Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy, and Applied Cryptography Engineering

SPACE 2015: Security, Privacy, and Applied Cryptography Engineering pp 289–309Cite as

Efficient and Secure Elliptic Curve Cryptography for 8-bit AVR Microcontrollers

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9354))

Abstract

The AVR family of 8-bit microcontrollers is widely used in several applications demanding secure communications and protection against physical attacks, such as side-channel analysis. In this context, processing, storage and energy demands of cryptographic software must be low, requirements which are met by ECC. At the 128-bit security level, two recently proposed curves are an attractive option for 8-bit microcontrollers: Curve25519 for Diffie-Hellman key exchange, and Ed25519 for signature. Simple power analysis is a significant threat to AVR applications, but efficient and side-channel tested implementations of SPA countermeasures for ECC protocols have not yet been dealt with in this platform, in the literature. This paper describes an efficient implementation of ECDH-Curve25519 and EdDSA-Ed25519-SHA512 for the ATmega328P platform. Our implementation provides protection against timing attacks, SPA and template SPA. The resistance against SPA is evaluated through the test vector leakage assessment (TVLA) methodology based on Welch’s t-test, using the Chipwhisperer platform.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akishita, T., Takagi, T.: Zero-value point attacks on elliptic curve cryptosystem. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218–233. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. ANSSI. Mécanismes cryptographiques - Règles et recommandations. Technical report, Agence nationale de la sécurité des systèmes d’information (2014)

    Google Scholar 

  3. Barke, E., Kelsey, J.: SP 800-90A: Recommendation for Random Number Generation Using Deterministic Random Bit Generators. Technical report, NIST (2012)

    Google Scholar 

  4. Batina, L., Chmielewski, L., Papachristodoulou, L., Schwabe, P., Tunstall, M.: Online Template Attacks. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 21–36. Springer, Heidelberg (2014)

    Google Scholar 

  5. Bernstein, D.J.: Curve25519: new diffie-hellman speed records. Technical report, University of Illinois at Chicago (2006)

    Google Scholar 

  6. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. Journal of Cryptographic Engineering 2(2), 77–89 (2012)

    Article  MATH  Google Scholar 

  7. Bernstein, D.J., Lange, T., Schwabe, P.: The security impact of a new cryptographic library. In: Hevia, A., Neven, G. (eds.) LatinCrypt 2012. LNCS, vol. 7533, pp. 159–176. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Bos, J., Costello, C., Longa, P., Naehrig, M.: Selecting elliptic curves for cryptography: an efficiency and security analysis. Journal of Cryptographic Engineering, 1–28 (2015)

    Google Scholar 

  9. Bos, J.W.: High-performance modular multiplication on the cell processor. In: Hasan, M.A., Helleseth, T. (eds.) WAIFI 2010. LNCS, vol. 6087, pp. 7–24. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  10. Brent, R.P., Zimmermann, P.: Modern Computer Arithmetic. Cambridge University Press (2010)

    Google Scholar 

  11. BSI. Algorithms for Qualified Electronic Signatures. Technical report, Bundesamt für Sicherheit in der Informationstechnik (2014)

    Google Scholar 

  12. Chatzikokolakis, K., Chothia, T., Guha, A.: Statistical Measurement of Information Leakage. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 390–404. Springer, Heidelberg (2010), http://dx.doi.org/10.1007/978-3-642-12002-2_33 , doi:10.1007/978-3-642-12002-2_33

    Chapter  Google Scholar 

  13. Chothia, T., Guha, A.: A statistical test for information leaks using continuous mutual information. In: Proceedings - IEEE Computer Security Foundations Symposium, pp. 177–190 (2011)

    Google Scholar 

  14. Chu, D., Großschädl, J., Liu, Z., Müller, V., Zhang, Y.: Twisted Edwards-form elliptic curve cryptography for 8-bit AVR-based sensor nodes. In: Proceedings of the First ACM Workshop on Asia Public-Key Cryptography, pp. 39–44. ACM (2013)

    Google Scholar 

  15. Cooper, J., Demulder, E., Goodwill, G., Jaffe, J., Kenworthy, G.: Test Vector Leakage Assessment (TVLA) methodology in practice (Extended Abstract). Technical report, Cryptography Research Inc. (2013)

    Google Scholar 

  16. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  17. Criteria, C.: Common Criteria v3.1. Technical report, Common Criteria (2014)

    Google Scholar 

  18. Danger, J.-L., Guilley, S., Hoogvorst, P., Murdica, C., Naccache, D.: A synthesis of side-channel attacks on elliptic curve cryptography in smart-cards. Journal of Cryptographic Engineering, 1–25 (2013)

    Google Scholar 

  19. Düll, M., Haase, B., Hinterwälder, G., Hutter, M., Paar, C., Sánchez, A.H., Schwabe, P.: High-speed curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers. In: Designs, Codes and Cryptography, pp. 1–22 (2015)

    Google Scholar 

  20. Faz-Hernández, A., Longa, P., Sánchez, A.H.: Efficient and secure algorithms for GLV-based scalar multiplication and their implementation on GLV-GLS curves. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 1–27. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  21. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  22. Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side channel resistance validation. Technical report, CRI (2011)

