Data Integrity and Privacy

maintenance achieved through techniques such as cryptography and password

authentication are vital for everyday communication in our current world 1. Due

to the huge advantage that comes with Elliptic Curve Cryptography in terms of

their smaller key size and how easily they can be computed as compared to other

public key encryption such as the RSA and DSA, it is quickly becoming the option

for encryptions / decryption for many applications. For instance, ECDSA was

implemented to avoid vehicular accidents by using secure broadcast

Vehicle-to-Vehicle (V2V) communication in 2 which used the ECDSA algorithm

with the IEEE 1609.2 vehicular Ad-hoc network standard. Not all, 3 proposed

the implementation of an American National Standards Institute (ANSI) called

X9.62 ECDSA over prime elliptic curve F192. Furthermore, a variant of the

curve, the Hyperelliptic Curve Cryptosystem(HECC) 4 is suitable for all

embedded processor architectures having very heavy resource constraint. This

paper presents an implementation of elliptic curve integrated encryption scheme

in hardware, adopting the ECDH protocol to generate a shared key for

communication interchange between parties. The shared key, is in turn used as

the key to any block cipher such as AES and DES to encrypt and decrypt any

message.

1.1 Elliptic Curve

Diffie-Hellman Algorithm

Parties involved in a particular communication

based on a key agreement scheme are required to each provide some form of data

or information to be used in creating a shared session key. This is the case

for the ECDH algorithm. Two parties, Alice and Bob as popularly referred to,

both agree on an elliptic curve E with a finite field P and base point G (x,

y). The ECDH key exchange can be from table 1 in 4 main stages.

Table 1. Shared key generating sequence in ECDH.

No

Algorithm Sequence.

1:

Alice and Bob randomly generate

integer numbers between 1 and n (order of the subgroup) dA and dB respectively for their private keys

2:

They both then generate their

public key which is HA =

dA.G, HB

= dB.G

Where G is the base point on the elliptic

curve

3:

Alice and Bob now exchange HA and HB public

keys

4:

Alice and Bob can both now

calculate the shared secrete key

dA.HB Alice’s shared key, dB.HA Bob’s shared key

S= dA.HB = dA (dB.G) = dB

(dA.G) = dB.HA

1.2 Random Number

Generator

Random numbers are needed to for

everyday application and hence it’s mode of generation and testing is critical

to its use in an application 5. The private keys for each communicating party

are randomly generated. Two random number generator modules, the AKARI-X 6 and

the Linear Feedback Shift Register (LFSR) were designed during this research.

Their performances were compared and the best one chosen for the final

implementation. The LFSR was implemented using a primitive polynomial of degree

32 from equation (1). The LFSR, an m-bit PRNG will always require at least

m-clock cycles to generate. On the other hand, the AKARI-II requires a fixed

64-clock cycles. The LFSR operated at a frequency of 383 MHz with an LUT slice

count of 480. The

AKARI-X on the other hand operated at a maximum frequency of 215 MHz and an LUT

slices count of 1314 making the PRNG more efficient.

x32 + x28 + x19

+ x 18 + x 16 + x 14 + x 11 + x

10 + x 9 + x 6 + x 5 + x 1

+ 1

(1)

1.3 Montgomery Ladder

Point Multiplication

The main core of the ECIES is based

on the ECDH shared key exchange protocol. The protocol is computationally

intensive due to inverse operation and complexity of multiplication involving

huge numbers. These issues are handled with the use of the Montgomery scalar

multiplication algorithm. The inverse operation is also replaced with

multiplication by transforming the coordinates from the affine domain to the

projective domain by using the Lopez and Dahab transformational equation.