Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

This is more of a research question. I was wondering what types of crypto algori

ID: 651449 • Letter: T

Question

This is more of a research question.

I was wondering what types of crypto algorithms would work best on a small 4-8 bit micro controller. I recently read a paper called Security Considerations for 802.15.4 Networks and was wondering if anyone out there can think of any other papers or has knowledge about what types of things to consider when implementing cryptography on a low-power, low-memory system.

I read a 2009 ieee paper on implementing RFID on a 4-bit micro controller, but I am looking for papers that will generally apply towards 802.11 or 802.15 standards. I will propablly be trying to hook a bunch of these controllers together, so I am looking for more of asymmetric encryption.

Explanation / Answer

Very small platforms usually have very little RAM, because RAM uses quite a lot of space (SRAM is 6 transistors per bit, i.e. 12 gates per byte -- counting 4 transistors for a "gate"). Among asymmetric algorithms, your best bet for software with very strict memory constraints is elliptic curves (ECDH for key exchange, ECDSA for signatures -- for asymmetric encryption, you combine ECDH with a symmetric encryption algorithm; the X.93:2001 ANSI standard describe that under the name "ECIES") using Koblitz curves -- namely the K-163 curve specified in the DSA/ECDSA standard. Usually, "prime field" curves (e.g. P-256) are considered faster for software, but this is true mostly on big architectures which have an efficient multiplier (e.g. 32x32?64 bits multiplications in a single opcode). On very small architectures, binary curves are competitive, and Koblitz curves in particular are amenable to many optimizations which reduce the number of needed operations and the used RAM as well. See TinyECCK for some details, and the Guide to Elliptic Curve Cryptography.

As @fgrieu points out, this kind of embedded platform is highly susceptible to side-channel leakage, especially since power is drawn from the outside quite directly. Making an efficient implementation protected against such leakage is a very difficult challenge. A dedicated hardware circuit is somewhat easier to protect, and it turns out that ECC with binary curves is a very good fit for hardware accelerators as well.

Related Questions

This is java. Please use the BST class provided in algs4.jar. If you do not use
Question #3600857
This is java. Write a class called Account that does not contain a main() method
Question #653724
This is java. Write a class called Account that does not contain a main() method
Question #653746
This is java. You are creating a BigInt class. It can hold one number that is ve
Question #643723
This is java. You are creating a BigInt class. It can hold one number that is ve
Question #644114
This is javafx code. It is run but I want to add message. when i don\'t put noth
Question #3606783
This is just a conceptual question. I have an electroscope with a needle inside
Question #2015907
This is just a discussion post from my classmate. I just need to respond. Based
Question #358166
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
This is more of a conceptual question because the way that I am doing it would b
Next
This is most likely a result of an electron in which of the following level tran

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.