IEE Proceedings - Information Security
Volume 152, Issue 1, October 2005
Volume 152, Issue 1
October 2005
-
- Author(s): Stuart Govan ; Máire McLoone ; Christof Paar ; Roger Woods
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 1 –2
- DOI: 10.1049/ip-ifs:20059076
- Type: Article
- + Show details - Hide details
-
p.
1
–2
(2)
Editorial
-
- Author(s): K. Järvinen ; M. Tommiska ; J. Skyttä
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 3 –12
- DOI: 10.1049/ip-ifs:20055004
- Type: Article
- + Show details - Hide details
-
p.
3
–12
(10)
The authors present a comparative survey of private-key cryptographic algorithm implementations on field programmable gate arrays (FPGAs). The performance and flexibility of FPGAs make them almost ideal implementation platforms for cryptographic algorithms, and therefore the FPGA-based implementation of cryptographic algorithms has been widely studied during the past few years. However, a complete analysis of published implementations has not been presented previously. The authors analyse FPGA-based implementations of certain widely used cryptographic algorithms in terms of speed, area and implementation techniques. The algorithms studied in this article include the private-key cryptographic algorithms advanced encryption standard and international data encryption algorithm and certain hash algorithms. These algorithm implementations provide a good overview of the field of private-key cryptographic algorithm implementation. - Author(s): M. Feldhofer ; J. Wolkerstorfer ; V. Rijmen
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 13 –20
- DOI: 10.1049/ip-ifs:20055006
- Type: Article
- + Show details - Hide details
-
p.
13
–20
(8)
The authors present a hardware implementation of the advanced encryption standard (AES) which is optimised for low-resource requirements. The standard-cell implementation on a 0.35 µm CMOS process from Philips Semiconductors occupies an area of only 0.25 mm2. This compares roughly to 3400 gate equivalents or to the size of a small grain of sand. The authors believe that this size will serve for a long time as a reference for AES-128 implementations that support encryption and decryption including key setup. Their manufactured silicon implementation is fully operational. Measurements verified the excellent performance predicted by simulation. The maximum clock frequency of 80 MHz allows a data throughput rate of 9.9 Mbps. Besides low-resource optimisation, the circuit is optimised for low-power operation. For use in low-throughput applications, the AES module draws only a current of 3.0 µA when operated at 100 kHz and 1.5 V. This nearly ignorable power consumption in combination with the extreme area efficiency allows new fields of applications for AES which were beyond imagination before. - Author(s): S.-F. Hsiao ; M.-C. Chen ; M.-Y Tsai ; C.-C. Lin
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 21 –30
- DOI: 10.1049/ip-ifs:20055005
- Type: Article
- + Show details - Hide details
-
p.
21
–30
(10)
An efficient common subexpression elimination algorithm is presented to reduce the area cost of realising the XOR-based operations for MixColumns, InvMixColumns, SubBytes, and InvSubBytes transformations in the Rijndael Advanced Encryption Standard (AES). This algorithm contains four optimisation priorities to extract the common factors in the bit-level equations. Performance comparisons in both the architecture-level design and the technology-dependent cell-based implementations are given. Experimental results show the authors proposed method reduces significantly the area cost of the whole AES processor design compared with synopsys area-optimised synthesis results or other previous implementations. - Author(s): Z. Yan ; D.V. Sarwate ; Z. Liu
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 31 –45
- DOI: 10.1049/ip-ifs:20055017
- Type: Article
- + Show details - Hide details
-
p.
31
–45
(15)
We propose in-place systolic bit-serial, bit-parallel, and folded bit-parallel architectures for inversion in GF(2m). Our bit-serial architectures have the highest throughput 1/m of the three types but use more hardware than the other two types. Our bit-parallel architectures have throughput of 1/(2m − 1) with interleaved inputs and 1/(4m − 2) without interleaving. The new bit-serial and bit-parallel architectures proposed have the same throughput and latency but smaller hardware cost and shorter critical path delay than the best comparable architectures proposed previously. We also propose novel folded versions of our bit-parallel architectures which achieve 1/(4m − 2) non-interleaved throughput with even less hardware than our bit-parallel architectures. To the best of our knowledge, no comparable scheme has been proposed previously. The circuitry in each cell of our bit-serial architectures and the (folded and unfolded) bit-parallel architectures with distributed ring counters is the same for all values of m. Since there are no global control or data signals either, these architectures have excellent scalability properties and are very suitable for applications where m is large or variable. Implementation details using the TSMC Avanti 0.18 µm CMOS standard cell library are provided. - Author(s): T. Kerins ; W.P. Marnane ; E.M. Popovici ; P.S.L.M. Barreto
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 47 –56
- DOI: 10.1049/ip-ifs:20055009
- Type: Article
- + Show details - Hide details
-
p.
