VLSI Implementation Of ECC Scalar Multiplication And Research On Power Analysis Attack

The use of elliptic curve in cryptography was first proposed by Miller and Koblitz in 1985 respectively. Since that time, a lot of attentions have been paid to elliptic curves for cryptographic applications. Compared with other commonly used public key cryptosystems such as RSA, Elliptic curve cryptography (ECC) has a lot of benefits, such as the highest security per bit of any known public key cryptosystem, hardware implementations with fewer resources, and so on. Thus, lots of researchers believe that ECC will replace RSA in the future.As one of the most commonly used side-channel attacks, power analysis attack can recover the secret keys and useful information in the secure chip by analyzing the input and output data combing with the power consumption curves during the cipher processing. Power analysis attack has been rapidly developed in recent years, because it is efficient and easy to implement.In this thesis, VLSI design optimization on finite field, VLSI implementation of elliptic curve scalar multiplication, and power analysis and countermeasures on ECC cipher are studied. We designed a high-speed multiplicative inverter in finite field , implemented the elliptic curve scalar multiplication successfully, and attacked the elliptic curve scalar multiplication using differential power analysis technology. To sum up, the main innovation and creative points are as follows: GF(2 233)1. We hardware-implemented all finite field modules. Based on the parallel Sunar-Ko? multiplier, we designed a high-speed multiplicative inverter in finite field GF(2 233), which just needs 26 clock cycles to obtain the result.2. We used the Montgomery scalar multiplication algorithm under the projective coordinate to implement the top module. The algorithm we used doesn't need precomputation and reduced the inversion to only 1 time, thus we can get a fast implementation. Finite state machine (FSM) was used to control the data flow thus we could reuse the registers. We at last designed a scalar multiplication chip successfully.3. We constructed a power analysis simulation platform. By using various EDA tools and programming languages on this platform, we recovered the secret key of Montgomery algorithm successful through the differential power analysis technology. The result shows that Montgomery scalar multiplication algorithm doesn't resist DPA. We should combine with some countermeasures when we used it in practical application, so that we can ensure the security of this algorithm.The dissertation was supported by National Natural Science Foundation of China (No. 60606005).