research-article

Twisted edwards-form elliptic curve cryptography for 8-bit AVR-based sensor nodes

Authors:

Johann Großschädl,

Volker Müller,

Yang ZhangAuthors Info & Claims

AsiaPKC '13: Proceedings of the first ACM workshop on Asia public-key cryptography

Pages 39 - 44

https://doi.org/10.1145/2484389.2484398

Published: 08 May 2013 Publication History

Abstract

Wireless Sensor Networks (WSNs) pose a number of unique security challenges that demand innovation in several areas including the design of cryptographic primitives and protocols. Despite recent progress, the efficient implementation of Elliptic Curve Cryptography (ECC) for WSNs is still a very active research topic and techniques to further reduce the time and energy cost of ECC are eagerly sought. This paper presents an optimized ECC implementation that we developed from scratch to comply with the severe resource constraints of 8-bit sensor nodes such as the MICAz and IRIS motes. Our ECC software uses Optimal Prime Fields (OPFs) as underlying algebraic structure and supports two different families of elliptic curves, namely Weierstraß-form and twisted Edwards-form curves. Due to the combination of efficient field arithmetic and fast group operations, we achieve an execution time of 5.8 · 10⁶ clock cycles for a full 158-bit scalar multiplication on an 8-bit ATmega128 micro-controller, which is 2.78 times faster than the widely-used TinyECC library. Our implementation also shows that the energy cost of scalar multiplication on a MICAz (or IRIS) mote amounts to just 19~mJ when using a twisted Edwards curve over a 160-bit OPF. This result compares fairly well with the energy figures of two recently-presented hardware designs of ECC based on twisted Edwards curves.

References

[1]

I. F. Akyildiz and M. C. Vuran. Wireless Sensor Networks. John Wiley and Sons, 2010.

Digital Library

[2]

B. Baldwin, R. Moloney, A. Byrne, G. McGuire, and W. P. Marnane. A hardware analysis of twisted Edwards curves for an elliptic curve cryptosystem. In Reconfigurable Computing: Architectures, Tools and Applications --- ARC 2009, vol. 5453 of Lecture Notes in Computer Science, pp. 355--361. Springer Verlag, 2009.

[3]

D. J. Bernstein. Curve25519: New Diffie-Hellman speed records. In Public Key Cryptography --- PKC 2006, vol. 3958 of Lecture Notes in Computer Science, pp. 207--228. Springer Verlag, 2006.

[4]

D. J. Bernstein, P. Birkner, M. Joye, T. Lange, and C. Peters. Twisted Edwards curves. In Progress in Cryptology --- AFRICACRYPT 2008, vol. 5023 of Lecture Notes in Computer Science, pp. 389--405. Springer Verlag, 2008.

[5]

D. J. Bernstein and T. Lange. Faster addition and doubling on elliptic curves. In Advances in Cryptology --- ASIACRYPT 2007, vol. 4833 of Lecture Notes in Computer Science, pp. 29--50. Springer Verlag, 2007.

[6]

D. W. Carman, P. S. Kruus, and B. J. Matt. Constraints and Approaches for Distributed Sensor Network Security. Technical Report #00-010, NAI Labs, Sept. 2000.

[7]

H. Cohen and G. Frey (eds). Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapmann & Hall\CRC, 2006.

Digital Library

[8]

A. Coyette. Embedded Security for Car Telematics and Infotainment. M.Sc. Thesis, Department of Electrical Engineering (ESAT), Katholieke Universiteit Leuven, Heverlee, Belgium, 2012.

[9]

Crossbow Technology, Inc. MICAz Wireless Measurement System. Data sheet, available online at http://www.xbow.com/Products/Product_pdf_files/Wireless_pdf/MICAz_Datasheet.pdf, Jan. 2006.

[10]

H. M. Edwards. A normal form for elliptic curves. Bulletin of the American Mathematical Society, 44(3):393--422, July 2007.

[11]

J. Großschädl. TinySA: A security architecture for wireless sensor networks. In Proceedings of the 2nd International Conference on Emerging Networking Experiments and Technologies (CoNEXT 2006), pp. 288--289. ACM Press, 2006.

Digital Library

[12]

J. Großschädl and G.-A. Kamendje. Architectural enhancements for Montgomery multiplication on embedded RISC processors. In Applied Cryptography and Network Security --- ACNS 2003, vol. 2846 of Lecture Notes in Computer Science, pp. 418--434. Springer Verlag, 2003.