    Google Scholar 

  23. Goubin, L.: A refined power-analysis attack on elliptic curve cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–210. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  24. Goundar, R., Joye, M., Miyaji, A., Rivain, M., Venelli, A.: Scalar multiplication on weierstraß elliptic curves from co-z arithmetic. Journal of Cryptographic Engineering 1(2), 161–176 (2011)

    Article  Google Scholar 

  25. Hisil, H., Wong, K.K.-H., Carter, G., Dawson, E.: Twisted edwards curves revisited. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 326–343. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  26. Hlavac, J., Lorencz, R., Hadacek, M.: True random number generation on an Atmel AVR microcontroller. In: 2010 2nd International Conference on Computer Engineering and Technology (ICCET), vol. 2, pp. V2–493–V2–495 (2010)

    Google Scholar 

  27. Hutter, M., Schwabe, P.: Nacl on 8-bit avr microcontrollers. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 156–172. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  28. Hutter, M., Schwabe, P.: Multiprecision multiplication on avr revisited. Journal of Cryptographic Engineering, 1–14 (2015)

    Google Scholar 

  29. Joye, M.: Highly regular right-to-left algorithms for scalar multiplication. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 135–147. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  30. Joye, M.: Highly regular m-ary powering ladders. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 350–363. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  31. Killmann, W., Lange, T., Lochter, M., Thumser, W., Wicke, G.: Minimum Requirements for Evaluating Side-Channel Attack Resistance of Elliptic Curve Implementations. Technical report, BSI (2011)

    Google Scholar 

  32. Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48(177), 203–209 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  33. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  34. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  35. Liu, Z., Großschädl, J., Wong, D.S.: Low-weight primes for lightweight elliptic curve cryptography on 8-bit AVR processors. In: Lin, D., Xu, S., Yung, M. (eds.) Inscrypt 2013. LNCS, vol. 8567, pp. 217–235. Springer, Heidelberg (2014)

    Google Scholar 

  36. Liu, Z., Wenger, E., Großschädl, J.: MoTE-ECC: Energy-scalable elliptic curve cryptography for wireless sensor networks. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 361–379. Springer, Heidelberg (2014)

    Google Scholar 

  37. Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: Revealing the secrets of smart cards, vol. 31. Springer (2007)

    Google Scholar 

  38. Mather, L., Oswald, E., Bandenburg, J., Wójcik, M.: Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 486–505. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  39. Medwed, M., Oswald, E.: Template Attacks on ECDSA. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 14–27. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  40. Miller, V.S.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)

    Google Scholar 

  41. Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243–264 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  42. NIST. FIPS 180-2: Secure hash standard (SHS). Technical report, NIST (2001)

    Google Scholar 

  43. NIST. FIPS 140-3: Security Requirements for Cryptographic Modules. Technical report, NIST (2009)

    Google Scholar 

  44. NIST. SP 800-57 - Recommendation for Key Management. Technical report, National Institute for Standards and Technology (2012)

    Google Scholar 

  45. NSA. Fact Sheet Suite B Cryptography. Technical report, National Security Agency (2014)

    Google Scholar 

  46. O’Flynn, C., Chen, Z.D.: ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243–260. Springer, Heidelberg (2014)

    Google Scholar 

  47. Quisquater, J.-J., Samyde, D.: ElectroMagnetic analysis (EMA): Measures and counter-measures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  48. Schneider, T., Moradi, A.: Leakage Assessment Methodology - a clear roadmap for side-channel evaluations. Cryptology ePrint Archive, Report 2015/207 (2015)

    Google Scholar 

  49. Straus, E.G.: Addition chains of vectors (problem 5125). In: American Mathematical Monthly, pp. 806–808 (1964)

    Google Scholar 

  50. Witteman, M., Jaffe, J., Rohatgi, P.: Efficient side channel testing for public key algorithms: RSA case study. Technical report, Cryptography Research (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computing, University of Campinas, Campinas, Brazil

    Erick Nascimento, Julio López & Ricardo Dahab

Authors
  1. Erick Nascimento
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Julio López
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ricardo Dahab
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Erick Nascimento .

Editor information

Editors and Affiliations

  1. Indian Inst of Tech Kharagpur, Kharagpur, West Bengal, India

    Rajat Subhra Chakraborty

  2. Digital Security Group, Radboud University Nijmegen, Nijmegen, Gelderland, The Netherlands

    Peter Schwabe

  3. Dept. of Computer Science, University of Illinois at Chicago, Chicago, Illinois, USA

    Jon Solworth

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Nascimento, E., López, J., Dahab, R. (2015). Efficient and Secure Elliptic Curve Cryptography for 8-bit AVR Microcontrollers. In: Chakraborty, R., Schwabe, P., Solworth, J. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2015. Lecture Notes in Computer Science(), vol 9354. Springer, Cham. https://doi.org/10.1007/978-3-319-24126-5_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-24126-5_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-24125-8

  • Online ISBN: 978-3-319-24126-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation