DOCSLIB.ORG

Hardware Architectures of Elliptic Curve Based Cryptosystems Over Binary Fields

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hardware Architectures of Elliptic Curve Based Cryptosystems Over Binary Fields Hardware Architectures of Elliptic Curve Based Cryptosystems over Binary Fields Chang Shu Doctoral Dissertation Defense Feb. 8, 2007 Advisor: Dr. Kris Gaj Dept. of Electrical & Computer Engineering George Mason University 1 Acknowledgements Dr. Kris Gaj (Dissertation Director) Dr. Soonhak Kwon (Dept. of Mathematics, Sungkyunkwan University, Korea) Dr. Shih-Chun Chang (Committee Member) Dr. Brian L. Mark (Committee Member) Dr. Ravi Sandu (Committer Member) Dr. Andre Manitius (Chair of ECE) Dr. Yariv Ephraim (Ph.D. Coordinator) Dr. Tarek El-Ghazawi (Dept. of ECE at The George Washington University) 2 Overview • Introduction – Elliptic Curve Cryptography – Tate Pairing Based Cryptography • Architectures for Finite Field Arithmetic – Polynomial basis multiplier – Normal basis multiplier – Composite field arithmetic • Architectures for Elliptic Curve Cryptosystems – Optimizations for a single FPGA device – Reconfigurable computing approach • Architectures for Tate Pairing Based Cryptosystems – Optimizations for a single FPGA device – Reconfigurable computing approach • Summary 3 Elliptic Curve Cryptosystems • Family of public key cryptosystems • Invented in 1985 by Miller and Koblitz independently • Used primarily for digital signatures & key exchange • Included in multiple industry, government, and banking standards, such as IEEE p1363, ANSI 9.62, and FIPS 186-2 • Part of standard security protocols, such as IPSec and SSL (proposed extension) 4 Why Elliptic Curve Cryptography ? – ECC vs. RSA Key size comparison: Security Level (bits) 80 112 128 192 256 SKIPJACK Triple-DES AES AES AES ECC n 160 224 256 384 512 RSA n 1024 2048 3072 8192 15360 Hardware implementation consideration: Less area, less memory, narrower bandwidth, and more efficient underlying arithmetic Flexibility: There exists a family of cryptosystems for ECC 5 Why Hardware Implementations of Cryptography SOFTWARE HARDWARE security of data during transmission speed random key low cost generation access control to keys flexibility (new cryptoalgorithms, tamper resistance protection against new attacks ) (viruses, internal attacks ) 6 Why Hardware Accelerators for Elliptic Curve Cryptosystems ? • Hardware accelerators for web servers – SSL (Secure Socket Layer), high speed requirements for a large number of key exchanges • Hardware accelerators for Virtual Private Networks (VPNs) – IPSec (Secure Internet Protocol), establishment of a large number of security association • Hardware accelerators for wireless gateways – IEEE 802.11, secure key exchange, achieving low power • Secure smart cards – Need to shorten latency, due to limitations, such as low power, low frequency, and low cost embedded microprocessors • Selected cryptographic chip manufacturers 7 What is Elliptic Curve Cryptography ? • Elliptic Curve Cryptosytems (ECC) are a class of public key cryptosystems • The security of ECC is based on the hardness of the elliptic curve discrete logarithm problem (ECDLP). • Let E be an elliptic curve over a finite field F q . Let P be a point in E Ʊ F q Ʋ , and suppose that P has a prime order n . Then the cyclic subgroup of E Ʊ F q Ʋ generated by P is < P >= ∞ P 2 P L Ʊ n − 1 Ʋ P. ¢ £ • Private key: an integer d chosen randomly from the interval 1 ¡ 2 ¡ ¡ n −1 • Public key: Q = dP • Encryption: C =ƱVU Ʋ=ƱkP M + kQ Ʋ • Decryption: M = U − dV = U − d ⋅ kP = U − kQ 8 Elliptic Curve Arithmetic – Group Law Point addition: P + Q Point doubling: 2P = P + P Scalar Multiplication: kP = P + P + L + P k times 9 Pairing Based Cryptography • New family of public key cryptosystems • First proposed by Menezes, Okamoto, and Vanstone in 1993 for Weil decent attack against ECC • Applied to identity based cryptography, key exchange, and digital signature by Boneh, Joux, Sakai, et al. • Not a part of any standard yet • Very limited number of software and hardware implementations • Believed to be slower than elliptic curve cryptography 10 Mathematical Basics of Pairing Based Cryptography • Pairing is a map between groups, → where e: G 1 x G 1 G 2 , G 1 = E( F q )G and 2 = Fqk • The most important property of this map is bilinearity e(aP, bQ) = e(P, Q) ab a, b: integers P,Q: points on elliptic curves • In practice, Tate or Weil pairing are used. 11 Identity-Based Encryption Trusted Authority s: secret value ID(Bob) P: public value H 1 PTA = s P ID(Bob) SID(Bob) PTA public key of TA PID(Bob) r P PID(Bob)= H 1(ID(Bob)) Bob’s public key AliceC Bob SID(Bob)= s PID(Bob) M Encryption Decryption M Bob’s private key r r: random number C = (U, V) = (rP, M + H 2(e(P ID(Bob) , P TA ) ) M = (V + H 2(e(S ID(Bob) , U )) r r By bilinearity, e(S ID(Bob , U) = e(sP ID(Bob), rP) = e(P ID(Bob ), sP) = e(P ID(Bob) , P TA ) 12 Major Contributions of this Thesis • Finite field arithmetic – A novel large extension field multiplier architecture for Tate pairing based cryptosystems – A novel hybrid multiplier architecture for composite fields – A new mathematical scheme for basis conversion for selected field degrees • Elliptic curve cryptosystems – Latency optimization scheme for a single FPGA device – Analysis of several partitioning schemes for a reconfigurable computer, SRC 6 – Extensive library of over 25 hardware macros for SRC 6 and SGI Altix-4700 • Tate pairing based cryptosystems – Comparative analysis of two novel algorithms from the point of view of hardware efficiency – First published implementations via a single FPGA device – Porting the IP core of pairing over 8 binary fields to SGI Altix-4700 – Comparative analysis of Tate pairing based cryptosystems vs. elliptic curve cryptosystems in hardware 13 Architectures for Finite Field Arithmetic 14 Basis Choices in Finite Fields ¢ 2 m−1 £ • Polynomial basis: the subsequent powers 1 ¡ α ¡ α ¡ ¡ α of the root of an irreducible polynomial f mƱ x Ʋ . – Low Hamming weight irreducible polynomial, e.g., trinomial or pentanomial – Maximum Hamming weight irreducible polynomial, e.g., All-One- Polynomial m −1 ¤ ¦ 2 2 2 § 2 • Normal basis: the conjugates β ¥ β ¥ β ¥ β , where β is the root of an irreducible polynomial f m Ʊ x Ʋ . – Type I or Type II optimal normal basis ¨ © γ ¨ ¨ © © • Hybrid basis for composite fields α β γ ¨ © 15 Polynomial Basis Multiplier (1) Bit-serial multiplier is area efficient while the operational speed is sacrificed = 9 + + f9 (x) x x 1 Linear feedback shift registers (LFSRs) are adopted in both architectures. Least significant bit-serial multiplier based on right-to-left algorithm The registers of b(x) can be saved in MSB-serial multiplier