[13]

N. Gura, A. Patel, A. S. Wander, H. Eberle, and S. Chang Shantz. Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In Cryptographic Hardware and Embedded Systems --- CHES 2004, vol. 3156 of Lecture Notes in Computer Science, pp. 119--132. Springer Verlag, 2004.

[14]

D. R. Hankerson, A. J. Menezes, and S. A. Vanstone. Guide to Elliptic Curve Cryptography. Springer Verlag, 2004.

Digital Library

[15]

H. Hişil, K. K.-H. Wong, G. Carter, and E. Dawson. Twisted Edwards curves revisited. In Advances in Cryptology ? ASIACRYPT 2008, vol. 5350 of Lecture Notes in Computer Science, pp. 326--343. Springer Verlag, 2008.

[16]

M. K. Jain. Wireless sensor networks: Security issues and challenges. International Journal of Computer and Information Technology, 2(1):62--67, July 2011.

[17]

æ. K. Koç, T. Acar, and B. S. Kaliski. Analyzing and comparing Montgomery multiplication algorithms. IEEE Micro, 16(3):26--33, June 1996.

Digital Library

[18]

C. Lederer, R. Mader, M. Koschuch, J. Großschädl, A. Szekely, and S. Tillich. Energy-efficient implementation of ECDH key exchange for wireless sensor networks. In Information Security Theory and Practice ? WISTP 2009, vol. 5746 of Lecture Notes in Computer Science, pp. 112--127. Springer Verlag, 2009.

Digital Library

[19]

A. Liu and P. Ning. TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the 7th International Conference on Information Processing in Sensor Networks (IPSN 2008), pp. 245--256. IEEE Computer Society Press, 2008.

Digital Library

[20]

P. L. Montgomery. Modular multiplication without trial division. Mathematics of Computation, 44(170):519--521, Apr. 1985.

[21]

National Institute of Standards and Technology (NIST). Recommended Elliptic Curves for Federal Government Use. White paper, available online at http://csrc.nist.gov/encryption/dss/ecdsa/NISTReCur.pdf, July 1999.

[22]

A. Perrig, J. A. Stankovic, and D. Wagner. Security in wireless sensor networks. Communications of the ACM, 47(6):53--57, June 2004.

Digital Library

[23]

Y. Wang, G. Attebury, and B. Ramamurthy. A survey of security issues in wireless sensor networks. IEEE Communications Surveys & Tutorials, 8(2):2--23, Apr. 2006.

Digital Library

[24]

Y. Zhang and J. Großschädl. Efficient prime-field arithmetic for elliptic curve cryptography on wireless sensor nodes. In Proceedings of the 1st International Conference on Computer Science and Network Technology (ICCSNT 2011), vol. 1, pp. 459--466. IEEE, 2011.

Cited By

Ullah SRadzi RYazdani TAlshehri AKhan I(2022)Types of Lightweight Cryptographies in Current Developments for Resource Constrained Machine Type Communication Devices: Challenges and OpportunitiesIEEE Access10.1109/ACCESS.2022.316000010(35589-35604)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3160000
Ullah SZahilah R(2021)Curve25519 based lightweight end-to-end encryption in resource constrained autonomous 8-bit IoT devicesCybersecurity10.1186/s42400-021-00078-64:1Online publication date: 2-Mar-2021
https://doi.org/10.1186/s42400-021-00078-6
Harn LHsu CXia ZHe Z(2021)Lightweight Aggregated Data Encryption for Wireless Sensor Networks (WSNs)IEEE Sensors Letters10.1109/LSENS.2021.30633265:4(1-4)Online publication date: Apr-2021
https://doi.org/10.1109/LSENS.2021.3063326
Show More Cited By

Index Terms

Twisted edwards-form elliptic curve cryptography for 8-bit AVR-based sensor nodes
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Supersingular Twisted Edwards Curves Over Prime Fields. I. Supersingular Twisted Edwards Curves with j-Invariants Equal to Zero and 123

An analysis of existence conditions of supersingular twisted Edwards curves over a prime field is given. Theorems on the conditions of existence of supersingular curves with j-invariants equal to zero and 123 in different classes of curves are ...
Performance evaluation of twisted Edwards-form elliptic curve cryptography for wireless sensor nodes

Wireless sensor networks WSNs pose a number of unique security challenges that demand innovation in several areas including the design of cryptographic primitives and protocols. Despite recent progress, the efficient implementation of Elliptic Curve ...
Pairing Computation on Twisted Edwards Form Elliptic Curves
Pairing '08: Proceedings of the 2nd international conference on Pairing-Based Cryptography

