Use of elliptic curves in cryptography
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Breaking ciphers with COPACOBANA –a cost-optimized parallel code breaker
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
SHARK: a realizable special hardware sieving device for factoring 1024-bit integers
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
New directions in cryptography
IEEE Transactions on Information Theory
Special-Purpose Hardware for Solving the Elliptic Curve Discrete Logarithm Problem
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Collision Search for Elliptic Curve Discrete Logarithm over GF(2m) with FPGA
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
The input-aware dynamic adaptation of area and performance for reconfigurable accelerator
Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays
Prevention of wormhole attacks in mobile commerce based on non-infrastructure wireless networks
Electronic Commerce Research and Applications
An adaptable and scalable group access control scheme for managing wireless sensor networks
Telematics and Informatics
A hardware-accelerated ECDLP with high-performance modular multiplication
International Journal of Reconfigurable Computing - Special issue on Selected Papers from the 2011 International Conference on Reconfigurable Computing and FPGAs (ReConFig 2011)
| Hi-index | 0.00 |
Since their invention in the mid 1980s, Elliptic Curve Cryptosystems (ECC) have become an alternative to common Public-Key (PK) cryptosystems such as, e.g., RSA. The utilization of Elliptic Curves (EC) in cryptography is very promising because of their resistance against powerful index-calculus attacks. Providing a similar level of security as RSA, ECC allows for efficient implementation due to a significantly smaller bit size of the operands. It is widely accepted that the only feasible way to attack actual cryptosystems, if at all, is the application of dedicated hardware. In times of continuous technological improvements and increasing computing power, the question of the security of ECC against attacks based on special-purpose hardware and, in particular based on recently emerged low-cost FPGAs, arises.This work presents the first architecture with a corresponding FPGA implementation of an attack against ECC over prime fields. We describe an FPGA-based multi-processing hardware architecture for the Pollard-Rho method which is, to our knowledge, currently the most efficient attack against ECC. The implementation is running on a contemporary low-cost FPGA which allows for a much better cost-performance ratio than conventional CPUs. With the implementation at hand, a fairly accurate estimate about the cost of an FPGA-based attack can be given. We will extrapolate the results on actual ECC key lengths (128 bits and above) and estimate the expected runtimes for a successful attack. Since FPGA-based attacks are out of reach for key lengths exceeding 128 bits, we provide estimates for an ASIC design.Based on our results, currently used elliptic curve cryptosystems (160 bit and above) are infeasible to break with available computational and financial resources. However, some of the security standards proposed by the SECG in [2, 3] become subject to attacks based on low-cost FPGAs.