because only the partial products need to be updated in each clock cycle § ¦ Less power is consumed in the ¥ ¤ £ ¢ second architecture because the ¡ value of b(x) is fixed during computations. Most significant bit-serial multiplier based on left-to-right algorithm 16 Polynomial Basis Multiplier (2) Bit-parallel multiplier can complete one multiplication in one clock cycle. It is impossible to be implemented in case of large field sizes. But it can be applied to the ground field arithmetic of the composite multiplier. = 5 + 2 + f5 (x) x x 1 Two steps to derive the bit-parallel multiplier: 1. Use Mastrovito’s method to compute the partial product with 2m-1 bits 2. Perform the reduction exploiting the standard technique for low Hamming weight irreducible polynomials. 17 Polynomial Basis Multiplier (3) The digit-serial multiplier is a parallel version of the bit-serial one. Instead of computing one bit of the product, the digit-serial multiplier can compute multiple bits each clock cycle. Allows the tradeoff between area and latency. MSD serial multiplier in , where the digit size D=4, f (x) = x239 + x36 +1 F2239 239 D−1 Two parts: 1. LFSRs, c(x) ← c(x)x D + a xib(x) f (x) for ∑ n−D+i mod m 2. AND-XOR arrays i=0 18 19 1 = 11 θ 10 2 F ∈ θ 5 2 F o useo same the combinational circuits rially. is the normal basis generator of of generator basis isthe normal 1 ¤ § − ¦ θ ¡ + £ ¥ θ ¥ ¥ £ ¤ = ¡ γ £ ¢ ¡ ¨ Normal Multiplier Basis (1) ¨ © © ¨ ¤ ¤ ¨ ¢ ¢ ¨ together rotatewith registers computing theproduct se Massey-Omura’s architecture fornormal basis multiplier ist 20 itecture shortening by the criticalpath ¡ decreasing the circuit complexity ¡ ¡ ¢ § ¡ ¢ § § ¨ ¨ © ¦ ¡ ¢ ¦ ¦ ¨ ¨ © © © © ¥ ¥ ¥ ¨ ¡ ¨ © ¢ Normal Multiplier Basis (2) ¤ ¤ ¤ ¤ ¨ ¨ © ¤ ¤ ¡ ¢ ¢ £ £ ¢ ¨ ¨ © ¢ £ ¡ ¢ Agnew etAgnew improved al. the original Massey-Omura’s arch Kwon et et Kwon improvedal. the Agnew al’set architectureby A Novel Normal Basis Hybrid Multiplier for Composite Binary Fields (1) 1. Kwon’s bit-serial structure is applied to the tower field multiplication in GF(2 3x5 ). 2. Special irreducible trinomial is used to construct the ground field, so that the bit-parallel structure can be efficient. 21 A Novel Normal Basis Hybrid Multiplier for Composite Binary Fields (2) Squarer: Inverter: d02 d01 d00 d'02 d'01 d'00 nm − 1 − 2 −1 a 1 = ⋅ar 1,r = ar 2n −1 r Obviously, A = a is an element in F2n Since r-1 can be represented as a sum of powers r −1 = 2n + 22n +... + 2(m− )1 n Computation at the top level is free and r−1 equivalent to cyclic shift. a can be computed using the addition chain, the method ¡ The standard technique for polynomial requires log (m − )1 + HW (m − )1 +1 basis can be applied to the ground field. 2 general multiplications. 22 A Novel Normal Basis Hybrid Multiplier for Composite Binary Fields (3) To apply hybrid multipliers in cryptography properly, another issue must be taken into account. The matrix for basis conversion can be obtained within reasonable amount of time. g g − t − Special irreducible trinomials of the form f ( x ) = x 2 + x +1 or f ( x ) = x 2 1 + x 2 1 + 1 can be used to construct the ground field so that computing such a conversion matrix is equivalent to solving a set of linear equations. Field Size n trinomials Field Size n trinomials 2 x2+x+1 15 x15 +x+1 3 x3+x+1 31 x31 +x 3+1 4 x4+x+1 63 x63 +x+1 7 x7+x+1 127 x127 +x+1 Summary: 1.
