Design and implementation of a side-channel resistant and low power RSA processor

Yanting Ren; Liji Wu; Xiangyu Li; An Wang; Xiangmin Zhang

doi:10.16511/j.cnki.qhdxxb.2016.23.012

Design and implementation of a side-channel resistant and low power RSA processor

Yanting Ren, Liji Wu^*, Xiangyu Li, An Wang, Xiangmin Zhang

^*此作品的通讯作者

Tsinghua University

科研成果: 期刊稿件 › 文章 › 同行评审

3 引用（Scopus）

摘要

RSA is the most widely used public-key algorithm, and is specified as the signature algorithm in bank IC cards. The unprotected RSA implementation is vulnerable to side-channel attacks as pointed out in several works. Due to the complexity of the algorithm, the power consumption of an RSA module is usually high. A side-channel resistant, efficient and low-power RSA processor was designed using countermeasures against side-channel attacks based on the Montgomery ladder with a modified Montgomery algorithm then proposed, which combines CIOS and Karatsuba algorithms. The computation time of modular multiplication can be reduced by 25% with the length of RSA being configurable and up to 2 048 bits. The proposed RSA module was verified with C*Core C0 in FPGA board. With SMIC 0.13 μm CMOS process, the EDA synthesis result indicates that the area is about 24 000 gates, and the throughput of 1024-bit RSA is 8.3 kb/s under the frequency of 30 MHz with the power consumption of 1.15 mW.

源语言	英语
页（从-至）	1-6
页数	6
期刊	Qinghua Daxue Xuebao/Journal of Tsinghua University
卷	56
期	1
DOI	https://doi.org/10.16511/j.cnki.qhdxxb.2016.23.012
出版状态	已出版 - 1 1月 2016
已对外发布	是

访问文件

10.16511/j.cnki.qhdxxb.2016.23.012

其它文件与链接

链接到 Scopus 的出版物

引用此

@article{f46c027a881b4e0b820e771d22737256,

title = "Design and implementation of a side-channel resistant and low power RSA processor",

abstract = "RSA is the most widely used public-key algorithm, and is specified as the signature algorithm in bank IC cards. The unprotected RSA implementation is vulnerable to side-channel attacks as pointed out in several works. Due to the complexity of the algorithm, the power consumption of an RSA module is usually high. A side-channel resistant, efficient and low-power RSA processor was designed using countermeasures against side-channel attacks based on the Montgomery ladder with a modified Montgomery algorithm then proposed, which combines CIOS and Karatsuba algorithms. The computation time of modular multiplication can be reduced by 25% with the length of RSA being configurable and up to 2 048 bits. The proposed RSA module was verified with C*Core C0 in FPGA board. With SMIC 0.13 μm CMOS process, the EDA synthesis result indicates that the area is about 24 000 gates, and the throughput of 1024-bit RSA is 8.3 kb/s under the frequency of 30 MHz with the power consumption of 1.15 mW.",

keywords = "Low-power, Montgomery algorithm, RSA, Side-channel attack",

author = "Yanting Ren and Liji Wu and Xiangyu Li and An Wang and Xiangmin Zhang",

year = "2016",

month = jan,

day = "1",

doi = "10.16511/j.cnki.qhdxxb.2016.23.012",

language = "English",

volume = "56",

pages = "1--6",

journal = "Qinghua Daxue Xuebao/Journal of Tsinghua University",

issn = "1000-0054",

publisher = "Tsinghua University Press",

number = "1",

}

TY - JOUR

T1 - Design and implementation of a side-channel resistant and low power RSA processor

AU - Ren, Yanting

AU - Wu, Liji

AU - Li, Xiangyu

AU - Wang, An

AU - Zhang, Xiangmin

PY - 2016/1/1

Y1 - 2016/1/1

N2 - RSA is the most widely used public-key algorithm, and is specified as the signature algorithm in bank IC cards. The unprotected RSA implementation is vulnerable to side-channel attacks as pointed out in several works. Due to the complexity of the algorithm, the power consumption of an RSA module is usually high. A side-channel resistant, efficient and low-power RSA processor was designed using countermeasures against side-channel attacks based on the Montgomery ladder with a modified Montgomery algorithm then proposed, which combines CIOS and Karatsuba algorithms. The computation time of modular multiplication can be reduced by 25% with the length of RSA being configurable and up to 2 048 bits. The proposed RSA module was verified with C*Core C0 in FPGA board. With SMIC 0.13 μm CMOS process, the EDA synthesis result indicates that the area is about 24 000 gates, and the throughput of 1024-bit RSA is 8.3 kb/s under the frequency of 30 MHz with the power consumption of 1.15 mW.

AB - RSA is the most widely used public-key algorithm, and is specified as the signature algorithm in bank IC cards. The unprotected RSA implementation is vulnerable to side-channel attacks as pointed out in several works. Due to the complexity of the algorithm, the power consumption of an RSA module is usually high. A side-channel resistant, efficient and low-power RSA processor was designed using countermeasures against side-channel attacks based on the Montgomery ladder with a modified Montgomery algorithm then proposed, which combines CIOS and Karatsuba algorithms. The computation time of modular multiplication can be reduced by 25% with the length of RSA being configurable and up to 2 048 bits. The proposed RSA module was verified with C*Core C0 in FPGA board. With SMIC 0.13 μm CMOS process, the EDA synthesis result indicates that the area is about 24 000 gates, and the throughput of 1024-bit RSA is 8.3 kb/s under the frequency of 30 MHz with the power consumption of 1.15 mW.

KW - Low-power

KW - Montgomery algorithm

KW - RSA

KW - Side-channel attack

UR - http://www.scopus.com/inward/record.url?scp=84959107595&partnerID=8YFLogxK

U2 - 10.16511/j.cnki.qhdxxb.2016.23.012

DO - 10.16511/j.cnki.qhdxxb.2016.23.012

M3 - Article

AN - SCOPUS:84959107595

SN - 1000-0054

VL - 56

SP - 1

EP - 6

JO - Qinghua Daxue Xuebao/Journal of Tsinghua University

JF - Qinghua Daxue Xuebao/Journal of Tsinghua University

IS - 1

ER -

Design and implementation of a side-channel resistant and low power RSA processor

摘要

访问文件

其它文件与链接

指纹

引用此