Top

Journal of Cryptographic Engineering

Published in:

01-06-2015 | Regular Paper

Fast prime field elliptic-curve cryptography with 256-bit primes

Authors: Shay Gueron, Vlad Krasnov

Published in: Journal of Cryptographic Engineering | Issue 2/2015

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

This paper studies software optimization of elliptic-curve cryptography with \(256\)-bit prime fields. We propose a constant-time implementation of the NIST and SECG standardized curve P-\(256\), that can be seamlessly integrated into OpenSSL. This accelerates Perfect Forward Secrecy TLS handshakes that use ECDSA and/or ECDHE, and can help in improving the efficiency of TLS servers. We report significant performance improvements for ECDSA and ECDH, on several architectures. For example, on the latest Intel Haswell microarchitecture, our ECDSA sign is \(2.33\times \) faster than OpenSSL’s implementation.

previous article A machine learning approach against a masked AES

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Available only for authorised users

“Demand for encryption apps has increased dramatically ever since the exposure of massive internet surveillance programs run by US and UK intelligence agencies. Now Facebook is reportedly moving to implement a strong, decades-old encryption technique that’s been largely avoided by the online services that need it most”; J. Kopstein, The Verge, http://www.theverge.com/2013/6/26/4468050/facebook-follows-google-with-tough-encryption-standard.

RSA signature verification with the standard short public exponent remains faster than ECDSA verification. However, verification is done by the client, and not by the server side.

An optimized implementation of P-224, P-\(^{\prime }256\) and P-521 was contributed to OpenSSL by Emilia K sper, Adam Langley and Bodo Moeller. To enable it, OpenSSL should be configured with ‘enable-ec_nistp_64_gcc_128’.

Available from http://software.intel.com/en-us/articles/intel-software-development-emulator.

It is currently in the process of integration into a future version of this library (1.0.2), and can be found in the latest beta version (1.0.2 beta 3).

Aciiçmez, O., Gueron, S., Seifert, J.P.: New branch prediction vulnerabilities in open SSL and necessary software countermeasures. In: Galbarith, S.D (ed.) Cryptography and Coding. LNCS, vol. 4887, pp. 185–203. Springer, Heidelberg (2007)

Barker, E., Roginsky, A.: Transitions: recommendation for transitioning the use of cryptographic algorithms and key lengths. NIST Special Publication 800–131A, NIST (2011). http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf

Bernstein, D.J.: Curve25519: new Diffie–Hellman speed records. In: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24–26, 2006. Proceedings, pp. 24–26. Springer, Heidleberg (2006)

Booth, A.D.: A signed binary multiplication technique. Q. J. Mech. Appl. Math. 4(2), 236–240. Oxford University Press, Oxford (1951)

China Cryptography Administration: SM2 Elliptic curve recommended parameters (in Chinese). http://www.oscca.gov.cn/UpFile/2010122214836668.pdf

China Cryptography Administration: State Public Key Cryptographic Algorithm SM2 Based on Elliptic Curves (2010, in Chinese). http://www.oscca.gov.cn/UpFile/2010122214822692.pdf

Dierks, T., Rescorla, E.: The transport layer security (TLS) protocol version 1.2. IETF RFC5246. IETF (2008). http://tools.ietf.org/html/rfc5246

Gueron, S., Krasnov, V.: [PATCH] Efficient and side channel analysis resistant 1024-bit and 2048-bit modular exponentiation, optimizing RSA, DSA and DH of compatible sizes, for AVX2 capable x86\_64 platforms. OpenSSL patch (2013). http://rt.openssl.org/Ticket/Display.html?id=3054&user=guest&pass=guest

Gueron, S.: Efficient software implementations of modular exponentiation. J. Cryptograph. Eng. 2, 31–43. Springer, Heidelberg (2012)

10.

Gueron, S., Krasnov, V.: [PATCH] Fast and side channel protected implementation of the NIST P-256 elliptic curve, for x86–64 platforms. OpenSSL patch (2013). http://rt.openssl.org/Ticket/Display.html?id=3149&user=guest&pass=guest

11.

Greenwald, G., MacAskill, E.: NSA prism program taps in to user data of Apple, Google and others. In: The Guardian (June 2013). http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data

12.

Intel: Intel R architecture instruction set extensions programming reference (2013). http://download-software.intel.com/sites/default/files/319433-015.pdf

13.

Käsper, E.: Fast Elliptic Curve Cryptography in OpenSSL. In: Danezis, G., Dietrich, S., Sako, K. (eds.) Financial Cryptography and Data Security. LNCS, vol. 7126, pp. 27–39. Springer, Heidelberg (2012)

14.

Langley, A.: Protecting data for the long term with forward secrecy. In: Google Online Security Blog (2011). http://googleonlinesecurity.blogspot.co.il/2011/11/protecting-data-for-long-term-with.html

15.

Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44, 519–521 (1985)CrossRefMATH

16.

NIST: Mathematical routines for the NIST prime elliptic curves (2010). http://www.nsa.gov/ia/_files/nist-routines.pdf

17.

NSS, Mozilla. https://developer.mozilla.org/en/docs/NSS

18.

OpenSSL git repository. http://git.openssl.org/gitweb/

19.

Renfro, S.: Secure browsing by default. In: Facebook, Facebook Engineering. https://www.facebook.com/notes/facebook-engineering/secure-browsing-by-default/10151590414803920

20.

Satler, M., Housley, R.: Suite B Profile for Transport Layer Security (TLS). IETF RFC6460. IETF (2012). http://tools.ietf.org/html/rfc6460

21.

Solinas, J.A.: Generalized Mersenne numbers. Center for Applied Cryptographic Research. University of Waterloo,Technical Report (1999)

Title: Fast prime field elliptic-curve cryptography with 256-bit primes
Authors: Shay Gueron
Vlad Krasnov
Publication date: 01-06-2015
Publisher: Springer Berlin Heidelberg
Published in: Journal of Cryptographic Engineering / Issue 2/2015
Print ISSN: 2190-8508
Electronic ISSN: 2190-8516
DOI: https://doi.org/10.1007/s13389-014-0090-x

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2015

Fast evaluation of polynomials over binary finite fields and application to side-channel countermeasures

Introduction to the CHES 2014 special issue

A machine learning approach against a masked AES

Reversing stealthy dopant-level circuits

Practical feasibility evaluation and improvement of a pay-per-use licensing scheme for hardware IP cores in Xilinx FPGAs

Get your hands off my laptop: physical side-channel key-extraction attacks on PCs

Premium Partner