References of "Liu, Zhe 50002222"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailReverse Product-Scanning Multiplication and Squaring on 8-bit AVR Processors
Liu, Zhe UL; Seo, Hwajeong; Groszschädl, Johann UL et al

in Hui, Lucas C. K.; Qing, Sihan; Shi, Elaine (Eds.) et al Information and Communications Security - 16th International Conference, ICICS 2014, Hong Kong, China, December 16-17, 2014. Proceedings (2014, December)

High performance, small code size, and good scalability are important requirements for software implementations of multi-precision arithmetic algorithms to fit resource-limited embedded systems. In this ... [more ▼]

High performance, small code size, and good scalability are important requirements for software implementations of multi-precision arithmetic algorithms to fit resource-limited embedded systems. In this paper, we describe optimization techniques to speed up multi-precision multiplication and squaring on the AVR ATmega series of 8-bit microcontrollers. First, we present a new approach to perform multi-precision multiplication, called Reverse Product Scanning (RPS), that resembles the hybrid technique of Gura et al., but calculates the byte-products in the inner loop in reverse order. The RPS method processes four bytes of the two operands in each iteration of the inner loop and employs two carry-catcher registers to minimize the number of add instructions. We also describe an optimized algorithm for multi-precision squaring based on the RPS technique that is, depending on the operand length, up to 44.3% faster than multiplication. Our AVR Assembly implementations of RPS multiplication and RPS squaring occupy less than 1 kB of code space each and are written in a parameterized fashion so that they can support operands of varying length without recompilation. Despite this high level of flexibility, our RPS multiplication outperforms the looped variant of Hutter et al.'s operand-caching technique and saves between 40 and 51% of code size. We also combine our RPS multiplication and squaring routines with Karatsuba's method to further reduce execution time. When executed on an ATmega128 processor, the "karatsubarized RPS method" needs only 85k clock cycles for a 1024-bit multiplication (or 48k cycles for a squaring). These results show that it is possible to achieve high performance without sacrificing code size or scalability. [less ▲]

Detailed reference viewed: 462 (40 UL)
Full Text
Peer Reviewed
See detailImproved Modular Multiplication for Optimal Prime Fields
Seo, Hwajeong; Liu, Zhe UL; Nogami, Yasuyuki et al

E-print/Working paper (2014)

Detailed reference viewed: 138 (2 UL)
Full Text
Peer Reviewed
See detailMoTE-ECC: Energy-Scalable Elliptic Curve Cryptography for Wireless Sensor Networks
Liu, Zhe UL; Wenger, Erich; Groszschädl, Johann UL

in Boureanu, Ioana; Owezarski, Philippe; Vaudenay, Serge (Eds.) Applied Cryptography and Network Security - 12th International Conference, ACNS 2014, Lausanne, Switzerland, June 10-13, 2014. Proceedings (2014, June)

Wireless Sensor Networks (WSNs) are susceptible to a wide range of malicious attacks, which has stimulated a body of research on "light-weight" security protocols and cryptographic primitives that are ... [more ▼]

Wireless Sensor Networks (WSNs) are susceptible to a wide range of malicious attacks, which has stimulated a body of research on "light-weight" security protocols and cryptographic primitives that are suitable for resource-restricted sensor nodes. In this paper we introduce MoTE-ECC, a highly optimized yet scalable ECC library for Memsic's MICAz motes and other sensor nodes equipped with an 8-bit AVR processor. MoTE-ECC supports scalar multiplication on Montgomery and twisted Edwards curves over Optimal Prime Fields (OPFs) of variable size, e.g. 160, 192, 224, and 256 bits, which allows for various trade-offs between security and execution time (resp. energy consumption). OPFs are a special family of "low-weight" prime fields that, in contrast to the NIST-specified fields, facilitate a parameterized implementation of the modular arithmetic so that one and the same software function can be used for operands of different length. To demonstrate the performance of MoTE-ECC, we take (ephemeral) ECDH key exchange between two nodes as example, which requires each node to execute two scalar multiplications. The first scalar multiplication is performed on a fixed base point (to generate a key pair), whereas the second scalar multiplication gets an arbitrary point as input. Our implementation uses a fixed-base comb method on a twisted Edwards curve for the former and a simple ladder approach on a birationally-equivalent Montgomery curve for the latter. Both scalar multiplications require about 9*10^6 clock cycles in total and occupy only 380 bytes in RAM when the underlying OPF has a length of 160 bits. We also describe our efforts to harden MoTE-ECC against side-channel attacks (e.g. simple power analysis) and introduce a highly regular implementation of the comb method. [less ▲]