Load more

Recommended publications
  • Efficient Implementation of Elliptic Curve Cryptography in Reconfigurable Hardware
    EFFICIENT IMPLEMENTATION OF ELLIPTIC CURVE CRYPTOGRAPHY IN RECONFIGURABLE HARDWARE by E-JEN LIEN Submitted in partial fulfillment of the requirements for the degree of Master of Science Thesis Advisor: Dr. Swarup Bhunia Department of Electrical Engineering and Computer Science CASE WESTERN RESERVE UNIVERSITY May, 2012 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the thesis/dissertation of _____________________________________________________E-Jen Lien candidate for the ______________________degreeMaster of Science *. Swarup Bhunia (signed)_______________________________________________ (chair of the committee) Christos Papachristou ________________________________________________ Frank Merat ________________________________________________ ________________________________________________ ________________________________________________ ________________________________________________ (date) _______________________03/19/2012 *We also certify that written approval has been obtained for any proprietary material contained therein. To my family ⋯ Contents List of Tables iii List of Figures v Acknowledgements vi List of Abbreviations vii Abstract viii 1 Introduction 1 1.1 Research objectives . .1 1.2 Thesis Outline . .3 1.3 Contributions . .4 2 Background and Motivation 6 2.1 MBC Architecture . .6 2.2 Application Mapping to MBC . .7 2.3 FPGA . .9 2.4 Mathematical Preliminary . 10 2.5 Elliptic Curve Cryptography . 10 2.6 Motivation . 16 i 3 Design Principles and Methodology 18 3.1 Curves over Prime Field . 18 3.2 Curves over Binary Field . 25 3.3 Software Code for ECC . 31 3.4 RTL code for FPGA design . 31 3.5 Input Data Flow Graph (DFG) for MBC . 31 4 Implementation of ECC 32 4.1 Software Implementation . 32 4.1.1 Prime Field . 33 4.1.2 Binary Field . 34 4.2 Implementation in FPGA . 35 4.2.1 Prime Field . 36 4.2.2 Binary Field .
    [Show full text]
  • A High-Speed Constant-Time Hardware Implementation of Ntruencrypt SVES
    A High-Speed Constant-Time Hardware Implementation of NTRUEncrypt SVES Farnoud Farahmand, Malik Umar Sharif, Kevin Briggs, Kris Gaj Department of Electrical and Computer Engineering, George Mason University, Fairfax, VA, U.S.A. fffarahma, msharif2, kbriggs2, [email protected] process a year later. Among the candidates, there are new, Abstract—In this paper, we present a high-speed constant- substantially modified versions of NTRUEncrypt. However, in time hardware implementation of NTRUEncrypt Short Vector an attempt to characterize an already standardized algorithm, Encryption Scheme (SVES), fully compliant with the IEEE 1363.1 Standard Specification for Public Key Cryptographic Techniques in this paper, we focus on the still unbroken version of the Based on Hard Problems over Lattices. Our implementation algorithm published in 2008. We are not aware of any previous follows an earlier proposed Post-Quantum Cryptography (PQC) high-speed hardware implementation of the entire NTRUEn- Hardware Application Programming Interface (API), which crypt SVES scheme reported in the scientific literature or facilitates its fair comparison with implementations of other available commercially. Our implementation is also unique in PQC schemes. The paper contains the detailed flow and block diagrams, timing analysis, as well as results in terms of latency (in that it is the first implementation of any PQC scheme following clock cycles), maximum clock frequency, and resource utilization our newly proposed PQC Hardware API [3]. As such, it in modern high-performance Field Programmable Gate Arrays provides a valuable reference for any future implementers of (FPGAs). Our design takes full advantage of the ability to paral- PQC schemes, which is very important in the context of the lelize the major operation of NTRU, polynomial multiplication, in ongoing NIST standard candidate evaluation process.
