ETRI Journal (May 2019)
Compact implementations of Curve Ed448 on low‐end IoT platforms
Abstract
Elliptic curve cryptography is a relatively lightweight public‐key cryptography method for key generation and digital signature verification. Some lightweight curves (eg, Curve25519 and Curve Ed448) have been adopted by upcoming Transport Layer Security 1.3 (TLS 1.3) to replace the standardized NIST curves. However, the efficient implementation of Curve Ed448 on Internet of Things (IoT) devices remains underexplored. This study is focused on the optimization of the Curve Ed448 implementation on low‐end IoT processors (ie, 8‐bit AVR and 16‐bit MSP processors). In particular, the three‐level and two‐level subtractive Karatsuba algorithms are adopted for multi‐precision multiplication on AVR and MSP processors, respectively, and two‐level Karatsuba routines are employed for multi‐precision squaring. For modular reduction and finite field inversion, fast reduction and Fermat‐based inversion operations are used to mitigate side‐channel vulnerabilities. The scalar multiplication operation using the Montgomery ladder algorithm requires only 103 and 73 M clock cycles on AVR and MSP processors.
Keywords
