TY - GEN
T1 - Implementing minimized multivariate PKC on low-resource embedded systems
AU - Yang, Bo Yin
AU - Cheng, Chen Mou
AU - Chen, Bor Rong
AU - Chen, Jiun Ming
PY - 2006
Y1 - 2006
N2 - Multivariate (or MQ) public-key cryptosystems (PKC) are alternatives to traditional PKCs based on large algebraic structures (e.g., RSA and ECC); they usually execute much faster than traditional PKCs on the same hardware. However, one major challenge in implementing multivariates in embedded systems is that the key size can be prohibitively large for applications with stringent resource constraints such as low-cost smart cards, sensor networks (e.g., Berkeley motes), and radio-frequency identification (RFID). In this paper, we investigate strategies for shortening the key of a multivariate PKC. We apply these strategies to the Tame Transformation Signatures (TTS) as an example and quantify the improvement in key size and running speed, both theoretically and via implementation. We also investigate ways to save die space and energy consumption in hardware, reporting on our ASIC implementation of TTS on a TSMC 0.25μm process. Even without any key shortening, the current consumption of TTS is only 21 μA for computing a signature, using 22,000 gate equivalents and 16,000 100-kHz cycles (160 ms). With circulant-matrix key shortening, the numbers go down to 17,000 gates and 4,400 cycles (44 ms). We therefore conclude: besides representing a future-proofing investment against the emerging quantum computers, multivariates can be immediately useful in niches.
AB - Multivariate (or MQ) public-key cryptosystems (PKC) are alternatives to traditional PKCs based on large algebraic structures (e.g., RSA and ECC); they usually execute much faster than traditional PKCs on the same hardware. However, one major challenge in implementing multivariates in embedded systems is that the key size can be prohibitively large for applications with stringent resource constraints such as low-cost smart cards, sensor networks (e.g., Berkeley motes), and radio-frequency identification (RFID). In this paper, we investigate strategies for shortening the key of a multivariate PKC. We apply these strategies to the Tame Transformation Signatures (TTS) as an example and quantify the improvement in key size and running speed, both theoretically and via implementation. We also investigate ways to save die space and energy consumption in hardware, reporting on our ASIC implementation of TTS on a TSMC 0.25μm process. Even without any key shortening, the current consumption of TTS is only 21 μA for computing a signature, using 22,000 gate equivalents and 16,000 100-kHz cycles (160 ms). With circulant-matrix key shortening, the numbers go down to 17,000 gates and 4,400 cycles (44 ms). We therefore conclude: besides representing a future-proofing investment against the emerging quantum computers, multivariates can be immediately useful in niches.
KW - Digital signature schemes
KW - Efficient implementation
KW - Embedded system
KW - Motes
KW - Multivariate public-key cryptosystem
KW - Sensor networks
UR - http://www.scopus.com/inward/record.url?scp=33745816647&partnerID=8YFLogxK
U2 - 10.1007/11734666_7
DO - 10.1007/11734666_7
M3 - 会议稿件
AN - SCOPUS:33745816647
SN - 3540333762
SN - 9783540333760
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 73
EP - 88
BT - Security in Pervasive Computing - Third International Conference, SPC 2006, Proceedings
PB - Springer Verlag
T2 - 3rd International Conference on Security in Pervasive Computing, SPC 2006
Y2 - 18 April 2006 through 21 April 2006
ER -