    [Show full text]
  • FIDO Technical Glossary
    Client to Authenticator Protocol (CTAP) Implementation Draft, February 27, 2018 This version: https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id- 20180227.html Previous Versions: https://fidoalliance.org/specs/fido-v2.0-ps-20170927/ Issue Tracking: GitHub Editors: Christiaan Brand (Google) Alexei Czeskis (Google) Jakob Ehrensvärd (Yubico) Michael B. Jones (Microsoft) Akshay Kumar (Microsoft) Rolf Lindemann (Nok Nok Labs) Adam Powers (FIDO Alliance) Johan Verrept (VASCO Data Security) Former Editors: Matthieu Antoine (Gemalto) Vijay Bharadwaj (Microsoft) Mirko J. Ploch (SurePassID) Contributors: Jeff Hodges (PayPal) Copyright © 2018 FIDO Alliance. All Rights Reserved. Abstract This specification describes an application layer protocol for communication between a roaming authenticator and another client/platform, as well as bindings of this application protocol to a variety of transport protocols using different physical media. The application layer protocol defines requirements for such transport protocols. Each transport binding defines the details of how such transport layer connections should be set up, in a manner that meets the requirements of the application layer protocol. Table of Contents 1 Introduction 1.1 Relationship to Other Specifications 2 Conformance 3 Protocol Structure 4 Protocol Overview 5 Authenticator API 5.1 authenticatorMakeCredential (0x01) 5.2 authenticatorGetAssertion (0x02) 5.3 authenticatorGetNextAssertion (0x08) 5.3.1 Client Logic 5.4 authenticatorGetInfo (0x04)
    [Show full text]
  • White-Box Implementation of the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography
    IEICE TRANS. INF. & SYST., VOL.E103–D, NO.2 FEBRUARY 2020 188 INVITED PAPER Special Section on Security, Privacy, Anonymity and Trust in Cyberspace Computing and Communications White-Box Implementation of the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography Yudi ZHANG†,††, Debiao HE†,††a), Xinyi HUANG†††,††††, Ding WANG††,†††††, Kim-Kwang Raymond CHOO††††††, Nonmembers, and Jing WANG†,††, Student Member SUMMARY Unlike black-box cryptography, an adversary in a white- box security model has full access to the implementation of the crypto- graphic algorithm. Thus, white-box implementation of cryptographic algo- rithms is more practical. Nevertheless, in recent years, there is no white- box implementation for public key cryptography. In this paper, we propose Fig. 1 A typical DRM architecture the first white-box implementation of the identity-based signature scheme in the IEEE P1363 standard. Our main idea is to hide the private key to multiple lookup tables, so that the private key cannot be leaked during the algorithm executed in the untrusted environment. We prove its security in both black-box and white-box models. We also evaluate the performance gram. However, the adversary does not have the permis- of our white-box implementations, in order to demonstrate utility for real- sion to access the internal process of the program’s execu- world applications. tion. In practice, an adversary can also observe and mod- key words: white-box implementation, white-box security, IEEE P1363, ify the algorithm’s implementation to obtain the internal de- identity-based signature, key extraction tails, such as the secret key.
