Implementation of an Elliptic Curve Based Message Authentication Code for Constrained Environments
This paper presents the hardware implementation of a new method for message authentication based on elliptic curves. The proposed method makes use of the elliptic curve point multiplication unit already available in the system as a part of key exchange. T
- PDF / 296,390 Bytes
- 10 Pages / 439.363 x 666.131 pts Page_size
- 14 Downloads / 251 Views
Abstract. This paper presents the hardware implementation of a new method for message authentication based on elliptic curves. The proposed method makes use of the elliptic curve point multiplication unit already available in the system as a part of key exchange. The point multiplication unit is time shared for generating the authentication code resulting in reduced hardware complexity. Hence it is suitable for applications with limited resources like wireless sensor networks and smart grid. The security of the proposed MAC is vested in Elliptic Curve Discrete Logarithm Problem(ECDLP).
1
Introduction
Verifying the integrity and authenticity of the received data is a prime necessity in communication networks. This is done using Message Authentication Codes. A Message Authentication Code (MAC) is a function which takes as input the message and a secret key that is shared between the communicating parties to return a authentication tag. This tag is appended to the message on transmission and recomputed at the receiver side for authenticating the received data. MAC’s have most commonly been constructed out of block ciphers. Another approach is to key the cryptographic hash function [1]. The major obstacle in designing a MAC with cryptographic hash is that hash functions are not keyed primitives which is sharp contrast to MAC function, which uses a secret key as an inherent part of its definition. The security of such MAC’s depends on the strength of the underlying hash function. In 2001 NIST published this as a standard known as Keyed - Hash Message Authentication Code (HMAC). The security of the HMAC is increased by truncating the output [2]. MD5 and SHA are the common cryptographic hash functions used for the implementation of keyed hash. As a result the hardware complexity of such MAC’s is the same as that of the underlying hash function. The hardware implementation results of the hash functions available in literature shows that it is not suitable for resource constrained environments [3][4]. Present data networks make use of Elliptic Curve Cryptography (ECC) for key exchange. This is because of the increased security per bit of the key. Point multiplication is the cryptographic operation on elliptic curves. Since key exchange is an inevitable part of any data network the EC point multiplication G. Martínez Pérez et al. (Eds.): SNDS 2014, CCIS 420, pp. 520–529, 2014. c Springer-Verlag Berlin Heidelberg 2014
Elliptic Curve Based MAC for Constrained Environments
521
unit will be available in all systems that make use of ECC for key exchange. If a MAC can be generated based on the EC point multiplication unit already available within the system other than implementing an independent module, it will be highly acceptable for applications with limited resources because of the reduced complexity. A MAC with reduced structural complexity based on elliptic curves is proposed and implemented in this paper.
2
Mathematical Background
Elliptic Curves over a field F are set of points (x, y) that satisfy the Weierstrass
Data Loading...