*12:09*[PhD][Update] Kazuo Sakiyama: Secure Design Methodology and Implementation for Embedded Public-key Cryptosystems

Name: Kazuo Sakiyama

Topic: Secure Design Methodology and Implementation for Embedded Public-key Cryptosystems

Category:implementation

Description: Efficient embedded systems are implemented taking into account both hardware and software (HW/SW). In the security domain, cryptosystems need to be resistant against Side-Channel Attacks (SCAs) to protect secret information. Therefore trade-offs between cost, performance and security need to be explored when implementing cryptosystems. The goal for this thesis is to find the best architecture by investigating the trade-offs. The first contribution of this thesis focuses on a HW/SW architecture for Public-Key Cryptography (PKC). We introduce a new scalable and flexible Modular Arithmetic Logic Unit (MALU) that can be used for both RSA and curve-based cryptosystems such as Elliptic Curve Cryptography (ECC) and Hyper-Elliptic Curve Cryptography (HECC). The MALU is the main block in the hardware coprocessor and can accelerate modulo n operations and modular operations over GF(2^m) efficiently. We conclude that the proposed HW/SW platform can be used commonly for developing public-key cryptosystems. The second part of this thesis deals with several case studies that explore the cost and performance trade-offs based on the proposed platform. Two extreme examples of public-key implementations will be introduced; one offers very high performance that is necessary for powerful security systems such as banking servers. By exploiting multi-level parallelism, the proposed ECC processor can perform more than 80 000 point multiplications per second. Another one is targeting a low-power application such as passive RFID tags. We show that the compact version of the MALU consumes less than 30 uW @500 kHz. In addition, we discuss a system-level design flow that can be used for evaluating the security level of hardware implementations against power analysis attacks. The design flow offers an environment to get a quick and correct evaluation of the first order attacks. In this way, we can take the cost for SCA resistance into account in an early stage of the design.[...]