References of "Seo, Hwajeong"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailSecure Number Theoretic Transform and Speed Record for Ring-LWE Encryption on Embedded Processors
Seo, Hwajeong; Liu, Zhe UL; Park, Taehwan et al

in The 20th Annual International Conference on Information Security and Cryptology - ICISC2017 (2017, December 30)

Detailed reference viewed: 70 (0 UL)
Full Text
Peer Reviewed
See detailHigh-Performance Ideal Lattice-Based Cryptography on 8-Bit AVR Microcontrollers
Liu, Zhe; Pöppelmann, Thomas; Oder, Tobias et al

in ACM Transactions on Embedded Computing Systems (2017), 16(4), 117

Over recent years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. In this work ... [more ▼]

Over recent years lattice-based cryptography has received much attention due to versatile average-case problems like Ring-LWE or Ring-SIS that appear to be intractable by quantum computers. In this work, we evaluate and compare implementations of Ring-LWE encryption and the bimodal lattice signature scheme (BLISS) on an 8-bit Atmel ATxmega128 microcontroller. Our implementation of Ring-LWE encryption provides comprehensive protection against timing side-channels and takes 24.9ms for encryption and 6.7ms for decryption. To compute a BLISS signature, our software takes 317ms and 86ms for verification. These results underline the feasibility of lattice-based cryptography on constrained devices. [less ▲]

Detailed reference viewed: 61 (1 UL)
Full Text
Peer Reviewed
See detailMultiprecision Multiplication on ARMv8
Liu, Zhe UL; Järvinen, Kimmo; Liu, Weiqiang et al

in IEEE 24th Symposium on Computer Arithmetic - ARITH24 (2017, August 01)

Detailed reference viewed: 72 (2 UL)
Full Text
Peer Reviewed
See detailEfficient Arithmetic on ARM-NEON and Its Application for High-Speed RSA Implementation
Seo, Hwajeong; Liu, Zhe UL; Groszschädl, Johann UL et al

in Security and Communication Networks (2016), 9(18), 5401-5411

A steadily increasing number of modern processors support Single Instruction Multiple Data (SIMD) instructions to speed up multimedia, communication, and security applications. The computational power of ... [more ▼]

A steadily increasing number of modern processors support Single Instruction Multiple Data (SIMD) instructions to speed up multimedia, communication, and security applications. The computational power of Intel's SSE and AVX extensions as well as ARM's NEON engine has initiated a body of research on SIMD-parallel implementation of multiple-precision integer arithmetic operations, in particular modular multiplication and modular squaring, which are performance-critical components of widely-used public-key cryptosystems such as RSA, DSA, Diffie-Hellman, and their elliptic-curve variants ECDSA and ECDH. In this paper, we introduce the Double Operand Scanning (DOS) method for multiple-precision squaring and describe its implementation for ARM NEON processors. The DOS method uses a full-radix representation of the operand to be squared and aims to maximize performance by reducing the number of Read-After-Write (RAW) dependencies between source and destination registers. We also analyze the benefits of applying Karatsuba's technique to both multiple-precision multiplication and squaring, and present an optimized implementation of Montgomery's algorithm for modular reduction. Our performance evaluation shows that the DOS method along with the other optimizations described in this paper allows one to execute a full 2048-bit modular exponentiation in about 14.25 million clock cycles on an ARM Cortex-A15 processor, which is significantly faster than previously-reported RSA implementations for the ARM-NEON platform. [less ▲]

Detailed reference viewed: 54 (2 UL)
Full Text
Peer Reviewed
See detailEfficient Implementation of NIST-Compliant Elliptic Curve Cryptography for 8-bit AVR-Based Sensor Nodes
Liu, Zhe UL; Seo, Hwajeong; Groszschädl, Johann UL et al

in IEEE Transactions on Information Forensics and Security (2016), 11(7), 1385-1397

In this paper, we introduce a highly optimized software implementation of standards-compliant elliptic curve cryptography (ECC) for wireless sensor nodes equipped with an 8-bit AVR microcontroller. We ... [more ▼]

In this paper, we introduce a highly optimized software implementation of standards-compliant elliptic curve cryptography (ECC) for wireless sensor nodes equipped with an 8-bit AVR microcontroller. We exploit the state-of-the-art optimizations and propose novel techniques to further push the performance envelope of a scalar multiplication on the NIST P-192 curve. To illustrate the performance of our ECC software, we develope the prototype implementations of different cryptographic schemes for securing communication in a wireless sensor network, including elliptic curve Diffie-Hellman (ECDH) key exchange, the elliptic curve digital signature algorithm (ECDSA), and the elliptic curve Menezes-Qu-Vanstone (ECMQV) protocol. We obtain record-setting execution times for fixed-base, point variable-base, and double-base scalar multiplication. Compared with the related work, our ECDH key exchange achieves a performance gain of roughly 27% over the best previously published result using the NIST P-192 curve on the same platform, while our ECDSA performs twice as fast as the ECDSA implementation of the well-known TinyECC library. We also evaluate the impact of Karatsuba's multiplication technique on the overall execution time of a scalar multiplication. In addition to offering high performance, our implementation of scalar multiplication has a highly regular execution profile, which helps to protect against certain side-channel attacks. Our results show that NIST-compliant ECC can be implemented efficiently enough to be suitable for resource-constrained sensor nodes. [less ▲]

