Search for: All records

An estimated 14.7 billion Internet of Things (IoT) devices will be connected to the Internet by 2023. The ubiquity of these devices creates exciting new opportunities, while at the same time introducing new concerns about privacy and security. To address these concerns, efficient cryptographic algorithms are needed to secure communication between IoT devices. In this work, we present an optimized implementation of one such algorithm, the Edwards Curve Digital Signature Algorithm (EdDSA) with operations Keygen, Sign, and Verify using the Ed25519 parameter on the ARM Cortex-M4 implemented in assembly code. The ARM Cortex-M4 is used in millions of devices world-wide, and is a popular choice for a wide range of IoT applications. We discuss the optimization of field and group arithmetic on this platform to produce high-throughput cryptographic primitives. Then, we present the first SCA-resistant implementation of the Signed Comb method, and Test Vector Leakage Assessment (TVLA) measurements. Our fastest implementation performs Ed25519 Keygen in 200,000 cycles, Sign in 240,000 cycles, and Verify in 720,000 cycles on the ARM Cortex-M4. 

In 2016, the National Institute of Standards and Technology (NIST) initiated a standardization process among the post-quantum secure algorithms. Forming part of the alternate group of candidates after Round 2 of the process is the Supersingular Isogeny Key Encapsulation (SIKE) mechanism which attracts with the smallest key sizes offering post-quantum security in scenarios of limited bandwidth and memory resources. Even further reduction of the exchanged information is offered by the compression mechanism, proposed by Azarderakhsh et al., which, however, introduces a significant time overhead and increases the memory requirements of the protocol, making it challenging to integrate it into an embedded system. In this paper, we propose the first compressed SIKE implementation for a resource-constrained device, where we targeted the NIST recommended platform STM32F407VG featuring ARM Cortex-M4 processor. We integrate the isogeny-based implementation strategies described previously in the literature into the compressed version of SIKE. Additionally, we propose a new assembly design for the finite field operations particular for the compressed SIKE, and observe a speedup of up to 16% and up to 25% compared to the last best-reported assembly implementations for p434, p503, and p610.