tailieunhanh - Efficient Hash-Based Signatures on Embedded Devices

Authentication and message integrity are essential building blocks for protocols of many security related verification processes like data origin authentication for valid software updates or device authentication. | Efficient Hash-Based Signatures on Embedded Devices Sebastian Rohde1 Thomas Eisenbarth1 Erik Dahmen2 Johannes Buchmann2 and Christof Paar1 1 Horst Gortz Institute for IT Security Ruhr University Bochum 44780 Bochum Germany rohde eisenbarth cpaar @ 2 Technische Universitat Darmstadt Department of Computer Science Hochschulstrake 10 64289 Darmstadt Germany dahmen buchmann @ Abstract. Authentication and message integrity are essential building blocks for protocols of many security related verification processes like data origin authentication for valid software updates or device authentication. Critical embedded devices - like a brake control unit in a car -must only accept updates from valid issuers. At the same time it is essential - for security and commercial reasons - to prove the authenticity of the device to other integrated systems to prevent product counterfeiting. The most widely used algorithms for digital signatures RSA and ECDSA depend on finite field engines. Many embedded devices are powered by 8-bit microprocessors. On this platform the finite field engines either require costly coprocessors or the implementations become very large and very slow. Hence the need for better methods is highly visible. One alternative to RSA and ECDSA is the Merkle signature scheme which provides digital signatures using hash functions only without relying on any number theoretic assumptions. In this paper we present an implementation of the Merkle signature scheme on an 8-bit microprocessor. Our results prove that the Merkle signature scheme can provide very good timings and a higher degree of security compared to previous implementations of RSA and ECDSA while maintaining a smaller code size. Keywords Embedded security hash based cryptography Merkle signature scheme digital signatures. 1 Motivation Digital signatures have become a key technology for making IT infrastructures secure and for preventing product counterfeiting. .