Optimizing and Improving the Performance of the Elliptic Curve Digital Signature Algorithm (ECDSA) Shilpa R. Bagde1, Meghana A. Hasamnis 2 Researcher Professor 1, 2 Department of Electronics Engineering, Shri Ramdeobaba College of Engineering and Management Nagpur, India, [email protected], 8390292462 Abstract To ensure the security of e-commerce and other online transactions in today's Internet era, l authentication, which is a necessity. To protect information encryption plays an important role in today's world. The Elliptic Curve Digital Signature Algorithm (ECDSA) is a cryptographic algorithm used for authentication. This paper presents the performance improvement of the ECDSA algorithm. To improve the performance of the ECDSA algorithm in terms of throughput, the algorithm has been optimized. The optimization reduced the time and complexity of the program. Two optimization techniques “Loop unrolling” and “Strength Reduction” are used to optimize ECDSA C code, through which the code execution speed is improved by 67.39%. ECDSA and optimized ECDSA C code converted to hardware using Vivado HLS tool. Next, the conversion to hardware code is implemented on Xilinx ISE 14.5. The results are obtained and the execution time for hardware implementation is improved by 25.75%. Keywords C code optimization techniques, ECC, ECDSA. Say no to plagiarism. Get a tailor-made essay on "Why Violent Video Games Shouldn't Be Banned"? Get an original essayI. Introduction In today's world, everyone uses the Internet, to send emails, chat online, purchase goods and products through e-commerce site, their security is the most important thing. Information security is of utmost importance in the world of communication over open networks and storage of data in digital format. Encryption needs occur because, to protect some things like our Internet passwords, credit card numbers, banking information and business documents end up in the wrong hands. The importance of information security has grown because new technologies have made it easier and easier to access and misuse confidential information. profitable. Personal information is very important, but criminals misuse that information and gain profit. To protect the growing crime on networks, encryption is necessary. Encryption makes communications secure. It is the art and science that creates a cryptosystem that can ensure information security. Cryptography deals with the actual protection of digital information. Refers to the plan of components based on scientific calculations that provide essential information security services. Cryptography allows individuals to maintain trust in the electronic world. It is used in many applications such as bank transaction cards, computer passwords, and e-commerce transactions. The benefits of encryption are: Confidentiality Integrity Non-repudiation Authentication Encryption has 2 types, symmetric key encryption and asymmetric key encryption. Symmetric Key Cryptography: In symmetric key cryptography, both parties use the same key. The sender uses this key and an encryption algorithm to encrypt the data; the recipient uses the same key and corresponding decryption algorithm to decrypt the data [2]. AES, DES, RC5 are the examples of symmetric key cryptography. Asymmetric key cryptography: Asymmetric cryptography, also known aspublic key encryption, uses public and private keys to encrypt and decrypt data. The keys are simply large numbers that have been paired together but are not identical (asymmetrical). A pair key can be shared with everyone; it is called the public key. The other key of the pair is kept secret; It's called a private key. You can use both keys to encrypt a message; for decryption the opposite key to that used to encrypt the message is used [3]. ECC,DSA, ECDSA, RSA are examples of asymmetric key algorithm. Algorithm II.ECC Elliptic curve cryptography (ECC) is a public key cryptography technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys. ECC generates keys through the properties of the elliptic curve equation instead of the traditional method of generating them as a product of very large prime numbers. Since ECC helps establish equivalent security with less computing power and less usage of battery resources, it is becoming widely used for mobile applications [3]. ECC has some additional advantages such as more compact structure, lower bandwidth, and faster computation which make ECC usable in both high-speed and low-resource applications [1]. Due to the better performance of ECC, the elliptic curve has been adapted for several cryptographic schemes, such as key agreement scheme: ECDH, encryption scheme: ECIES, digital signature scheme: ECDSA. Fig.1. shows the operation performed on the elliptic curve. a) Addition: P + Q = R b) Doubling P + P = R Fig.1 Geometric addition and doubling of the points of the elliptic curve [1]. III.ECDSA Algorithm This article explains the ECDSA algorithm used for the implementation. The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic curve analogue of the Digital Signature Algorithm (DSA). It is the most widely standardized elliptic curve-based signature scheme [1]. The ECDSA algorithm provides high security, faster calculations, and less processing power and storage space due to the smaller key size. Elliptic curve digital signatures used for software distribution, financial transactions, vehicles and cell phones. In this article, the secp256r1 elliptic curve-based digital signature algorithm was used. Using the domain parameters of this curve the ECDSA algorithm is implemented. Key pair generation, signature generation and signature verification: These are the most important part of the ECDSA algorithm. 