The Optimization Of ECC IP And Research On Its Side Channel Attack

Cryptographic technology is the core technology of information security, which ensures confidentiality, security, integrity and independence of data. With the warming up public key cryptographic systems in current research area—Elliptic Curve Cryptosystem (ECC), compared with the traditional cryptosystem RSA, it has high safety level, low computation, small storage space and low bandwidth demand. All these advantages make ECC widely used in storage, computation and communication bandwidth constrained environment. Moreover, as the proposal of side channel attacks that relies on physical information such as power consumption, processing time, electromagnetic radiation and so on recently, the security problem of encryption device is pressing. Therefore, developing an ECC safe chip for resource constrained device with side channel countermeasures conforms to the demand and development of the market.First of all, this paper introduces concerned corresponding mathematical background of ECC algorithm in prime field, and then makes a brief introduction about traditional design thought and methodology of ECC. Based on this, we propose corresponding optimization for two indicators: area and speed from algorithm angle, respectively, including elliptic curve point multiplication proposal based on MOF encoding and corresponding strategy for SRAM data placement, redesign of modular inversion module. After analysis and testing, we find an optimal balance point between speed and area of the entire IP with the combination of all these optimization methods. Then, this paper states that potential safety hazard exists in encryption hardware from both theoretical analysis and experiment. Therefore, research on side channel attack and corresponding countermeasures towards ECC algorithm is very necessary. Considering that different users have different requirements of performance and area, this paper puts forward the so called"safety configuration"design concept. Following this thought, we separate anti-SPA, DPA, RPA and ZPA countermeasures into different safety levels and integrate them into ECC IP. Emphasis is paid on anti-SPA countermeasure which is based on MOF encoding and can be incorporated into the original IP with very low cost. At last, the improved ECC IP has successfully passed safety test and FPGA verification and at 100MHz frequency, 192-bit point multiplication consumes 3.69ms without countermeasures and total area including SRAM is synthesized into 87K gates by using 0.18-μm technology, much better than other designs.