Detailed reference viewed: 446 (70 UL)
Full Text
Peer Reviewed
See detailHigh-Speed Elliptic Curve Cryptography on the NVIDIA GT200 Graphics Processing Unit
Cui, Shujie; Liu, Zhe UL; Groszschädl, Johann UL et al

in Huang, Xinyi; Zhou, Jianying (Eds.) Information Security Practice and Experience, 10th International Conference, ISPEC 2014, Fuzhou, China, May 5-8, 2014. Proceedings (2014, May)

Detailed reference viewed: 225 (12 UL)
Full Text
Peer Reviewed
See detailNew Speed Records for Montgomery Modular Multiplication on 8-Bit AVR Microcontrollers
Liu, Zhe UL; Groszschädl, Johann UL

in Pointcheval, David; Vergnaud, Damien (Eds.) Progress in Cryptology - AFRICACRYPT 2014, 7th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 28-30, 2014. Proceedings (2014, May)

Detailed reference viewed: 209 (12 UL)
Full Text
Peer Reviewed
See detailMulti-precision Squaring for Public-Key Cryptography on Embedded Microprocessors
Seo, Hwajeong; Liu, Zhe UL; Choi, Jongseok et al

in The 14th International Conference on Cryptology in India -- INDOCRYPT 2013 (2013), 8250

Detailed reference viewed: 145 (9 UL)
Full Text
Peer Reviewed
See detailA Comprehensive Study of Multiple Deductions-based Algebraic Trace Driven Cache Attacks on AES
Zhao, Xinjie; Guo, Shize; Zhang, Fan et al

in Computers and Security (2013), 39

Detailed reference viewed: 141 (4 UL)
Full Text
Peer Reviewed
See detailLow-Weight Primes for Lightweight Elliptic Curve Cryptography on 8-bit AVR Processors
Liu, Zhe UL; Groszschädl, Johann UL; Wong, Duncan S.

in Lin, Dongdai; Xu, Shouhuai; Yung, Moti (Eds.) Information Security and Cryptology - 9th International Conference, INSCRYPT 2013, Guangzhou, China, November 27-30, 2013 (2013, November)

Small 8-bit RISC processors and micro-controllers based on the AVR instruction set architecture are widely used in the embedded domain with applications ranging from smartcards over control systems to ... [more ▼]

Small 8-bit RISC processors and micro-controllers based on the AVR instruction set architecture are widely used in the embedded domain with applications ranging from smartcards over control systems to wireless sensor nodes. Many of these applications require asymmetric encryption or authentication, which has spurred a body of research into implementation aspects of Elliptic Curve Cryptography (ECC) on the AVR platform. In this paper, we study the suitability of a special class of finite fields, the so-called Optimal Prime Fields (OPFs), for a "lightweight" implementation of ECC with a view towards high performance and security. An OPF is a finite field Fp defined by a prime of the form p = u*2^k + v, whereby both u and v are "small" (in relation to 2^k) so that they fit into one or two registers of an AVR processor. OPFs have a low Hamming weight, which allows for a very efficient implementation of the modular reduction since only the non-zero words of p need to be processed. We describe a special variant of Montgomery multiplication for OPFs that does not execute any input-dependent conditional statements (e.g. branch instructions) and is, hence, resistant against certain side-channel attacks. When executed on an Atmel ATmega processor, a multiplication in a 160-bit OPF takes just 3237 cycles, which compares favorably with other implementations of 160-bit modular multiplication on an 8-bit processor. We also describe a performance-optimized and a security-optimized implementation of elliptic curve scalar multiplication over OPFs. The former uses a GLV curve and executes in 4.19M cycles (over a 160-bit OPF), while the latter is based on a Montgomery curve and has an execution time of approximately 5.93M cycles. Both results improve the state-of-the-art in lightweight ECC on 8-bit processors. [less ▲]

Detailed reference viewed: 607 (156 UL)
Peer Reviewed
See detailParallel Implementation of LEA
Seo, Hwajeong; Liu, Zhe UL; Park, Taehwan et al

E-print/Working paper (2013)

