1

A TECHNICAL PAPER
ON
EMBEDDED SYSTEMS

(An Implementation Of Elliptic Curve Digital Signature

Algorithm In
FPGA-Based Embedded System For Next Generation
IT Security)

By
M.Kishore Naik
&
K.Rajasekhar

Department of Electrical and Electronics Engineering

SRI VENKATESWARA UNIVERSITY COLLEGE OF ENGINEERING
TIRUPATI

Address for communication

M.Kishore Naik, K.Rajasekar,
Room no.1226, Room no.1131,
Visveswara Block, Visveswara Block,
S.V.U.C.E.H, S.V.U.C.E.H,
TIRUPATI. TIRUPATI.
Email id:naik_svuce@yahoo.co.in Emai id:raj_316_eee@yahoo.co.in
Phone no:9885183449.
 2

ABSTRACT

This paper proposes a high-performance FPGA-based embedded cryptosystem

implementing the Elliptic Curve Digital Signature Algorithm (ECDSA). A key
application of the proposed embedded system is in next-generation PKI enabled IT
security hardware platforms, providing security services of authentication, non-
repudiation and data integrity. The hardware architecture consists of a 32-bit Nios
embedded processor integrated with three dedicated hardware assist blocks, which
function as coprocessors for 163-bit Elliptive Curve cryptography (ECC), hashing
(SHA-1), and Large integer modular arithmetic processing(MAP). These crypto IP
modules, which are designed and developed UTM in-house, results in fast execution
of the ECC-based digital signature computations. The cryptosystem is designed in
VHDL, and implemented into a single Altera Stratix EP1S40F780C5 FPGA
microchip using SoC technology. The embedded device driver is scripted in C, while
the APIs is developed in Visual Basic for execution in the host PC. To test and
demonstrate the capabilities (robustness, functionality and reusability) of the
proposed digital signature crypto-system, a real-time e-document application
prototype, for secure document transfer via an insecure channel, has then been
developed. Running on a clock of 40 MHz, the system achieves the execution time of
0.59 msec for the signing operation, and 1.07msec for signature verifying,
corresponding to throughputs of 1697 and 937 operations/sec respectively.

INTRODUCTION

Nowadays, it is difficult to open a newspaper, watch a television program, or even have a

conversation without some mention of the Internet, e-commerce, smart cards, etc. The
rapid progress in wireless communication systems, mobile systems, and smart card
technology in our society makes information more vulnerable to abuse. In a
communication system, the content of the communication may be exposed to an
eavesdropper, or system services can be used fraudulently. For these reasons, it is
important to make information systems secure by protecting data and resources from
malicious acts. Crypto (cryptography) algorithms are the core of such security systems,
offering security services of data privacy, data integrity, authenticity and non-repudiation.
The latter three services can be provided by digital signature schemes. Hence, a key
application of the proposed embedded system is in providing a digital signature
 3

subsystem for next-generation PKI-enabled IT security hardware systems, such as smart