3.1. Generating the ECDSA Key Pair Before an ECDSA authenticator can work, it must know its private key. The public key is derived from the private key and domain parameters. As the name suggests, the private key is not accessible from the outside world. The public key, on the other hand, must be openly accessible for reading. Fig.2 shows the generation of the key pair [4]. Fig.2. Generating Key Pairs [4] This step requires a pseudo-random number generator to choose d and a multiplication of a point to calculate Q for added security. To generate the keys, the sender does the following: select an elliptic curve E defined on Fp. The number of points in E should be divisible by a large prime number n. Select a point generator P€ E (a,b) of order n. Select a statistically unique and unpredictable integer d from [1, n - 1]. Calculate the point Q= dP The sender's public key is Q; the sender's private key is d. 3.2. ECDSA signature generation A digital signature allowsto convert the variable-length message into a fixed-length digest message H(m) using a secure hash algorithm. After the message digest is calculated, a random number generator is activated to provide a k value for the elliptic curve calculations [4]. Fig.3 shows the signature generation process. Fig.3. Signature generation [4] The signature is the set (r, s). To sign a message m, select a statistically unique and unpredictable integer k from [1, n - 1]. Calculate kP = (x1, y1). Compute r = x1 mod n Compute e = h (m) with e the message digest and h the hash function Compute s = kl. (e + dr) mod n 3.3. ECDSA Signature Verification Signature verification is the counterpart to signature calculation. Its purpose is to verify the authenticity of the message using the sender's public key [3]. Fig.4 shows the signature verification process. Fig.4. Signature Verification [4] To verify the sender's signature (r, s) on m, the recipient must compare v and r. If v = r then the signature is identical otherwise it is not identical. Compute e = h (m) Compute ul =es-1 mod n Compute u2 = rs-1 mod n Compute ul.P + u2.Q = (xl, y2) Compute v = x2 mod n Accept the signature if and only if v = r. IV. Software implementation 4.1. ECDSA Algorithm The ECDSA algorithm written in C language using the GCC Dev-C++ 5.11 compiler has been compiled and executed. Fig.5. shows the temporal analysis of the ECDSA algorithm Fig.5. Time Analysis of the ECDSA Algorithm The public and private key pair of user 1 and user 2 generated by using the elliptic curve properties. Using the ECDSA algorithm hash the data. Hashing used for the digital signature process where the message is passed through a hash function, with a private key of user 1 and the public key of user 2 generating the signature. The obtained signature is delivered to user 2, where user 2 verifies the signature using user 1's public key and user 2's private key. The obtained signature is matched with the received signature and both are found to be identical, therefore the signature is identical if the signature does not match, the signature is not identical. When using the same public and private keys of the same user the signature does not match, this indicates that the algorithm is working correctly. 4.2. Optimized ECDSA Algorithm To improve the performance of the ECDSA algorithm, the optimization techniques Loop unrolling, Strength Reduction, Code Motion, Constant Folding, Constant propagation, Dead Code Elimination, Common Sub-Expression Elimination etc. have been studied. According to the expression used in the C code of the ECDSA loop unrolling and Strength Reduction algorithm, these two techniques have applied and optimized the speed-increasing C code. 4.4.1 Optimization Using Loop Unwinding Loop unwinding, also known as loop unwinding, is a loop transformation technique that attempts to optimize the execution speed of a program. Increases program efficiency and reduces loop overhead. Using the loop unrolling technique, the two for loops are unrolled of the ECDSA algorithm so that the code executes quickly. 4.4.2 Optimization by drag reduction It is an optimization technique in which one type of operation is replaced by another type of operation, those operations that are computationally expensive replaced by simpler ones having an equivalent effect. ECDSA algorithm C code has so many operations of multiplication, addition, inversion etc. In which the addition operation takes less time than the multiplication operation, then the multiplication operation is replaced by the addition operation. In this article, the ECDSA C code has 15 expressions containing.