Detailed reference viewed: 187 (9 UL)
Full Text
Peer Reviewed
See detailEfficient Implementation of NIST-Compliant Elliptic Curve Cryptography for Sensor Nodes
Liu, Zhe UL; Seo, Hwajeong; Groszschädl, Johann UL et al

in Qing, Sihan; Zhou, Jianying; Liu, Dongmei (Eds.) Information and Communications Security - 15th International Conference, ICICS 2013, Beijing, China, November 20-22, 2013. Proceedings (2013, November)

In this paper, we present a highly-optimized implementation of standards-compliant Elliptic Curve Cryptography (ECC) for wireless sensor nodes and similar devices featuring an 8-bit AVR processor. The ... [more ▼]

In this paper, we present a highly-optimized implementation of standards-compliant Elliptic Curve Cryptography (ECC) for wireless sensor nodes and similar devices featuring an 8-bit AVR processor. The field arithmetic is written in Assembly language and optimized for the 192-bit NIST-specified prime p = 2^192 - 2^64 - 1, while the group arithmetic (i.e. point addition and doubling) is programmed in ANSI C. One of our contributions is a novel lazy doubling method for multi-precision squaring which provides better performance than any of the previously-proposed squaring techniques. Based on our highly optimized arithmetic library for the 192-bit NIST prime, we achieve record-setting execution times for scalar multiplication (with both fixed and arbitrary points) as well as multiple scalar multiplication. Experimental results, obtained on an AVR ATmega128 processor, show that the two scalar multiplications of ephemeral Elliptic Curve Diffie-Hellman (ECDH) key exchange can be executed in 1.75 s altogether (at a clock frequency of 7.37 MHz) and consume an energy of some 42 mJ. The generation and verification of an ECDSA signature requires roughly 1.91 s and costs 46 mJ at the same clock frequency. Our results significantly improve the state-of-the-art in ECDH and ECDSA computation on the P-192 curve, outperforming the previous best implementations in the literature by a factor of 1.35 and 2.33, respectively. We also protected the field arithmetic and algorithms for scalar multiplication against side-channel attacks, especially Simple Power Analysis (SPA). [less ▲]

Detailed reference viewed: 429 (56 UL)
Full Text
Peer Reviewed
See detailFixed-Base Comb with Window-Non-Adjacent Form (NAF) Method for Scalar Multiplication
Seo, Hwajeong; Liu, Zhe UL; Kim, Hyunjin et al

in Sensors (2013)

Detailed reference viewed: 148 (1 UL)
Full Text
Peer Reviewed
See detailTwisted Edwards-Form Elliptic Curve Cryptography for 8-bit AVR-based Sensor Nodes
Chu, Dalin; Groszschädl, Johann UL; Liu, Zhe UL et al

in Chen, Kefei; Xie, Qi; Qiu, Weidong (Eds.) et al Proceedings of the first ACM Workshop on Asia Public-Key Cryptography (ASIAPKC 2013) (2013, May)

Wireless Sensor Networks (WSNs) pose a number of unique security challenges that demand innovation in several areas including the design of cryptographic primitives and protocols. Despite recent progress ... [more ▼]

Wireless Sensor Networks (WSNs) pose a number of unique security challenges that demand innovation in several areas including the design of cryptographic primitives and protocols. Despite recent progress, the efficient implementation of Elliptic Curve Cryptography (ECC) for WSNs is still a very active research topic and techniques to further reduce the time and energy cost of ECC are eagerly sought. This paper presents an optimized ECC implementation that we developed from scratch to comply with the severe resource constraints of 8-bit sensor nodes such as the MICAz and IRIS motes. Our ECC software uses Optimal Prime Fields (OPFs) as underlying algebraic structure and supports two different families of elliptic curves, namely Weierstraß-form and twisted Edwards-form curves. Due to the combination of efficient field arithmetic and fast group operations, we achieve an execution time of 5.8*10^6 clock cycles for a full 158-bit scalar multiplication on an 8-bit ATmega128 microcontroller, which is 2.78 times faster than the widely-used TinyECC library. Our implementation also shows that the energy cost of scalar multiplication on a MICAz (or IRIS) mote amounts to just 19 mJ when using a twisted Edwards curve over a 160-bit OPF. This result compares fairly well with the energy figures of two recently-presented hardware designs of ECC based on twisted Edwards curves. [less ▲]

Detailed reference viewed: 381 (45 UL)