Detailed reference viewed: 164 (11 UL)
Full Text
Peer Reviewed
See detailEfficient Ring-LWE Encryption on 8-bit AVR Processors
Liu, Zhe UL; Seo, Hwajeong; Roy, Sujoy Sinha et al

in Güneysu, Tim; Handschuh, Helena (Eds.) Cryptographic Hardware and Embedded Systems - CHES 2015, 17th International Workshop, Saint-Malo, France, September 13-16, 2015, Proceedings (2015, September)

Public-key cryptography based on the "ring-variant" of the Learning with Errors (ring-LWE) problem is both efficient and believed to remain secure in a post-quantum world. In this paper, we introduce a ... [more ▼]

Public-key cryptography based on the "ring-variant" of the Learning with Errors (ring-LWE) problem is both efficient and believed to remain secure in a post-quantum world. In this paper, we introduce a carefully-optimized implementation of a ring-LWE encryption scheme for 8-bit AVR processors like the ATxmega128. Our research contributions include several optimizations for the Number Theoretic Transform (NTT) used for polynomial multiplication. More concretely, we describe the Move-and-Add (MA) and the Shift-Add-Multiply-Subtract-Subtract (SAMS2) technique to speed up the performance-critical multiplication and modular reduction of coefficients, respectively. We take advantage of incompletely-reduced intermediate results to minimize the total number of reduction operations and use a special coefficient-storage method to decrease the RAM footprint of NTT multiplications. In addition, we propose a byte-wise scanning strategy to improve the performance of a discrete Gaussian sampler based on the Knuth-Yao random walk algorithm. For medium-term security, our ring-LWE implementation needs 590k, 672k, and 276k clock cycles for key-generation, encryption, and decryption, respectively. On the other hand, for long-term security, the execution time of key-generation, encryption, and decryption amount to 2.2M, 2.6M, and 686k cycles, respectively. These results set new speed records for ring-LWE encryption on an 8-bit processor and outperform related RSA and ECC implementations by an order of magnitude. [less ▲]

Detailed reference viewed: 153 (8 UL)
Full Text
Peer Reviewed
See detailEfficient Implementation of ECDH Key Exchange for MSP430-Based Wireless Sensor Networks
Liu, Zhe UL; Seo, Hwajeong; Hu, Zhi et al

in Bao, Feng; Miller, Steven; Zhou, Jianying (Eds.) et al ASIACCS'15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, April 14-17, 2015, Singapore (2015, April)

Public-Key Cryptography (PKC) is an indispensable building block of modern security protocols, and, thus, essential for secure communication over insecure networks. Despite a significant body of research ... [more ▼]

Public-Key Cryptography (PKC) is an indispensable building block of modern security protocols, and, thus, essential for secure communication over insecure networks. Despite a significant body of research devoted to making PKC more "lightweight," it is still commonly perceived that software implementations of PKC are computationally too expensive for practical use in ultra-low power devices such as wireless sensor nodes. In the present paper we aim to challenge this perception and present a highly-optimized implementation of Elliptic Curve Cryptography (ECC) for the TI MSP430 series of 16-bit microcontrollers. Our software is inspired by MoTE-ECC and supports scalar multiplication on two families of elliptic curves, namely Montgomery and twisted Edwards curves. However, in contrast to MoTE-ECC, we use pseudo-Mersenne prime fields as underlying algebraic structure to facilitate inter-operability with existing ECC implementations. We introduce a novel "zig-zag" technique for multiple-precision squaring on the MSP430 and assess its execution time. Similar to MoTE-ECC, we employ the Montgomery model for variable-base scalar multiplications and the twisted Edwards model if the base point is fixed (e.g. to generate an ephemeral key pair). Our experiments show that the two scalar multiplications needed to perform an ephemeral ECDH key exchange can be accomplished in 4.88 million clock cycles altogether (using a 159-bit prime field), which sets a new speed record for ephemeral ECDH on a 16-bit processor. We also describe the curve generation process and analyze the execution time of various field and point arithmetic operations on curves over a 159-bit and a 191-bit pseudo-Mersenne prime field. [less ▲]

Detailed reference viewed: 171 (18 UL)
Full Text
Peer Reviewed
See detailReverse Product-Scanning Multiplication and Squaring on 8-bit AVR Processors
Liu, Zhe UL; Seo, Hwajeong; Groszschädl, Johann UL et al

in Hui, Lucas C. K.; Qing, Sihan; Shi, Elaine (Eds.) et al Information and Communications Security - 16th International Conference, ICICS 2014, Hong Kong, China, December 16-17, 2014. Proceedings (2014, December)

High performance, small code size, and good scalability are important requirements for software implementations of multi-precision arithmetic algorithms to fit resource-limited embedded systems. In this ... [more ▼]