cards, trust hardware platforms, and secure mobile communication devices. PKI is Public
Key Infrastructure will be widely applied in secure military communications,
e-commerce, e-health and e-government initiatives (eg.MyKad).
The basis of a digital signature scheme is public key cryptography. The
current de-facto public key crypto algorithm is RSA. Although RSA is highly secure and
widely used, there are some potential problems associated with its use. Processing time
and key storage requirements effectively increases with the increase of its already large
key size. In addition, its key generation process is complex and time consuming. The
problems are not necessarily critical for a network server, but they are potentially major
problems for resource- constrained devices, such as smart cards or mobile phones .
Since its introduction by Koblitz and Miller in 1985, Elliptic Curve
Cryptography (ECC) is rapidly gaining popularity due to its comparatively high security
level and low bandwidth requirements. The main strength of ECC rests on the concept of
discrete logarithm problem overpoints on an elliptic curve, which provides higher
strengthper-bit than any other current public-key schemes including RSA. Only ECC
offers equivalent security to other competing technologies at much smaller key sizes that
enable faster computations, lower power consumption, as well as memory and bandwidth
savings compared to traditional key choices. Using 224-bit ECC for secure web
transactions requires 3.5 times less servers than equivalent 2048-bit RSA key sizes. A
160-bit ECC achieves the similar security strength offered by a 1024-bit modulus RSA-
based digital signature system.
Clearly, there have two ways to implement any algorithm,i.e. either
hardware or software. It is fairly easy to implement crypto algorithms in software, but
such approaches are typically too slow for real-time applications, such as mobile
embedded systems, network routers, mobile communications, etc. Therefore, hardware
always appears to be the ultimate choice; when utilized as coprocessors, can offload time-
consuming algorithms and reduce the ensuing bottlenecks. Indeed, these dedicated
hardware assists or accelerators greatly provide, in general, for faster implementations
than software, and at the same time, offering more intrinsic security .
In hardware implementations, the flexibility and high speed
capability of FPGAs make them a suitable platform for cryptographic applications. Their
structure allows complex arithmetic operations that are not suited to general purpose
CPUs to be implemented more efficiently . They also offer a more cost- effective solution
than traditional ASIC hardware, which has a much longer design cycle. In fact, before
any VLSI or ASIC design, the fast prototyping development time of an FPGA design
allows modifications to be implemented with relative ease. This reconfigurable design
methodology is further enhanced with the advent of sophisticated SoC development
platforms, available commercially, which contain very high density FPGA devices. In
this work, the cryptosystem is designed in VHDL, and implemented into a single Altera
Stratix EP1S40F780C5 FPGA microchip using SoC technology. This paper is organized
as follows. First, the ECDSA detail algorithm is presented. The digital signature
cryptosystem architecture is then described. This is followed by a discussion on the
FPGA implementation, test and performance of the proposed digital signature
cryptosystem. Finally, the conclusion is presented.
 4

Elliptic Curve Digital Signature Algorithm(ECDSA)

The ECDSA scheme consists of three main functions, which are Key Pair Generation,
signature Signing and Signature Verification as shown in Figure 1.

The Digital Signature Cryptosystem

The architecture of the proposed ECDSA cryptosystem is provided in Figure 2. The
design of the crypto coprocessors is out of the scope of this paper. Referring to the
diagram, the proposed embedded system consists of three main design components,
briefly described as follows:
· Crypto Processor Block: This hardware block consists of three IP cores, functioning as
coprocessors, to perform the crypto algorithm, which include the 163-bit Elliptic Curve
Arithmetic, 163-bit Large Integer Modular Arithmetic and SHA-1 Hashing function.
These crypto cores, designed and developed UTM in-house, results in fast execution of
the elliptive curve computations.
 5

Device Drivers: These are embedded software executed on the Nios embedded
processor. It ensures the correct execution of the IP cores, and acts as a bridge between
the cipher computation blocks and the software APIs running on the host PC during data
transmission. It also performs pseudo random key generation.
APIs: Application Programming Interface, executed on host PC, to aid application
developers. It performs high-level function such as input file reading and output file
writing. It handles data transfer between the host and the cryptosystem hardware.

Before implementing ECDSA, several basic factors have to be considered

simultaneously, and choices made. The factors include security consideration, suitability
of method available for optimizing finite field and elliptic-curve arithmetic, application
platform, constraints of the implementation environment . The current version of the
proposed cryptosystem applies the ECC domain parameters, which are summarized as
follows:

The designs of the crypto are described in VHDL (Very High Speed Integration Circuit
Hardware Description Language). Each part of the design is synthesize, functionally
6
 7

simulated, place and routing and timing analysis was carried out with QuartusII software
from Altera. The combined architecture was simulated, and then implemented into a
single FPGA chip for hardware validation and evaluated.
Figure 3 shows the software architecture of the ECDSA cryptosystem, illustrating the
device driver (embedded software on Nios CPU) and the software APIs (host PC).

The device driver and API routines perform three main functions, which
are ECC key pair generation based on the specify system parameter, ECDSA digital
signature signing and ECDSA digital signature verification to a file stored in a host PC.

