基于椭圆曲线加密的安全云计算同态加密侧信道攻击弹性实现

IF 2.5 3区工程技术 Q3 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Integration-The Vlsi Journal Pub Date : 2025-06-07 DOI:10.1016/j.vlsi.2025.102439

Parthasarathy R., Saravanan P.

{"title":"基于椭圆曲线加密的安全云计算同态加密侧信道攻击弹性实现","authors":"Parthasarathy R., Saravanan P.","doi":"10.1016/j.vlsi.2025.102439","DOIUrl":null,"url":null,"abstract":"<div><div>In recent times, the amount of data exchanged between the cloud storage and the users has proliferated. The security of that data is also critical. To secure that data and to enhance its integrity, it should be encrypted before being uploaded into the cloud. In this work, a side-channel attack-secured additive homomorphic encryption is implemented using elliptic curve cryptography on an FPGA platform. An elliptic curve scalar multiplication, which is the critical component of elliptic curve cryptography, is designed in the general prime field using standard projective coordinate representation and implemented for 192, 224, and 256 bits as per the left-to-right double-and-add algorithm using radix-4 Booth-encoded modular multipliers in both FPGA devices and the ASIC platform. A minimum of 8242 slices is required to implement the proposed 256-bit elliptic curve scalar multiplication in the Virtex-6 FPGA device. The area of the proposed 192, 224, and 256-bit elliptic curve scalar multiplication is estimated as 149.225K, 208.178K, and 266.981 KGE in the ASIC using Cadence gpdk-45 nm technology libraries. A correlation power analysis attack is mounted on the FPGA implementation of the proposed elliptic curve scalar multiplication with an 8-bit data size to determine the value of scalar ‘n’. The attack is successful with a minimum of 2301 traces, and a high correlation coefficient value is obtained. Scalar randomization is proposed and integrated with the design as a countermeasure part to thwart the correlation power analysis attack, which is successful, and hence the left-to-right double-and-add algorithm used to determine elliptic curve scalar multiplication is made secure against side-channel attacks. This secured hardware implementation of elliptic curve cryptography is utilized to encrypt the data uploaded to the cloud, where additive homomorphic encryption is employed to process the data. Hence, additive homomorphic encryption becomes side-channel attack resilient, and cloud computations are secured.</div></div>","PeriodicalId":54973,"journal":{"name":"Integration-The Vlsi Journal","volume":"104 ","pages":"Article 102439"},"PeriodicalIF":2.5000,"publicationDate":"2025-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Side-channel attack resilient implementation of homomorphic encryption using elliptic curve cryptography for secure cloud computing\",\"authors\":\"Parthasarathy R., Saravanan P.\",\"doi\":\"10.1016/j.vlsi.2025.102439\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>In recent times, the amount of data exchanged between the cloud storage and the users has proliferated. The security of that data is also critical. To secure that data and to enhance its integrity, it should be encrypted before being uploaded into the cloud. In this work, a side-channel attack-secured additive homomorphic encryption is implemented using elliptic curve cryptography on an FPGA platform. An elliptic curve scalar multiplication, which is the critical component of elliptic curve cryptography, is designed in the general prime field using standard projective coordinate representation and implemented for 192, 224, and 256 bits as per the left-to-right double-and-add algorithm using radix-4 Booth-encoded modular multipliers in both FPGA devices and the ASIC platform. A minimum of 8242 slices is required to implement the proposed 256-bit elliptic curve scalar multiplication in the Virtex-6 FPGA device. The area of the proposed 192, 224, and 256-bit elliptic curve scalar multiplication is estimated as 149.225K, 208.178K, and 266.981 KGE in the ASIC using Cadence gpdk-45 nm technology libraries. A correlation power analysis attack is mounted on the FPGA implementation of the proposed elliptic curve scalar multiplication with an 8-bit data size to determine the value of scalar ‘n’. The attack is successful with a minimum of 2301 traces, and a high correlation coefficient value is obtained. Scalar randomization is proposed and integrated with the design as a countermeasure part to thwart the correlation power analysis attack, which is successful, and hence the left-to-right double-and-add algorithm used to determine elliptic curve scalar multiplication is made secure against side-channel attacks. This secured hardware implementation of elliptic curve cryptography is utilized to encrypt the data uploaded to the cloud, where additive homomorphic encryption is employed to process the data. Hence, additive homomorphic encryption becomes side-channel attack resilient, and cloud computations are secured.</div></div>\",\"PeriodicalId\":54973,\"journal\":{\"name\":\"Integration-The Vlsi Journal\",\"volume\":\"104 \",\"pages\":\"Article 102439\"},\"PeriodicalIF\":2.5000,\"publicationDate\":\"2025-06-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Integration-The Vlsi Journal\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167926025000963\",\"RegionNum\":3,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Integration-The Vlsi Journal","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167926025000963","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

