Paper 2016/330

NaCl's Crypto_Box in Hardware

Michael Hutter, Jürgen Schilling, Peter Schwabe, and Wolfgang Wieser

Abstract

This paper presents a low-resource hardware implementation of the widely used crypto_box function of the Networking and Cryptography library (NaCl). It supports the X25519 Diffie-Hellman key exchange using Curve25519, the Salsa20 stream cipher, and the Poly1305 message authenticator. Our targeted application is a secure communication between devices in the Internet of Things (IoT) and Internet servers. Such devices are highly resource-constrained and require carefully optimized hardware implementations. We propose the first solution that enables 128-bit-secure public-key authenticated encryption on passively-powered IoT devices like WISP nodes. From a cryptographic point of view we thus make a first step to turn these devices into fully-fledged participants of Internet communication. Our crypto processor needs a silicon area of 14.6 kGEs and less than 40 uW of power at 1MHz for a 130nm low-leakage CMOS process technology.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Minor revision. Cryptographic Hardware and Embedded Systems -- CHES 2015
DOI
10.1007/978-3-662-48324-4
Keywords
Internet of ThingsASICSalsa20Poly1305Curve25519
Contact author(s)
michael hutter @ cryptography com
History
2016-03-25: received
Short URL
https://ia.cr/2016/330
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/330,
      author = {Michael Hutter and Jürgen Schilling and Peter Schwabe and Wolfgang Wieser},
      title = {{NaCl}'s {Crypto_Box} in Hardware},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/330},
      year = {2016},
      doi = {10.1007/978-3-662-48324-4},
      url = {https://eprint.iacr.org/2016/330}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.