    [Show full text]
  • IEEE P1363.3 Standard Specifications for Public Key Cryptography
    IEEE P1363.3 D1 IBKAS January 29, 2008 IEEE P1363.3 Standard Specifications for Public Key Cryptography: Identity Based Key Agreement Scheme (IBKAS) Abstract. This document specifies pairing based, identity based, and authenticated key agreement techniques. One of the advantages of Identity Based key agreement techniques is that there is no public key transmission and verification needed. Contents 1. DEFINITIONS ......................................................................................................................................... 2 2. TYPES OF CRYPTOGRAPHIC TECHNIQUES ................................................................................ 2 2.1 GENERAL MODEL .................................................................................................................................. 2 2.2 PRIMITIVES............................................................................................................................................ 2 2.3 SCHEMES ............................................................................................................................................... 3 2.4 ADDITIONAL METHODS ......................................................................................................................... 3 2.5 TABLE SUMMARY.................................................................................................................................. 3 3. PRIMITIVES FOR IDENTITY BASED KEY AGREEMENT PROBLEM...................................... 4 3.1 PRIMITIVES BORROWED FROM
    [Show full text]
  • IEEE P1363.2: Password-Based Cryptography
    IEEE P1363.2: Password-based Cryptography David Jablon CTO, Phoenix Technologies NIST PKI TWG - July 30, 2003 What is IEEE P1363.2? • “Standard Specification for Password-Based Public-Key Cryptographic Techniques” • Proposed standard • Companion to IEEE Std 1363-2000 • Product of P1363 Working Group • Open standards process PKI TWG July 2003 IEEE P1363.2: Password-based Cryptography 2 One of several IEEE 1363 standards • Std 1363-2000 • Sign, Encrypt, Key agreem’t, using IF, DL, & EC families • P1363a • Same goals & families as 1363-2000 • P1363.1: Lattice family • Same goals as 1363-2000, Different family • P1363.2: Password-based • Same families • More ambitious goals PKI TWG July 2003 IEEE P1363.2: Password-based Cryptography 3 Scope of P1363.2 • Modern “zero knowledge” password methods • Uses public key techniques • Uses two or more parties • Needs no other infrastructure • Authenticated key establishment • Resists attack on low-grade secrets • passwords, password-derived keys, PINs, ... PKI TWG July 2003 IEEE P1363.2: Password-based Cryptography 4 Rationale (1) • Why low-grade secrets? • People have trouble with high-grade keys • storage -- memorizing • input -- attention to detail • output -- typing • Passwords are ubiquitous • Easy for people to memorize, recognize, and type. • Reduce security/convenience tradeoffs. PKI TWG July 2003 IEEE P1363.2: Password-based Cryptography 5 Rationale (2) • Why use public-key techniques? • Symmetric methods can’t do it. • Why new methods? • Different than symmetric, hash, or other PK crypto. • AES, SHA-1, DH, and RSA can’t do it alone. PKI TWG July 2003 IEEE P1363.2: Password-based Cryptography 6 Chosen Password Quality Summarized from Distribution Morris & Thompson ‘79, Klein ‘90, Spafford ‘92 0 30 or so 60 or so Password Entropy (bits) History of protocols that fail to dictionary attack (or worse) • Clear text password π • Password as a key Eπ (verifiable text) • (e.g.
    [Show full text]
  • The Martini Synch
    The Martini Synch Darko Kirovski, Michael Sinclair, and David Wilson Microsoft Research Contact: {darkok,sinclair,dbwilson}@microsoft.com Technical Report MSR-TR-2007-123 September 2007 Microsoft Research One Microsoft Way Redmond, WA 98052, USA http://research.microsoft.com The Martini Synch Darko Kirovski, Michael Sinclair, and David Wilson Microsoft Research Abstract. Device pairing is a significant problem for a large class of increasingly popular resource-constrained wireless protocols such as BlueTooth. The objective of pairing is to establish a secure wireless communication channel between two specific devices without a public-key infrastructure, a secure near-field communi- cation channel, or electrical contact. We use a surprising user-device interaction as a solution to this problem. By adding an accelerometer, a device can sense its motion in a Cartesian space relative to the inertial space. The idea is to have two devices in a fixed, relative position to each other. Then, the joint object is moved randomly in 3D for several seconds. The unique motion generates approximately the same distinct signal at the accelerometers. The difference between the signals in the two inertially conjoined sensors should be relatively small under normal motion induced manually. The objective is to derive a deterministic key at both sides with maximized entropy that will be used as a private key for symmetric encryption. Currently, our prototype produces between 10–15 bits of entropy per second of usual manual motion using off-the-shelf components. Keywords: device pairing, key exchange, fuzzy hashing, error correction. 1 INTRODUCTION Establishing a secure session is one of the least efficiently resolved problems with mod- ern low-cost wireless protocols such as BlueTooth [1].
