Azarderakhsh, Reza

Cryptographic algorithms are being developed and incorporated into network security protocols to provide secure communication over vulnerable mediums like the Internet. These protocols utilize secret and public key mechanisms to carry out data integrity, confidentiality, authentication, and non-repudiation.
The urge to deploy cryptosystems on low-end devices, based on the constantly growing Internet of Things (IoT) world, requires optimal design and implementation of cryptographic algorithms and protocols to achieve small communicational and computational cost, while preserving the privacy of the transmitted data. Scenarios of low bandwidth, constrained memory, and limited processing power are common when targeting embedded devices; however, security requirements are still present due to the sensitive information that may be communicated. In this thesis, we address the need for optimal cryptographic primitives implementation design in terms of computing capabilities, energy and power consumption, and memory usage to accommodate the deployment of cryptographical systems on resource-constrained devices.

To address the increased interest in crypto hardware accelerators due to performance and efficiency concerns, implementing hardware architectures of different public-key cryptosystems has drawn growing attention. Pure hardware methodology enhances architecture’s performance over a hardware/software co-design scheme at the cost of a more extended design cycle, reducing the flexibility, and demands customized data paths for different protocol-level operations. However, using pure hardware architecture makes the design smaller, faster, and more efficient. This dissertation mainly focuses on designing crypto accelerators that can be used in embedded systems and Internet-of-Things (IoT) devices where performance and efficiency are critical as a hardware accelerator to offload computations from the microcontroller units (MCU). In particular, our objective is to create a system-on-chip (SoC) crypto-accelerator with an MCU that achieves high area-time efficiency. Our implementation can also be integrated as an off-chip solution; however, other criteria, such as performance, are often as important or more important than efficiency in the external crypto-chip design, which is beyond of this work. Not only does our architecture inherently provide protection against timing and simple power analysis (SPA) attacks, but also some advanced security mechanisms to avoid differential power analysis (DPA) attacks are included, which is missing in the literature. In a nutshell, the contributions are summarized as follows:

Cryptography relies on hard mathematical problems that current conventional computers cannot solve in a feasible amount of time. On the other hand, quantum computers, with their quantum mechanic construction, are presumed to be able to solve some of these problems in a reasonable amount of time. More specifically, the current hard problems that public key cryptography relies upon are expected to be easily broken during the quantum era, a time when large-scale quantum computers are available. To address this problem ahead of time, researchers and institutions have proposed post-quantum cryptography (PQC), which is an area of research that focuses on quantum-resistant public key cryptography algorithms. One of the candidates in the NIST PQC standardization process is SIKE, an isogeny-based candidate. The main advantage of SIKE is that it provides the smallest key size out of all the NIST PQC candidates at the cost of performance. Therefore, the development of hardware accelerators for SIKE is very important to achieve high performance in time-constrained applications. In this thesis, we implement several accelerators for SIKE and its primitives using different design approaches, all of which are suitable for different applications. We deliver significant enhancements to SIKE’s most expensive component, the modular multiplier. We design SIKE using a hardware-based approach and a software-hardware codesign approach, the latter of which utilizes a RISC-V processor. We also design SIKE with multi-level security level support for applications that require support of multiple security levels with minimal area usage. We enclose our performance and area results, which provide a reference to evaluate our work with other implementations.

It is well known that in the near future, a large-scale quantum computer will be unveiled, one that could be used to break the cryptography that underlies our digital infrastructure. Quantum computers operate on quantum mechanics, enabling exponential speedups to certain computational problems, including hard problems at the cornerstone of our deployed cryptographic algorithms. With a vulnerability in this security foundation, our online identities, banking information, and precious data is now vulnerable. To address this, we must prepare for a transition to post-quantum cryptography, or cryptosystems that are protected from attacks by both classical and quantum computers. This is a dissertation proposal targeting cryptographic engineering that is necessary to deploy isogeny-based cryptosystems, one known family of problems that are thought to be difficult to break, even for quantum computers. Isogeny-based cryptography utilizes mappings between elliptic curves to achieve public-key encryption, digital signatures, and other cryptographic objectives necessary to support our digital infrastructure's security. This proposal focuses on three aspects of isogeny-based cryptography: 1) cryptographic engineering of isogeny-based cryptosystems; 2) developing and optimizing security-enabling isogeny applications; and 3) improving the security from known and emerging implementation attacks. By improving each of these aspects, we are providing confidence in the deployability of isogeny-based cryptography and helping to prepare for a post-quantum transition.

As the cryptographic community turns its focus toward post-quantum cryptography, the demand for classical cryptographic schemes such as Elliptic Curve Cryptography (ECC) remains high. ECC is mature, well studied, and used in a wide range of applications such as securing visits to web pages through a web browser, Bitcoin, and the Internet of Things (IoT). In this work we present an optimized implementation of the Edwards Curve Digital Signature Algorithm (EdDSA) operations Key Generation and Sign using the Ed25519 parameter on the ARM Cortex-M4, and we discuss the optimization of field and group arithmetic to produce high throughput cryptographic primitives. In addition, we discuss several techniques for optimizing scalar multiplication, and present timing and memory consumption for each, as well as comparisons to other works. Our fastest implementation performs an Ed25519 Key Generation operation in 250,785 cycles and signing in 435,426 cycles utilizing 6.1 kB of additional Read Only Memory (ROM) space.

Quantum computers are envisioned to be able to solve mathematical problems
which are currently unsolvable for conventional computers, because of their
exceptional computational power from quantum mechanics. Therefore, if quantum
computers are ever built in large scale, they will certainly be able to solve many classical
exponential complexity problems such as the hard problems which the current
public key cryptography is constructed upon. To counteract this problem, the design
of post-quantum cryptography protocols is necessary to preserve the security in the
presence of quantum adversaries. Regardless of whether we can estimate the exact
time for the advent of the quantum computing era, security protocols are required to
be resistant against potentially-malicious power of quantum computing.
In this thesis, the main focus is on the sperformance improvement of one
of the potential PQC candidates, isogeny-based cryptography. Several optimized
implementations of cryptography applications based on this primitive are presented.
From a general viewpoint, the proposed methods, implementation techniques and
libraries have a practical impact on the performance evaluation of post-quantum
cryptography schemes in a wide range of applications. In particular, the provided benchmarks and optimizations on ARM-powered processors provide a reference for
comparison and evaluation of isogeny-based cryptography with other post-quantum
candidates during the first round of NIST's PQC standardization process.