RFID Tags

  • Deepak ManeEmail author
  • Patrick Schaumont
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8262)


The implementation of Elliptic Curve Cryptography (ECC) on small microcontrollers is challenging. Past research has therefore emphasized performance optimization: pick a target architecture, and minimize the cycle count and footprint of the ECC software. This paper addresses a different aspect of resource-constrained ECC implementation: given the application profile, identify the most suitable architecture parameters. At the highest level, an application profile for ECC-based RFID tags is defined by the required security level, signature generation latency and the available energy/power budget. The target architecture parameters of interest include core-voltage, core-frequency, and/or the need for hardware acceleration. The paper brings two contributions to this complex design space exploration problem. First, we introduce a prototype setup for the precise energy measurement of a microcontroller-based ECC implementation. Second, we present a methodology to derive and optimize the architecture parameters starting from the application requirements. We demonstrate our methodology on a MSP430F5438A microcontroller, and present the energy/architecture design space for 80-bit and 128-bit security-levels, for prime field curves secp160r1 and nistp256.


Public key cryptography Elliptic curves RFID Energy harvesting Throughput Digital signatures 



This project was supported in part through NIST, Grant no. 60NANB10D004.


  1. 1.
    Texas Instruments: MSP430F5438A Mixed Signal Microcontroller.
  2. 2.
    Texas Instruments: MSP430x5xx and MSP430x6xx Family User’s Guide (2013).
  3. 3.
  4. 4.
    Buettner, M., Greenstein, B., Wetherall., D.: Dewdrop: An Energy-Aware Runtime for Computational RFID. In: Proceedings of USENIX Symposium on Networked Systems Design and Implementation (NSDI), Boston, MA, USA (2011)Google Scholar
  5. 5.
    Buettner, M., Greenstein, B., Wetherall, D.: Dewdrop: An energy-aware runtime for computational rfid. In: Proceedings of the 8th USENIX Conference on Networked Systems Design and Implementation (NSDI 2011), p. 15. USENIX Association, Berkeley (2011).
  6. 6.
    Chae, H.J., Yeager, D.J., Smith, J.R., Fu, K.: Maximalist cryptography and computation on the WISP UHF RFID tag. In: Proceedings of the Conference on RFID Security, July 2007.
  7. 7.
    Gouvêa, C.P.L., López, J.: High speed implementation of authenticated encryption for the MSP430X microcontroller. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 288–304. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, New York (2003)Google Scholar
  9. 9.
    Hein, D., Wolkerstorfer, J., Felber, N.: ECC is ready for RFID – A proof in silicon. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 401–413. Springer, Heidelberg (2009)Google Scholar
  10. 10.
    Hinterwälder, G., Paar, C., Burleson, W.P.: Privacy preserving payments on computational RFID devices with application in intelligent transportation systems. In: Hoepman, J.-H., Verbauwhede, I. (eds.) RFIDSec 2012. LNCS, vol. 7739, pp. 109–122. Springer, Heidelberg (2013)Google Scholar
  11. 11.
    Lee, Y.K., Sakiyama, K., Batina, L., Verbauwhede, I.: Elliptic-curve-based security processor for rfid. IEEE Trans. Comput. 57(11), 1514–1527 (2008)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Liu, A., Ning, P.: Tinyecc: A configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of the 7th International Conference on Information Processing in Sensor Networks (IPSN 2008), pp. 245–256. IEEE Computer Society, Washington (2008).
  13. 13.
    National Institute of Standards and Technology: FIPS 186–3: Digital Signature Standard (DSS) (2009).
  14. 14.
    O’Flynn, C.: OPENADC (2012).
  15. 15.
  16. 16.
    Oliveira, L.B., Aranha, D.F., Gouvêa, C.P.L., Scott, M., Câmara, D.F., López, J., Dahab, R.: Tinypbc: pairings for authenticated identity-based non-interactive key distribution in sensor networks. Comput. Commun. 34(3), 485–493 (2011)CrossRefGoogle Scholar
  17. 17.
    Pendl, C., Pelnar, M., Hutter, M.: Elliptic curve cryptography on the WISP UHF RFID tag. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 32–47. Springer, Heidelberg (2012)Google Scholar
  18. 18.
    Raju, M.: T. Instruments White Paper: Energy Harvesting (2008)Google Scholar
  19. 19.
    Ransford, B., Clark, S., Salajegheh, M., Fu, K.: Getting things done on computational rfids with energy-aware checkpointing and voltage-aware scheduling. In: Proceedings of the 2008 Conference on Power Aware Computing and Systems (HotPower 2008), p. 5. USENIX Association, Berkeley (2008).
  20. 20.
    Wang, H., Li, Q.: Efficient implementation of public key cryptosystems on mote sensors (short paper). In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 519–528. Springer, Heidelberg (2006).
  21. 21.
    Wenger, E., Werner, M.: Evaluating 16-bit processors for elliptic curve cryptography. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 166–181. Springer, Heidelberg (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Secure Embedded Systems, Center for Embedded Systems for Critical Applications, Bradley Department of ECEVirginia TechBlacksburgUSA

Personalised recommendations