    [Show full text]
  • A Low-Power Design for an Elliptic Curve Digital Signature Chip
    A Low-Power Design for an Elliptic Curve Digital Signature Chip Richard Schroeppel, Cheryl Beaver, Rita Gonzales, Russell Miller, and Timothy Draelos Sandia National Laboratories Albuquerque, NM 87185-0785 {rschroe, cbeaver, ragonza, rdmille, tjdrael}@sandia.gov Abstract. We present a VHDL design that incorporates optimizations intended to provide digital signature generation with as little power, space, and time as possible. These three primary objectives of power, size, and speed must be balanced along with other important goals, including flexibility of the hardware and ease of use. The highest-level function offered by our hardware design is Elliptic Curve Optimal El Gamal digital signature generation. Our parameters are defined over the finite field GF (2178), which gives security that is roughly equivalent to that provided by 1500-bit RSA signatures. Our optimizations include using the point-halving algorithm for elliptic curves, field towers to speed up the finite field arithmetic in general, and further enhancements of basic finite field arithmetic operations. The result is a synthesized VHDL digital signature design (using a CMOS 0.5µm,5V ,25◦C library) of 191,000 gates that generates a signature in 4.4 ms at 20 MHz. Keywords: Digital Signature, Elliptic Curve, ECDSA, Optimal El Gamal, Characteristic 2, Field Towers, Trinomial Basis, Quadratic Equa- tion, Qsolve, Almost-Inverse Algorithm, Point Halving, Signed Sliding Window, GF(289), GF(2178), Hardware, VHDL, Low Power 1 Introduction While the value of elliptic curve arithmetic in enabling public-key cryptography to serve in resource-constrained environments is well accepted, efforts in cre- ative implementations continue to bear fruit.
    [Show full text]
  • FPGA Implementation of Post-Quantum Cryptography Recommended by NIST
    University of Windsor Scholarship at UWindsor Electronic Theses and Dissertations Theses, Dissertations, and Major Papers 3-10-2021 FPGA Implementation of Post-Quantum Cryptography Recommended by NIST Xi Gao University of Windsor Follow this and additional works at: https://scholar.uwindsor.ca/etd Recommended Citation Gao, Xi, "FPGA Implementation of Post-Quantum Cryptography Recommended by NIST" (2021). Electronic Theses and Dissertations. 8556. https://scholar.uwindsor.ca/etd/8556 This online database contains the full-text of PhD dissertations and Masters’ theses of University of Windsor students from 1954 forward. These documents are made available for personal study and research purposes only, in accordance with the Canadian Copyright Act and the Creative Commons license—CC BY-NC-ND (Attribution, Non-Commercial, No Derivative Works). Under this license, works must always be attributed to the copyright holder (original author), cannot be used for any commercial purposes, and may not be altered. Any other use would require the permission of the copyright holder. Students may inquire about withdrawing their dissertation and/or thesis from this database. For additional inquiries, please contact the repository administrator via email ([email protected]) or by telephone at 519-253-3000ext. 3208. FPGA Implementation of Post-Quantum Cryptography Recommended by NIST by Xi Gao A Thesis Submitted to the Faculty of Graduate Studies through Electrical and Computer Engineering in Partial Fulfilment of the Requirements for the Degree of Master of Applied Science at the University of Windsor Windsor, Ontario, Canada 2021 © 2021, Xi Gao FPGA Implementation of Post-Quantum Cryptography Recommended by NIST by Xi Gao APPROVED BY: X.
