Specialpurpose chip reduces power consumption of publickey encryption by 99.75 percent, increases speed 500fold. Most sensitive web transactions are protected by publickey cryptography, a type of encryption that lets computers share information securely without first agreeing on a secret encryption key.
Publickey encryption protocols are complicated, and in computer networks, they’re executed by software. But that won’t work in the internet of things, an envisioned network that would connect many different sensors — embedded in vehicles, appliances, civil structures, manufacturing equipment, and even livestock tags — to online servers. Embedded sensors that need to maximize battery life can’t afford the energy and memory space that software execution of encryption protocols would require.
MIT researchers have built a new chip, hardwired to perform publickey encryption, that consumes only 1/400 as much power as software execution of the same protocols would. It also uses about 1/10 as much memory and executes 500 times faster. The researchers describe the chip in a paper they’re presenting this week at the International SolidState Circuits Conference.
Like most modern publickey encryption systems, the researchers’ chip uses a technique called ellipticcurve encryption. As its name suggests, ellipticcurve encryption relies on a type of mathematical function called an elliptic curve. In the past, researchers — including the same MIT group that developed the new chip — have built chips hardwired to handle specific elliptic curves or families of curves. What sets the new chip apart is that it is designed to handle any elliptic curve.
“Cryptographers are coming up with curves with different properties, and they use different primes,” says Utsav Banerjee, an MIT graduate student in electrical engineering and computer science and first author on the paper. “There is a lot of debate regarding which curve is secure and which curve to use, and there are multiple governments with different standards coming up that talk about different curves. With this chip, we can support all of them, and hopefully, when new curves come along in the future, we can support them as well.”
Joining Banerjee on the paper are his thesis advisor, Anantha Chandrakasan, dean of MIT’s School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science; Arvind, the Johnson Professor in Computer Science Engineering; and Andrew Wright and Chiraag Juvekar, both graduate students in electrical engineering and computer science.
Modular reasoning
To create their generalpurpose ellipticcurve chip, the researchers decomposed the cryptographic computation into its constituent parts. Ellipticcurve cryptography relies on modular arithmetic, meaning that the values of the numbers that figure into the computation are assigned a limit. If the result of some calculation exceeds that limit, it’s divided by the limit, and only the remainder is preserved. The secrecy of the limit helps ensure cryptographic security.
One of the computations to which the MIT chip devotes a specialpurpose circuit is thus modular multiplication. But because ellipticcurve cryptography deals with large numbers, the chip’s modular multiplier is massive. Typically, a modular multiplier might be able to handle numbers with 16 or maybe 32 binary digits, or bits. For larger computations, the results of discrete 16 or 32bit multiplications would be integrated by additional logic circuits.
The MIT chip’s modular multiplier can handle 256bit numbers, however. Eliminating the extra circuitry for integrating smaller computations both reduces the chip’s energy consumption and increases its speed.
Another key operation in ellipticcurve cryptography is called inversion. Inversion is the calculation of a number that, when multiplied by a given number, will yield a modular product of 1. In previous chips dedicated to ellipticcurve cryptography, inversions were performed by the same circuits that did the modular multiplications, saving chip space. But the MIT researchers instead equipped their chip with a specialpurpose inverter circuit. This increases the chip’s surface area by 10 percent, but it cuts the power consumption in half.
The most common encryption protocol to use ellipticcurve cryptography is called the datagram transport layer security protocol, which governs not only the ellipticcurve computations themselves but also the formatting, transmission, and handling of the encrypted data. In fact, the entire protocol is hardwired into the MIT researchers’ chip, which dramatically reduces the amount of memory required for its execution.
The chip also features a generalpurpose processor that can be used in conjunction with the dedicated circuitry to execute other ellipticcurvebased security protocols. But it can be powered down when not in use, so it doesn’t compromise the chip’s energy efficiency.
“They move a certain amount of functionality that used to be in software into hardware,” says Xiaolin Lu, director of the internet of things (IOT) lab at Texas Instruments. “That has advantages that include power and cost. But from an industrial IOT perspective, it’s also a more userfriendly implementation. For whoever writes the software, it’s much simpler.”
Learn more: Energyefficient encryption for the internet of things
The Latest on: Ellipticcurve encryption

Keeper Security Adds Two New Strategic Team Members
on August 8, 2018 at 4:30 am
He coauthored ReCrypt, a keyhomomorphic encryption scheme for securely rotating keys used in cloud storage. Adam also discovered and published flaws in the Linux random number generator and the Dual ... […]

Industrial IoT Routers & Gateways – Under the Hood of IPsec VPN
on July 31, 2018 at 10:28 am
In more recent software releases, it was decided to drop any of the nonquantum resistant encryption algorithms, integrity and PRF ciphers, changing the default value to Group19, which is a lightweigh... […]

Unbound CoFounder to Deliver Training Session at Black Hat USA 2018
on July 31, 2018 at 4:00 am
The focus will be on asymmetric cryptography including RSA, Elliptic Curve Crypto, PostQuantum Crypto and Key Exchange. For more information on Black Hat USA 2018, visit www.blackhat.com/us18. Unbou... […]

IP Cores, Inc. Announces OneYear Anniversary of the Delivery of XTS4 Cores for the Server Memory Encryption
on July 31, 2018 at 12:41 am
flowthrough AES/CCM cores with header parsing for IEEE 802.11 (WiFi), 802.16e (WiMAX), 802.15.3 (MBOA), 802.15.4 (Zigbee), publickey accelerators for RSA and elliptic curve cryptography (ECC), true ... […]

Yet Another Critical Bluetooth Bug: Enables Attackers to Snoop on You
on July 24, 2018 at 9:19 am
In some implementations, the elliptic curve parameters are not all validated by the cryptographic ... pairing process can launch a maninthemiddle (MitM) attack to obtain the encryption key. This al... […]

Big bad Bluetooth blunder bug battered – check for security fixes
on July 23, 2018 at 8:56 pm
During pairing, the two devices are meant to create a shared secret key based on an exchange of their public keys, and during that process, the two ends of the conversation agree on the elliptic curve ... […]

ExpressVPN Review
on June 12, 2018 at 2:13 am
Perfect forward secrecy is provided courtesy of Elliptic Curve Diffie–Hellman (ECDH) key exchanges for data channel encryption. To put it another way, OpenVPN encryption is quite literally as strong a... […]

A (relatively easy to understand) primer on elliptic curve cryptography
on October 24, 2013 at 1:07 pm
Author Nick Sullivan worked for six years at Apple on many of its most important cryptography efforts before recently joining CloudFlare, where he is a systems engineer. He has a degree in mathematics ... […]

Sun Microsystems Announces Support for Elliptic Curve Cryptography
on March 28, 2006 at 3:59 pm
Next Generation Encryption Technology Supported in Sun Java System Web Server, Vastly Improving Performance of Secure Online Transactions SAN JOSE, Calif., RSA Conference, Booth 515, Feb. 14  Sun Mic... […]

109bit Elliptic Curve Cryptography knocked over with brute force
on November 6, 2002 at 4:00 pm
Now Microsoft ports Windows 10, Linux to homegrown CPU design Academics yesterday scooped a $10,000 prize after using a distributed computing network to decrypt a message scrambled using an 109bit im... […]
via Google News and Bing News