Fast Elliptic Curve Cryptography in OpenSSL

Käsper, Emilia

doi:10.1007/978-3-642-29889-9_4

Fast Elliptic Curve Cryptography in OpenSSL

Emilia Käsper^19,20

Conference paper

1357 Accesses
25 Citations
1 Altmetric

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7126))

Abstract

We present a 64-bit optimized implementation of the NIST and SECG-standardized elliptic curve P-224. Our implementation is fully integrated into OpenSSL 1.0.1: full TLS handshakes using a 1024-bit RSA certificate and ephemeral Elliptic Curve Diffie-Hellman key exchange over P-224 now run at twice the speed of standard OpenSSL, while atomic elliptic curve operations are up to 4 times faster. In addition, our implementation is immune to timing attacks—most notably, we show how to do small table look-ups in a cache-timing resistant way, allowing us to use precomputation. To put our results in context, we also discuss the various security-performance trade-offs available to TLS applications.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Acıiçmez, O., Koç, Ç.K., Seifert, J.-P.: Predicting Secret Keys Via Branch Prediction. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 225–242. Springer, Heidelberg (2006)
Chapter Google Scholar
Bernstein, D.J.: A software implementation of NIST P-224 (2001), http://cr.yp.to/nistp224.html
Bernstein, D.J.: Curve25519: New Diffie-Hellman Speed Records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006)
Chapter Google Scholar
Bernstein, D.J., Chen, H.-C., Chen, M.-S., Cheng, C.-M., Hsiao, C.-H., Lange, T., Lin, Z.-C., Yang, B.-Y.: The billion-mulmod-per-second pc. In: Workshop record of SHARCS 2009: Special-purpose Hardware for Attacking Cryptographic Systems (2009)
Google Scholar
Brown, M., Hankerson, D., López, J., Menezes, A.: Software Implementation of the NIST Elliptic Curves over Prime Fields. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 250–265. Springer, Heidelberg (2001)
Chapter Google Scholar
Brumley, B.B., Hakala, R.M.: Cache-Timing Template Attacks. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 667–684. Springer, Heidelberg (2009)
Chapter Google Scholar
Internet Engineering Task Force. Elliptic curve cryptography (ECC) cipher suites for transport layer security (TLS) (2006), http://www.ietf.org/rfc/rfc4492
Internet Engineering Task Force. Transport layer security (TLS) session resumption without server-side state (2008), http://www.ietf.org/rfc/rfc5077
Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 518–535. Springer, Heidelberg (2009)
Chapter Google Scholar
TLS Working Group. Transport layer security (TLS) false start, https://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00
ECRYPT II. eBACS: ECRYPT benchmarking of cryptographic systems, http://bench.cr.yp.to/supercop.html
ECRYPT II. Yearly report on algorithms and keysizes (2010), D.SPA.13 Rev. 1.0, ICT-2007-216676 (2010), http://www.ecrypt.eu.org/documents/D.SPA.13.pdf
Joye, M., Tunstall, M.: Exponent Recoding and Regular Exponentiation Algorithms. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 334–349. Springer, Heidelberg (2009)
Chapter Google Scholar
Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Google Scholar
Langley, A.: curve25519-donna: A 64-bit implementation of Curve25519, http://code.google.com/p/curve25519-donna/
Möller, B.: Algorithms for Multi-Exponentiation. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 165–180. Springer, Heidelberg (2001)
Chapter Google Scholar
mozilla.org. Network Security Services, http://www.mozilla.org/projects/security/pki/nss/
NIST. Recommendation for key management, special publication 800-57 part 1
Google Scholar
The OpenSSL project. OpenSSL—cryptography and SSL/TLS toolkit, http://www.openssl.org
Certicom Research. SEC 2: Recommended elliptic curve domain parameters (2010)
Google Scholar
Ivan Ristic. Internet SSL survey. Technical report, Qualys, Black Hat USA (2010)
Google Scholar

Download references

Author information

Authors and Affiliations

Google, Belgium
Emilia Käsper
ESAT/COSIC, Katholieke Universiteit Leuven, Belgium
Emilia Käsper

Authors

Emilia Käsper
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Microsoft Research Cambridge, Roger Needham Building, 7 J J Thomson Avenue, CB3 0FB, Cambridge, UK
George Danezis
Department of Computer Science, Stevens Institute of Technology, Castle Point on Hudson, 07030, Hoboken, NJ, USA
Sven Dietrich
Central Research Laboratories, NEC Corporation, 1753 Shimonumabe Nakahara, 211-8666, Kawasaki, Japan
Kazue Sako

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Käsper, E. (2012). Fast Elliptic Curve Cryptography in OpenSSL. In: Danezis, G., Dietrich, S., Sako, K. (eds) Financial Cryptography and Data Security. FC 2011. Lecture Notes in Computer Science, vol 7126. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29889-9_4

Download citation

DOI: https://doi.org/10.1007/978-3-642-29889-9_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29888-2
Online ISBN: 978-3-642-29889-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics