## Enhancing COPACOBANA for Advanced Applications in Cryptography and Cryptanalysis

Citations: | 1 - 1 self |

### BibTeX

@MISC{Güneysu_enhancingcopacobana,

author = {Tim Güneysu and Christof Paar and Gerd Pfeiffer and Manfred Schimmler},

title = {Enhancing COPACOBANA for Advanced Applications in Cryptography and Cryptanalysis},

year = {}

}

### OpenURL

### Abstract

Cryptanalysis of symmetric and asymmetric ciphers is a challenging task due to the enormous amount of involved computations. To tackle this computational complexity, usually the employment of specialpurpose hardware is considered as best approach. We have built a massively parallel cluster system (COPA-COBANA) based on low-cost FPGAs as a cost-efficient platform primarily targeting cryptanalytical operations with these high computational efforts but low communication and memory requirements. However, some parallel applications in the field of cryptography are too complex for low-cost FPGAs and also require the availability of at least moderate communication and memory facilities. Particularly, this holds true for arithmetic intensive application as well as ones with a highly complex data flow. In this contribution, we describe a novel architecture for a more versatile and reliable COPACOBANA capable to host advanced cryptographic applications like high-performance digital signature generation according to the Elliptic Curve Digital Signature Algorithm (ECDSA) and integer factorization based on the Elliptic Curve Method (ECM). In addition to that, the new cluster design allows even to run more supercomputing applications beyond the field of cryptography. 1.

### Citations

3064 | A method for obtaining digital signatures and public-key cryptosystems
- Rivest, Shamir, et al.
- 1978
(Show Context)
Citation Context ... a large composite integer n where n = ∏ pi with several prime factors pi is a wellknown mathematical problem which has attracted special attention since the invention of asymmetric cryptography. RSA =-=[10]-=- is a prominent example for an asymmetric cryptosystem what relies on the assumption of an attacker’s inability to factor large numbers. Up to now, the best known method for factoring large integers i... |

436 |
Modular multiplication without trial division
- Montgomery
- 1985
(Show Context)
Citation Context ...omputation over an arbitrary modulus instead of a fixed one (cf. to the NIST prime P-256). Hence, to support arbitrary moduli, we decided to implement a high-radix Montgomery multiplication algorithm =-=[7]-=- and took again all efforts to shift as much of the arithmetic complexity into DSPblocks as possible. Using the different opmodes of the DSP-blocks we realized multiply-and-accumulate functions in the... |

413 | Guide to Elliptic Curve Cryptography
- Hankerson, Menezes, et al.
- 2004
(Show Context)
Citation Context ...nit is not necessary. The point multiplications kP and kP + lQ were determined with a straightforward implementation of the binary method (double-and-add algorithm), also incorporating Shamir’s trick =-=[8]-=-. The ECDSA core has been successfully simulated and tested but we could not yet run it on the new COPACOBANA cluster since the hardware is not yet available (but already in production). Hence, we wil... |

240 |
Factoring integers with elliptic curves
- Lenstra
- 1987
(Show Context)
Citation Context ...is platform, we present parallel implementations for the generation of digital signatures over elliptic curves (ECDSA) as well as for factoring mid-size integers using the Elliptic Curve Method (ECM) =-=[6]-=-. With these applications we demonstrate that a massively parallel FPGA cluster can be used both to accelerate constructive cryptographic applications like high-performance message signing as well as ... |

38 | High-radix Montgomery modular exponentiation on reconfigurable hardware
- Blum, Paar
- 2001
(Show Context)
Citation Context ...to be concurrently verified where each verification usually takes a few milliseconds even with support of special hardware. For example, the FPGAbased designs for RSA and ECC-based systems presentedin=-=[1,9]-=-canbeconsideredashigh-performance implementations but even so both take more than 3 ms per operation. For this reason, we will present a considerably more powerful implementation taking advantage of t... |

37 | Breaking ciphers with COPACOBANA - A cost-optimized parallel code breaker
- Kumar, Paar, et al.
- 2006
(Show Context)
Citation Context ...allel fashion and with very little interprocess communication, we have built an FPGA-based cluster with a strong focus on cost-efficiency, namely the COPACOBANA (Cost Optimized Parallel Code Breaker) =-=[5]-=-. The first version of COPACOBANA was equipped with 120 independent low-cost FPGAs (Xilinx XC3S1000), distributed over 20 modules which are plugged into a single backplane and connected via a parallel... |

24 | A SmithWaterman Systolic Cell - Yu, Kwong, et al. - 2003 |

13 | Ultra high performance ECC over NIST prime fields on commercial FPGAs
- Güneysu, Paar
- 2008
(Show Context)
Citation Context ... hand, we can present a FPGA-based system capable to tackle requirements like that of the German eHealth project. In this context, we adapted our implementation of the ECDSA architecture presented in =-=[4]-=- for the Virtex-4 SX 35 FPGAs which are available on our enhanced cluster system. Since the cluster hardware is not completely built yet, we will provide performance estimates based on the known resul... |

12 | Implementing the elliptic curve method of factoring in reconfigurable hardware
- Gaj, Kwon, et al.
- 2006
(Show Context)
Citation Context ...d-sized numbers for the smoothness testing process. In this context, the Elliptic Curve Method (ECM) has been proposed by Lenstra [6] which has been implemented in few hardware architectures on FPGAs =-=[3, 2]-=-. In this work, we sketch a new multi-core ECM implementation for our COPACOBANA cluster which also makes heavy use of the arithmetic functions provided by the DSP-blocks in Virtex-4 devices. The ECM ... |

12 | How to Maximize the Potential of FPGA Resources for Modular Exponentiation
- Suzuki
- 2007
(Show Context)
Citation Context ...processors or arithmetic function blocks (DSP-blocks) to accelerate complex Digital Signal Processing (DSP) operations. Recently, it has been shown how these DSP blocks can accelerate RSA encryptions =-=[11]-=- as well as attacks on RSA [2]. Based on the presented results, the use of DSP-block-based arithmetic in cryptographic functions let expect an increase in performance even by a few orders of magnitude... |

11 | Hardware factorization based on elliptic curve method
- Šimka, Pelzl, et al.
- 2005
(Show Context)
Citation Context ...-sized numbers for the smoothness testing process. In this context, the Elliptic Curve Method (ECM) has been proposed by Lenstra [11] which has been implemented in few hardware architectures on FPGAs =-=[19, 5, 4]-=-. In this work, we sketch a new multi-core ECM implementation for our COPACOBANA cluster which also makes heavy use of the arithmetic functions provided by the DSP-blocks in Virtex-4 devices. The ECM ... |

9 |
A Scalable GF (p) Elliptic Curve Processor Architecture for Programmable Hardware
- Orlando, Paar
- 2001
(Show Context)
Citation Context ...to be concurrently verified where each verification usually takes a few milliseconds even with support of special hardware. For example, the FPGAbased designs for RSA and ECC-based systems presentedin=-=[1,9]-=-canbeconsideredashigh-performance implementations but even so both take more than 3 ms per operation. For this reason, we will present a considerably more powerful implementation taking advantage of t... |

6 | Integer factorization based on elliptic curve method: Towards better exploitation of reconfigurable hardware
- Meulenaer, Gosset, et al.
- 2007
(Show Context)
Citation Context ...on blocks (DSP-blocks) to accelerate complex Digital Signal Processing (DSP) operations. Recently, it has been shown how these DSP blocks can accelerate RSA encryptions [11] as well as attacks on RSA =-=[2]-=-. Based on the presented results, the use of DSP-block-based arithmetic in cryptographic functions let expect an increase in performance even by a few orders of magnitude. In this contribution, we pre... |

6 | Hardware Enhanced Biosequence Alignment - Pfeiffer, Kreft, et al. - 2005 |

5 |
American National Standard X9.62: The Elliptic Curve Digital Signature Algorithm (ECDSA
- 62-2005
- 2005
(Show Context)
Citation Context ...tion load between components by intermediate data aggregation. Based on this platform, we show novel and parallel implementations for the generation of digital signatures over elliptic curves (ECDSA) =-=[1]-=- as well as for factoring mid-size integers using the Elliptic Curve Method (ECM) [11]. With these applications we demonstrate that a massively parallel FPGA cluster can be used both to accelerate con... |

5 | Epassport: Cracking basic access control keys
- Liu, Kasper, et al.
- 2007
(Show Context)
Citation Context ... [10] and also subsequent attacks on related security applications involving One-Time Password Tokens [6], hard disk encryption (Norton Diskreet) [9] and Machine Readable Travel Documents (ePassport) =-=[12]-=- have been shown. Besides, even cryptanalysis on asymmetric ciphers can be tackled by COPACOBANA, e.g., computing the Elliptic Curve Discrete Logarithm Problem [7] which is known as the fundamental pr... |

3 |
Attacking elliptic curve cryptosystems with special-purpose hardware
- Güneysu, Paar, et al.
- 2007
(Show Context)
Citation Context ...adable Travel Documents (ePassport) [12] have been shown. Besides, even cryptanalysis on asymmetric ciphers can be tackled by COPACOBANA, e.g., computing the Elliptic Curve Discrete Logarithm Problem =-=[7]-=- which is known as the fundamental primitive for cryptosystems based on elliptic curves. COPACOBANA has been designed for providing a significant amount of computing resources to applications with onl... |

3 | How to Break DES for BC 8,980
- Kumar, Paar, et al.
- 2006
(Show Context)
Citation Context ...dard have been successfully broken in less than a week [10] and also subsequent attacks on related security applications involving One-Time Password Tokens [6], hard disk encryption (Norton Diskreet) =-=[9]-=- and Machine Readable Travel Documents (ePassport) [12] have been shown. Besides, even cryptanalysis on asymmetric ciphers can be tackled by COPACOBANA, e.g., computing the Elliptic Curve Discrete Log... |

1 | Breaking Legacy Banking Standards with Special-Purpose Hardware
- Güneysu, Paar
- 2008
(Show Context)
Citation Context ...metric ciphers like the Data Encryption Standard have been successfully broken in less than a week [10] and also subsequent attacks on related security applications involving One-Time Password Tokens =-=[6]-=-, hard disk encryption (Norton Diskreet) [9] and Machine Readable Travel Documents (ePassport) [12] have been shown. Besides, even cryptanalysis on asymmetric ciphers can be tackled by COPACOBANA, e.g... |