Test & Performance Evaluation

The presented digital signature cryptosystem is prototyped on an Altera Nios Prototyping
Board containing the Stratix EP1S40F780C5 FPGA chip. To our knowledge, this
approach of combining all the cryptos into a single FPGASoC microchip has not been
reported previously in literature. The timing performance of ECDSA operations achieved
in our implementation in shown in Table 1. For evaluation purposes, the input of
signature signing/verifying modules is set to be a block of 512-bit message from the
hashing operation. Note that, the system parameters are fixed to domain parameters over

.
The result in Table 1 shows that the speed achieved is extremely promising
for real-time applications. Running on a clock of 40 MHz, the system achieves the
execution time of 0.59 msec for signing, and 1.07msec for signature
verifying,corresponding to throughputs of 1697 and 937 operations/sec respectively.
 8

A Real-Time Data Security Application:

Secure Document Transfer

To evaluate the functionality of the proposed digital signature cryptosystem and the
reusability of the APIs and device drivers, we have developed a real-time e-document
system for the application of secure document transfer via insecure medium (eg.
Internet). This demonstration application prototype combines the ECC-based digital
signature subsystem proposed here, with a hybrid encryption cryptosystem. The latter
cryptosystem, which provides AES symmetric encryption and RSA public-key
encryption of the session-key, is not reported here, since it is out of scope of this paper. In
this application prototype, documents transferred electronically via FTP mechanism in
a Local Area Network (LAN) environment, are made secure, by encrypting and signing
in real-time, using the proposed cryptosystem. Test on the system indicates that all
the required security services are achieved at an approximate speed of 2.2 KB /s.
Figure 4 shows the Visual Basic GUI of the control and monitoring e-document security
software, while Figure 5 and Figure 6 show the file uploading and downloading process,
respectively.
 9

In the sending process, a document will go through processes below:

1. Generate a random session key for AES encryption.
2. Encrypt the examination questions using AES encryption by random generated session
key.
3. Encrypt the random generated session key using RSA public key encryption by
receiver’s RSA public key.
4. Generate the ECDSA digital signature to both of the ciphertext and the RSA encrypted
session key using sender’s ECC private key. Sender’s digital signature Ciphertext SHA
Hashing ECDSA Verifying Message digest AES Decryption Encrypted session key RSA
Decryption
 10

In the receiving process, a secured document of will go through processes below to

recover the original data:
1. Verify the ECDSA digital signature to check the integrity of the document using
sender’ s ECC public key. If signature verification process fails, reject the document.
 11

2. Decrypt the encrypted session key using receiver’ s RSA private key to recover session
key.
3. Using the recovered session key to decrypt ciphertext using AES decryption to recover
the examination question.

CONCLUSION

In this paper, we have presented the hardware/software design and

implementation of a digital signature cryptosystem based on SoC technology. The
embedded system is consisted of an embedded general-purpose processor, tightly coupled
with a set of crypto coprocessors, ECC, SHA-1 hashing, and a large integer modular
arithmetic module. The hardware design is described completely in VHDL, and is
designed modularly with parameterization. The cryptosystem is hardware prototyped into
a single Altera Stratix FPGA microchip.The digital signature cryptosystem was evaluated
on a realtime electronic document application prototype. It performs secure document
transfer using FTP in a LAN. In fact, the digital signature cryptosystem can be extended
to be used in Internet-based application such as secure transmission of the prescription
order in telemedicine application, secure payment transactions like E-Commerce or M-
commerce,etc. The high performance achieved, and the flexibility of the proposed ECC-
based digital signature cryptosystem indicate its high potential application in next
generation PKI-enabled IT security hardware platforms. The work has also successfully
explored the application of System-on-Chip (SoC) methodology in advanced embedded
system design. An SoC is designed as a programmable platform that integrates most of
the functions of the end product into a single microchip.
It integrates, at least, one main processing element
(eg.microprocessor) that runs the system’s embedded software, with a number of
dedicated coprocessors. As a result, the designs of custom hardware, embedded
processors and software that go into them become very tightly coupled. Any changes in
the implementation of one of the components affect the design of other components and,
in turn, the performance of the system. Hence, the traditional wisdom of designing and
developing each component as a separate entity is no longer efficient. A more integrated
approach is needed, in which the concept of hardware/software co-design and integration
of reusable IP cores is applied. This, in essence, is the SoC method, which should become
the underlying technology of next generation microchip design.
REFERENCE

[1] Paul C. van Oorschot, Alfred J. Menezes, and Scott A.Vanstone, 1996. Handbook of
applied Cryptography.CRC press Inc., Florida.
[2] Mohamed Khalil Hani, Hau Yuan Wen, Lim Kie Woon. Public Key Crypto Hardware
for Real-Time Security Application. In Proceedings of the National
Real-Time Technology and Application Symposium (RENTAS2004), 1-6.
[3] Certicom Corporation. April 1997. The Elliptic Curve Cryptosystem – Current
Public-Key Cryptography Schemes