    [Show full text]
  • Competency Models
    SCIENCE, TECHNOLOGY, ENGINEERING & MATHEMATICS Architectural and Engineering Managers ACCCP Engineering and Technology Alabama Competency Model Architectural and Engineering Managers Code 1 Tier 1: Personal Effectiveness Competencies 1.1 Interpersonal Skills: Displaying the skills to work effectively with others from diverse backgrounds. 1.1.1 Demonstrating sensitivity/empathy 1.1.1.1 Show sincere interest in others and their concerns. 1.1.1.2 Demonstrate sensitivity to the needs and feelings of others. 1.1.1.3 Look for ways to help people and deliver assistance. 1.1.2 Demonstrating insight into behavior Recognize and accurately interpret the communications of others as expressed through various 1.1.2.1 formats (e.g., writing, speech, American Sign Language, computers, etc.). 1.1.2.2 Recognize when relationships with others are strained. 1.1.2.3 Show understanding of others’ behaviors and motives by demonstrating appropriate responses. 1.1.2.4 Demonstrate flexibility for change based on the ideas and actions of others. 1.1.3 Maintaining open relationships 1.1.3.1 Maintain open lines of communication with others. 1.1.3.2 Encourage others to share problems and successes. 1.1.3.3 Establish a high degree of trust and credibility with others. 1.1.4 Respecting diversity 1.1.4.1 Demonstrate respect for coworkers, colleagues, and customers. Interact respectfully and cooperatively with others who are of a different race, culture, or age, or 1.1.4.2 have different abilities, gender, or sexual orientation. Demonstrate sensitivity, flexibility, and open-mindedness when dealing with different values, 1.1.4.3 beliefs, perspectives, customs, or opinions.
    [Show full text]
  • White Blue and Lightnings
    Sirius Microtech LLC Innovative People Connectivity and Interoperability Of Embedded Systems Raja D. Singh http://www.siriusmicrotech.com [email protected] Sirius Microtech LLC Innovative People Little bit about me ● Curious about how things work ● Electronics and Communications Engineer ● Hardware Engineer ● Software, Firmware Architect ● Automation, Machine builder ● Senior Member of IEEE ● Vice Chair of IEEE Computer society, Foothills Section ● Chair of IEEE Consultants Network, Los Angeles ● Founder of Sirius Microtech LLC ● Attitude “Work is for fun” ● Currently working on IoT and LED Lighting applications Sirius Microtech LLC Innovative People Connectivity ● Ability to meaningful Communication ● Information exchange ● Possibility to correct errors ● Repeat reliably Sirius Microtech LLC Innovative People Why network? ● Connected computers serve content ● Contents consumed by other computers ● Consumption by users ● Place to buy my ‘Things’ ● Place of learn about ‘Things’ ● Place to socialize and do fun ‘Things’ ● Place to download ‘Things’ ● Market for personal computers – approximately 5! Sirius Microtech LLC Innovative People A networked device ● What is this ‘Thing’? ● A computing device ● Monitor and Control ● Collect ‘Information’ ● Work with other ‘Things’ ● Embedded system Sirius Microtech LLC Innovative People Embedded system ● Constrained ● Resource strapped ● Headless ● OS, Bare metal ● Battery or Mains powered ● Mostly low power ● Wearable or implantable ● Network connectible Sirius Microtech LLC Innovative
    [Show full text]
  • Copyrighted Material
    Chapter 1 Introduction 1.1 A HISTORICAL PERSPECTIVE OF INFORMATION AND NETWORK SECURITY 1.1.1 Hidden Messages Delivering messages in secrecy has been a serious concern since antiquity. Messages that conveyed personal, business, or state affairs were very critical for the well - being of a person, business or country, and as history has shown even in more recent times, the outcome of a war depended on the prompt and safe delivery of a critical message. The players involved in the transport of a secret message are the author and rightful sender, the courier or the transporting medium, the authorized receiver and the interceptor. Because the sender of the secret message was aware that there are those other than the authorized recipient who would attempt to gain knowledge of the content of the secret message, the sender used a coding method to encrypt the message and assure secrecy. The courier was initially a trusted person who at risk of life had to deliver the message to the authorized recipient. The interceptor, depending on sophistication and opportunistic factors, had several choices: attack and capture the message; attack and destroy the message; acquire knowledge of the message content but do not alter it; get hold of the message, alter it and send it to the recipient. The authorized recipient of the message should be able to decode the message, verify the authenticity of the received message and also detect if the message was intercepted and altered. The lessons learned over time forced senders to use more and more complex cryptographic methods to outsmart sophisticated and knowledgeable attackers.
    [Show full text]