Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

X25519 hardware implementation for low-latency applications

: Koppermann, P.; Santis, F. de; Heyszl, J.; Sigl, G.


Kitsos, P. ; European Organisation for Information Technology and Microelectronics; Institute of Electrical and Electronics Engineers -IEEE-:
DSD 2016, 19th Euromicro Conference in Digital System Design. Proceedings : 31 August-2 September 2016, Limassol, Cyprus
Piscataway, NJ: IEEE, 2016
ISBN: 978-1-5090-2817-7
ISBN: 978-1-5090-2816-0
ISBN: 978-1-5090-2818-4 (Print)
Conference in Digital System Design (DSD) <19, 2016, Limassol>
Fraunhofer AISEC ()

In the world of 'Internet of Things' (IoT), millions of interconnected smart devices have to share information in a fast and secure way. In order to ensure the success and widespread adoption of IoT applications, cryptographic services must be provided to ensure secure communications and avoid skepticism about new emerging technologies. Due to its short key sizes, elliptic curve cryptography is typically deployed on resource-constrained devices in order to enable public-key cryptographic services, i.e. secure key exchanges between smart devices. In the past few years, there has been a growing interest in Curve25519 due to its elegant design aimed at both high-security and high-performance, making it one of the most promising candidates to secure IoT applications. In fact, beside providing appropriate security levels, most IoT applications must adhere to strict latency requirements and provide guarantee to process information in a tiny fraction of time. Until now Curve25 519 hardware implementations were mainly optimized for high-throughput applications, while no special care was given to low-latency designs. In this work, we close this gap and provide a Curve25519 hardware design targeting low-latency applications. Our implementation takes only 13,639 cycles for a variable-base Curve25519 scalar multiplication and can be operated up to 115 MHz on Xilinx Zynq 7030 FPGA devices. This allows to compute a session key in less than 120 μs, which outperforms known FPGA-based Curve25519 implementations by a factor of 2.8, yet requiring 24 % less area resources.