最近，云存储和用户之间交换的数据量激增。数据的安全性也至关重要。为了保护这些数据并增强其完整性，应该在将其上传到云端之前对其进行加密。本文利用椭圆曲线加密技术，在FPGA平台上实现了一种防侧信道攻击的加性同态加密。椭圆曲线标量乘法是椭圆曲线密码学的关键组成部分，采用标准投影坐标表示，在一般素数域中设计了椭圆曲线标量乘法，并在FPGA器件和ASIC平台上使用基数4编码的模块化乘数器，按照从左到右的双加算法实现了192、224和256位。在Virtex-6 FPGA器件中实现所提出的256位椭圆曲线标量乘法至少需要8242片。使用Cadence gpdk-45 nm技术库，ASIC中提出的192位、224位和256位椭圆曲线标量乘法的面积估计为149.225K、208.178K和266.981 KGE。相关功率分析攻击安装在FPGA实现所提出的椭圆曲线标量乘法的8位数据大小，以确定标量‘ n ’的值。攻击成功的最小痕迹为2301条，且相关系数较高。提出并将标量随机化作为对抗相关功率分析攻击的对策部分与设计相结合，取得了成功，从而使用于确定椭圆曲线标量乘法的从左到右双加算法对侧信道攻击是安全的。这种椭圆曲线加密的安全硬件实现用于加密上传到云上的数据，在云上使用加性同态加密来处理数据。因此，加性同态加密具有抗侧信道攻击的能力，保证了云计算的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Side-channel attack resilient implementation of homomorphic encryption using elliptic curve cryptography for secure cloud computing

In recent times, the amount of data exchanged between the cloud storage and the users has proliferated. The security of that data is also critical. To secure that data and to enhance its integrity, it should be encrypted before being uploaded into the cloud. In this work, a side-channel attack-secured additive homomorphic encryption is implemented using elliptic curve cryptography on an FPGA platform. An elliptic curve scalar multiplication, which is the critical component of elliptic curve cryptography, is designed in the general prime field using standard projective coordinate representation and implemented for 192, 224, and 256 bits as per the left-to-right double-and-add algorithm using radix-4 Booth-encoded modular multipliers in both FPGA devices and the ASIC platform. A minimum of 8242 slices is required to implement the proposed 256-bit elliptic curve scalar multiplication in the Virtex-6 FPGA device. The area of the proposed 192, 224, and 256-bit elliptic curve scalar multiplication is estimated as 149.225K, 208.178K, and 266.981 KGE in the ASIC using Cadence gpdk-45 nm technology libraries. A correlation power analysis attack is mounted on the FPGA implementation of the proposed elliptic curve scalar multiplication with an 8-bit data size to determine the value of scalar ‘n’. The attack is successful with a minimum of 2301 traces, and a high correlation coefficient value is obtained. Scalar randomization is proposed and integrated with the design as a countermeasure part to thwart the correlation power analysis attack, which is successful, and hence the left-to-right double-and-add algorithm used to determine elliptic curve scalar multiplication is made secure against side-channel attacks. This secured hardware implementation of elliptic curve cryptography is utilized to encrypt the data uploaded to the cloud, where additive homomorphic encryption is employed to process the data. Hence, additive homomorphic encryption becomes side-channel attack resilient, and cloud computations are secured.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Integration-The Vlsi Journal 工程技术-工程：电子与电气

CiteScore

3.80

自引率

5.30%

发文量

107

审稿时长

6 months

期刊介绍： Integration''s aim is to cover every aspect of the VLSI area, with an emphasis on cross-fertilization between various fields of science, and the design, verification, test and applications of integrated circuits and systems, as well as closely related topics in process and device technologies. Individual issues will feature peer-reviewed tutorials and articles as well as reviews of recent publications. The intended coverage of the journal can be assessed by examining the following (non-exclusive) list of topics: Specification methods and languages; Analog/Digital Integrated Circuits and Systems; VLSI architectures; Algorithms, methods and tools for modeling, simulation, synthesis and verification of integrated circuits and systems of any complexity; Embedded systems; High-level synthesis for VLSI systems; Logic synthesis and finite automata; Testing, design-for-test and test generation algorithms; Physical design; Formal verification; Algorithms implemented in VLSI systems; Systems engineering; Heterogeneous systems.