47
–56
(10)
Polynomial basis hardware architectures are described for the mathematical operations required in pairing based cryptosystems in characteristic p = 3. In hardware, arithmetic operations in extension fields of GF(3m) can be parallelised, and this results in high performance dedicated processors for efficient Tate pairing calculation. The implementation aspects of two such hardware processors are discussed through prototyping over GF(397) on the Xilinx Virtex2 and Virtex2Pro FPGA technologies. - Author(s): L. Batina ; N. Mentens ; B. Preneel ; I. Verbauwhede
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 57 –65
- DOI: 10.1049/ip-ifs:20055019
- Type: Article
- + Show details - Hide details
-
p.
57
–65
(9)
The authors propose balanced algorithms for elliptic curve cryptography (ECC). The authors make the point addition and doubling balanced; that is, they are implemented as identical sequences of operations. As an example the authors implement an ECC point multiplication algorithm, using the approach of Montgomery, for which a single power trace does not expose the Hamming weight nor the bits of the secret key. Nevertheless, their field-programmable gate array implementation is also compact and efficient. The proposed multiplier for the finite field operations is digit serial and scalable to arbitrary bit-lengths. The method calculates the result by splitting the multiplication into two separate processes. The architecture presented compares favourably with designs presented in the literature. Furthermore, the power consumption graphs show the new implementation has an improved side-channel resistance. - Author(s): J. Pelzl ; M. Šimka ; T. Kleinjung ; J. Franke ; C. Priplata ; C. Stahlke ; M. Drutarovský ; V. Fischer ; C. Paar
- Source: IEE Proceedings - Information Security, Volume 152, Issue 1, p. 67 –78
- DOI: 10.1049/ip-ifs:20055018
- Type: Article
- + Show details - Hide details
-
p.
67
–78
(12)
Since the introduction of public key cryptography, the problem of factoring large composites has been of increased interest. The security of the most popular asymmetric cryptographic scheme RSA depends on the hardness of factoring large numbers. The best known method for factoring large integers is the general number field sieve (GNFS). One important step within the GNFS is the factorisation of mid-size numbers for smoothness testing, an efficient algorithm for which is the elliptic curve method (ECM). Since smoothness testing is also suitable for parallelisation, the implementation of ECM in hardware is promising. We show that massive parallel and cost-efficient ECM hardware engines can improve the area–time product of the RSA moduli factorisation via the GNFS considerably. The computation of ECM is a classic example of an algorithm that can be significantly accelerated through special-purpose hardware. The authors thoroughly analyse the prerequisites for an area–time efficient hardware architecture for ECM. The authors present an implementation of ECM to factor numbers up to 200 bits, which is also scalable to other bit lengths. ECM is realised as a software–hardware co-design on a field-programmable gate array (FPGA) and an embedded microcontroller (system-on-chip). Furthermore, the authors provide estimates for state-of-the-art CMOS implementation of the design and for the application of massive parallel ECM engines to the GNFS. This appears to be the first publication of a realised hardware implementation of ECM, and the first description of GNFS acceleration through hardware-based ECM.
Comparative survey of high-performance cryptographic algorithm implementations on FPGAs
AES implementation on a grain of sand
System-on-chip implementation of the whole advanced encryption standard processor using reduced XOR-based sum-of-product operations
Hardware-efficient systolic architectures for inversion in GF(2m)
Hardware accelerators for pairing based cryptosystems
Balanced point operations for side-channel protection of elliptic curve cryptography
Area–time efficient hardware architecture for factoring integers with the elliptic curve method
Most viewed content for this Journal
Article
content/journals/ip-ifs
Journal
5
Most cited content for this Journal
We currently have no most cited data available for this content.