submitted on 2024-10-29, 07:10 and posted on 2024-10-30, 09:28authored byNeam Fares
The widespread adoption of Internet of Things (IoT) devices has revolutionized the way we live and work, but it has also introduced new security vulnerabilities. To address these challenges, hardware-based cryptography has emerged as a promising solution for achieving robust security without compromising performance or energy efficiency. This research proposes a project aimed at building four core cryptographic modules for data confidentiality, message integrity, message authentication, and secure communication channels. The research demonstrates the feasibility and advantages of hardware-based cryptography for IoT devices, particularly in terms of improved performance. Furthermore, the research discusses the advantages of using Elliptic Curve Cryptography (ECC) for IoT security and explores its various operations, coordinate systems, and combinations with other crypto-graphic algorithms. This research has successfully implemented ECC in Verilog, specifically the BLS12-381 curve, and provided insights into the performance of different methods of scalar multiplication in ECC that involves a series of computationally expensive point additions and doublings. The research also provides a detailed performance analysis for Verilog modules implementing SHA256, AES128-CBC encryption and decryption, and AES128-GCM encryption algorithms, demonstrating their suitability for digital systems requiring cryptographic functionalities. Furthermore, the implementation of the Hash to Curve operation and the pairing operation for the BLS12-381 digital signature scheme and session key agreement protocol were also demonstrated.The Hash to Curve operation maps a message to a point on the BLS12-381 curves, while pairing is a fundamental operation that takes two points on the curve and returns an element in a finite field. The performance of the Hash to Curve operation, scalar multiplication and pairing operation have a significant impact on the overall performance of the digital signature scheme and session key agreement protocol. The BLS12-381 digital signature scheme was found to be a reliable and widely used cryptographic algorithm that provides secure and efficient digital signatures, with the module for signing messages taking 0.76 seconds, and the module for verifying signatures taking 7.35 seconds using 10MHz clock frequency. The parallel scalar multiplication method was found to be the most efficient, with a time of 0.48 seconds for \uD835\uDD3E1 and 1.92 seconds for \uD835\uDD3E2. The pairing operation which consist of two main steps, the miller loop and final exponentiation takes around 3.68s to pair two points. Moreover, the module for generating a session key on a node’s side takes around 4.03 seconds. Overall, this research emphasizes the importance of addressing the security risks associated with IoT devices and the potential of hardware-based cryptography for achieving robust security in these devices.