Cryptology ePrint Archive: Report 2017/434

FourQ on embedded devices with strong countermeasures against side-channel attacks

Zhe Liu and Patrick Longa and Geovandro Pereira and Oscar Reparaz and Hwajeong Seo

Abstract: This work deals with the energy-efficient, high-speed and high-security implementation of elliptic curve scalar multiplication, elliptic curve Diffie-Hellman (ECDH) key exchange and elliptic curve digital signatures on embedded devices using FourQ and incorporating strong countermeasures to thwart a wide variety of side-channel attacks. First, we set new speed records for constant-time curve-based scalar multiplication, DH key exchange and digital signatures at the 128-bit security level with implementations targeting 8, 16 and 32-bit microcontrollers. For example, our software computes a static ECDH shared secret in 6.9 million cycles (or 0.86 seconds @8MHz) on a low-power 8-bit AVR microcontroller which, compared to the fastest Curve25519 and genus-2 Kummer implementations on the same platform, offers 2x and 1.4x speedups, respectively. Similarly, it computes the same operation in 496 thousand cycles on a 32-bit ARM Cortex-M4 microcontroller, achieving a factor-2.9 speedup when compared to the fastest Curve25519 implementation targeting the same platform. A similar speed performance is observed in the case of digital signatures. Second, we engineer a set of side-channel countermeasures taking advantage of FourQ's rich arithmetic and propose a secure implementation that offers protection against a wide range of sophisticated side-channel attacks, including differential power analysis (DPA). Despite the use of strong countermeasures, the experimental results show that our FourQ software is still efficient enough to outperform implementations of Curve25519 that only protect against timing attacks. Finally, we perform a differential power analysis evaluation of our software running on an ARM Cortex-M4, and report that no leakage was detected with up to 10 million traces. These results demonstrate the potential of deploying FourQ on low-power applications such as protocols for the Internet of Things.

Category / Keywords: public-key cryptography / Elliptic curves, FourQ, ECDH, digital signatures, embedded devices, efficient implementation, energy efficiency, side-channel attacks

Original Publication (with major differences): IACR-CHES-2017

Date: received 19 May 2017, last revised 19 Aug 2017

Contact author: plonga at microsoft com

Available format(s): PDF | BibTeX Citation

Note: This is the extended version of the CHES2017 paper.

Version: 20170819:061857 (All versions of this report)

Short URL: ia.cr/2017/434

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]