High performance, small code size, and good scalability are important requirements for software implementations of multi-precision arithmetic algorithms to fit resource-limited embedded systems. In this paper, we describe optimization techniques to speed up multi-precision multiplication and squaring on the AVR ATmega series of 8-bit microcontrollers. First, we present a new approach to perform multi-precision multiplication, called Reverse Product Scanning (RPS), that resembles the hybrid technique of Gura et al., but calculates the byte-products in the inner loop in reverse order. The RPS method processes four bytes of the two operands in each iteration of the inner loop and employs two carry-catcher registers to minimize the number of add instructions. We also describe an optimized algorithm for multi-precision squaring based on the RPS technique that is, depending on the operand length, up to 44.3% faster than multiplication. Our AVR Assembly implementations of RPS multiplication and RPS squaring occupy less than 1 kB of code space each and are written in a parameterized fashion so that they can support operands of varying length without recompilation. Despite this high level of flexibility, our RPS multiplication outperforms the looped variant of Hutter et al.'s operand-caching technique and saves between 40 and 51% of code size. We also combine our RPS multiplication and squaring routines with Karatsuba's method to further reduce execution time. When executed on an ATmega128 processor, the "karatsubarized RPS method" needs only 85k clock cycles for a 1024-bit multiplication (or 48k cycles for a squaring). These results show that it is possible to achieve high performance without sacrificing code size or scalability. [less ▲]

Detailed reference viewed: 325 (40 UL)
Full Text
Peer Reviewed
See detailMontgomery Modular Multiplication on ARM-NEON Revisited
Seo, Hwajeong; Liu, Zhe UL; Groszschädl, Johann UL et al

in Kim, Jongsung; Lee, Jooyoung (Eds.) Information Security and Cryptology - ICISC 2014, 17th International Conference, Seoul, Korea, December 3-5, 2014, Revised Selected Papers (2014, December)

Detailed reference viewed: 138 (4 UL)
Full Text
Peer Reviewed
See detailImproved Modular Multiplication for Optimal Prime Fields
Seo, Hwajeong; Liu, Zhe UL; Nogami, Yasuyuki et al

E-print/Working paper (2014)

Detailed reference viewed: 79 (2 UL)
Full Text
Peer Reviewed
See detailMulti-precision Squaring for Public-Key Cryptography on Embedded Microprocessors
Seo, Hwajeong; Liu, Zhe UL; Choi, Jongseok et al

in The 14th International Conference on Cryptology in India -- INDOCRYPT 2013 (2013), 8250

Detailed reference viewed: 75 (9 UL)
Peer Reviewed
See detailParallel Implementation of LEA
Seo, Hwajeong; Liu, Zhe UL; Park, Taehwan et al

E-print/Working paper (2013)

Detailed reference viewed: 142 (9 UL)
Full Text
Peer Reviewed
See detailEfficient Implementation of NIST-Compliant Elliptic Curve Cryptography for Sensor Nodes
Liu, Zhe UL; Seo, Hwajeong; Groszschädl, Johann UL et al

in Qing, Sihan; Zhou, Jianying; Liu, Dongmei (Eds.) Information and Communications Security - 15th International Conference, ICICS 2013, Beijing, China, November 20-22, 2013. Proceedings (2013, November)

In this paper, we present a highly-optimized implementation of standards-compliant Elliptic Curve Cryptography (ECC) for wireless sensor nodes and similar devices featuring an 8-bit AVR processor. The ... [more ▼]

In this paper, we present a highly-optimized implementation of standards-compliant Elliptic Curve Cryptography (ECC) for wireless sensor nodes and similar devices featuring an 8-bit AVR processor. The field arithmetic is written in Assembly language and optimized for the 192-bit NIST-specified prime p = 2^192 - 2^64 - 1, while the group arithmetic (i.e. point addition and doubling) is programmed in ANSI C. One of our contributions is a novel lazy doubling method for multi-precision squaring which provides better performance than any of the previously-proposed squaring techniques. Based on our highly optimized arithmetic library for the 192-bit NIST prime, we achieve record-setting execution times for scalar multiplication (with both fixed and arbitrary points) as well as multiple scalar multiplication. Experimental results, obtained on an AVR ATmega128 processor, show that the two scalar multiplications of ephemeral Elliptic Curve Diffie-Hellman (ECDH) key exchange can be executed in 1.75 s altogether (at a clock frequency of 7.37 MHz) and consume an energy of some 42 mJ. The generation and verification of an ECDSA signature requires roughly 1.91 s and costs 46 mJ at the same clock frequency. Our results significantly improve the state-of-the-art in ECDH and ECDSA computation on the P-192 curve, outperforming the previous best implementations in the literature by a factor of 1.35 and 2.33, respectively. We also protected the field arithmetic and algorithms for scalar multiplication against side-channel attacks, especially Simple Power Analysis (SPA). [less ▲]

Detailed reference viewed: 331 (56 UL)
Full Text
Peer Reviewed
See detailFixed-Base Comb with Window-Non-Adjacent Form (NAF) Method for Scalar Multiplication
Seo, Hwajeong; Liu, Zhe UL; Kim, Hyunjin et al

in Sensors (2013)

Detailed reference viewed: 85 (1 UL)