A new form of elliptic curve was recently discovered by Edwards and their application to cryptography was developed by Bernstein and Lange. The form was later extended to the twisted Edwards form. For cryptographic applications, Bernstein and Lange ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

AsiaPKC '13: Proceedings of the first ACM workshop on Asia public-key cryptography

May 2013

70 pages

ISBN:9781450320696

DOI:10.1145/2484389

General Chairs:
Kefei Chen
Shanghai Jiao Tong University, China
,
Qi Xie
Hangzhou Normal University, China
,
Weidong Qiu
Shanghai Jiao Tong University, China
,
Program Chairs:
Shouhuai Xu
University of Texas at San Antonio, USA
,
Yunlei Zhao
Fudan University, China

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 May 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '13

Sponsor:

SIGSAC

ASIA CCS '13: 8th ACM Symposium on Information, Computer and Communications Security

May 8, 2013

Hangzhou, China

Acceptance Rates

AsiaPKC '13 Paper Acceptance Rate 8 of 18 submissions, 44%;

Overall Acceptance Rate 36 of 103 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
293
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ullah SRadzi RYazdani TAlshehri AKhan I(2022)Types of Lightweight Cryptographies in Current Developments for Resource Constrained Machine Type Communication Devices: Challenges and OpportunitiesIEEE Access10.1109/ACCESS.2022.316000010(35589-35604)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3160000
Ullah SZahilah R(2021)Curve25519 based lightweight end-to-end encryption in resource constrained autonomous 8-bit IoT devicesCybersecurity10.1186/s42400-021-00078-64:1Online publication date: 2-Mar-2021
https://doi.org/10.1186/s42400-021-00078-6
Harn LHsu CXia ZHe Z(2021)Lightweight Aggregated Data Encryption for Wireless Sensor Networks (WSNs)IEEE Sensors Letters10.1109/LSENS.2021.30633265:4(1-4)Online publication date: Apr-2021
https://doi.org/10.1109/LSENS.2021.3063326
Mall ASingh PThute AKhapre SShankar A(2021)Security Issues of Edge Computing in IoTProceedings of International Conference on Machine Intelligence and Data Science Applications10.1007/978-981-33-4087-9_47(567-579)Online publication date: 8-May-2021
https://doi.org/10.1007/978-981-33-4087-9_47
Grobschadl JLiu ZHu ZSu CZhou L(2019)Fast ECDH Key Exchange Using Twisted Edwards Curves with an Efficiently Computable Endomorphism2019 International Workshop on Secure Internet of Things (SIOT)10.1109/SIOT48044.2019.9637091(1-8)Online publication date: 26-Sep-2019
https://doi.org/10.1109/SIOT48044.2019.9637091
Chen TBlasco JKupwade Patil H(2019)Cryptography in WSNsMission-Oriented Sensor Networks and Systems: Art and Science10.1007/978-3-319-91146-5_21(783-820)Online publication date: 19-Sep-2019
https://doi.org/10.1007/978-3-319-91146-5_21
Ghatpande SGroßschädl JLiu Z(2019)A Family of Lightweight Twisted Edwards Curves for the Internet of ThingsInformation Security Theory and Practice10.1007/978-3-030-20074-9_14(193-206)Online publication date: 12-May-2019
https://doi.org/10.1007/978-3-030-20074-9_14
LI YWANG JZENG XYE X(2017)Fast Montgomery Modular Multiplication and Squaring on Embedded ProcessorsIEICE Transactions on Communications10.1587/transcom.2016EBP3189E100.B:5(680-690)Online publication date: 2017
https://doi.org/10.1587/transcom.2016EBP3189
Franck CGroßschädl J(2017)Efficient Implementation of Pedersen Commitments Using Twisted Edwards CurvesMobile, Secure, and Programmable Networking10.1007/978-3-319-67807-8_1(1-17)Online publication date: 27-Sep-2017
https://doi.org/10.1007/978-3-319-67807-8_1
Järvinen KBalasch J(2017)Single-Trace Side-Channel Attacks on Scalar Multiplications with PrecomputationsSmart Card Research and Advanced Applications10.1007/978-3-319-54669-8_9(137-155)Online publication date: 7-Mar-2017
https://doi.org/10.1007/978-3-319-54669-8_9
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents