Data hardware, adopting the ECDH protocol to generate

Data Integrity and Privacy
maintenance achieved through techniques such as cryptography and password
authentication are vital for everyday communication in our current world 1. Due
to the huge advantage that comes with Elliptic Curve Cryptography in terms of
their smaller key size and how easily they can be computed as compared to other
public key encryption such as the RSA and DSA, it is quickly becoming the option
for encryptions / decryption for many applications. For instance, ECDSA was
implemented to avoid vehicular accidents by using secure broadcast
Vehicle-to-Vehicle (V2V) communication in 2 which used the ECDSA algorithm
with the IEEE 1609.2 vehicular Ad-hoc network standard. Not all, 3 proposed
the implementation of an American National Standards Institute (ANSI) called
X9.62 ECDSA over prime elliptic curve F192. Furthermore, a variant of the
curve, the Hyperelliptic Curve Cryptosystem(HECC) 4 is suitable for all
embedded processor architectures having very heavy resource constraint. This
paper presents an implementation of elliptic curve integrated encryption scheme
in hardware, adopting the ECDH protocol to generate a shared key for
communication interchange between parties. The shared key, is in turn used as
the key to any block cipher such as AES and DES to encrypt and decrypt any
message.

1.1   Elliptic Curve
Diffie-Hellman Algorithm

Parties involved in a particular communication
based on a key agreement scheme are required to each provide some form of data
or information to be used in creating a shared session key. This is the case
for the ECDH algorithm. Two parties, Alice and Bob as popularly referred to,
both agree on an elliptic curve E with a finite field P and base point G (x,
y). The ECDH key exchange can be from table 1 in 4 main stages.

Table 1.  Shared key generating sequence in ECDH.

No

Algorithm Sequence.

1:

Alice and Bob randomly generate
integer numbers between 1 and n (order of the subgroup) dA and dB respectively for their private keys

2:

They both then generate their
public key which is HA =
dA.G, HB
= dB.G
 Where G is the base point on the elliptic
curve

3:

Alice and Bob now exchange HA and HB public
keys

4:

Alice and Bob can both now
calculate the shared secrete key
 dA.HB  Alice’s shared key, dB.HA  Bob’s shared key
 S= dA.HB = dA (dB.G) = dB
(dA.G) = dB.HA

1.2   Random Number
Generator

Random numbers are needed to for
everyday application and hence it’s mode of generation and testing is critical
to its use in an application 5. The private keys for each communicating party
are randomly generated. Two random number generator modules, the AKARI-X 6 and
the Linear Feedback Shift Register (LFSR) were designed during this research.
Their performances were compared and the best one chosen for the final
implementation. The LFSR was implemented using a primitive polynomial of degree
32 from equation (1). The LFSR, an m-bit PRNG will always require at least
m-clock cycles to generate. On the other hand, the AKARI-II requires a fixed
64-clock cycles. The LFSR operated at a frequency of 383 MHz with an LUT slice
count of 480. The
AKARI-X on the other hand operated at a maximum frequency of 215 MHz and an LUT
slices count of 1314 making the PRNG more efficient.

 

x32 + x28 + x19
+ x 18 + x 16 + x 14 + x 11 + x
10 + x 9 + x 6 + x 5 + x 1
+ 1

(1)

1.3   Montgomery Ladder
Point Multiplication

The main core of the ECIES is based
on the ECDH shared key exchange protocol. The protocol is computationally
intensive due to inverse operation and complexity of multiplication involving
huge numbers. These issues are handled with the use of the Montgomery scalar
multiplication algorithm. The inverse operation is also replaced with
multiplication by transforming the coordinates from the affine domain to the
projective domain by using the Lopez and Dahab transformational equation.