Basicrypt - Elliptic Curve Cryptography (ECC) Benchmark Suite

Basicrypt - Elliptic Curve Cryptography (ECC) Benchmark Suite (Last Updated: 2010/07/07)University of Siena, Italy

Contributors:
Prof. Enrico Martinelli
Prof. Roberto Giorgi
Prof. Sandro Bartolini
Dr. Irina Branovic
Ing. Paolo Bennati

Papers

[Bartolini08a] S. Bartolini, I. Branovic, R. Giorgi, E. Martinelli, "Effects of Instruction-set Extensions on an Embedded Processor: a Case Study on Elliptic Curve Cryptography over GF(2^m)", IEEE Trans. Computers, ISSN:0018-9340, vol. 57, no. 5, 2008, pp. 679-685, doi 10.1109/TC.2007.70832

[Bartolini06a] S. Bartolini, P. Bennati, R. Giorgi, E. Martinelli, "Elliptic Curve Cryptography support for ARM based Embedded systems", HiPEAC ACACES-2006, ISBN:90-382-0981-9, L'Aquila, Italy, July 2006, pp. 13-16.
Abstract, PDF. BibTeX entry: Bartolini06a.bib.

[Bartolini04a] S. Bartolini, I. Branovic, R. Giorgi, E. Martinelli, "A Performance Evaluation of ARM ISA Extension for Elliptic Curve Cryptography over Binary Finite Fields", IEEE 16th Symp. on Computer Architecture and High Performance Computing (SBAC-PAD-04), ISBN:0-7695-2240-8, ISSN:1550-6533, Foz do Iguacu, Brasil, Oct. 2004, pp. 238-245.
Abstract, PDF. BibTeX entry: Bartolini04a.bib.

[Branovic03a] I. Branovic, R. Giorgi, E. Martinelli, "Memory Performance of Public-Key cryptography Methods in Mobile Environments", ACM SIGARCH Workshop on MEmory performance: DEaling with Applications, systems and architecture (MEDEA-03), New Orleans, LA, USA, Sept. 2003, pp. 24-31.
Abstract, PDF. BibTeX entry: Branovic03a.bib.

Basicrypt benchmark package contains standard and elliptic curve code for Diffie-Hellman key exchange, digital signature algorithm, ElGamal and RSA encryption/decryption. Standard algorithms can be used with various key lengths (1024, 2048, and 3072), while for elliptic curve variants parameter files are defined according to fields and curves recommended in NIST DSS standard FIPS 186-2. Input text files (input_small.asc and test.asc) that we used in running the bencmarks (where it was applicable) are taken from MiBench benchmark suite.
Public-key benchmarks in Basicrypt package were written using MIRACL C procedures for big integer arithmetic. The MIRACL library consists of over 100 routines that cover all aspects of multiprecision arithmetic and offer procedures for finite field elliptic curve operations.

Download basicrypt-2.0.2.tar.gz (4 MB)

How to compile the package:

Unpack the tarball
Enter the Basicrypt directory and type ./make. The Makefile is currently set to use gcc compiler and O3 optimization.

The files containing public-key methods of Basicrypt are:

dh.c: Diffie-Hellman key exchange
ecdhb.c: elliptic curve Diffie-Hellman key exchange over binary finite fields
ecdhp.c: elliptic curve Diffie-Hellman key exchange over prime finite fields

ds.c: digital signature generation/verification
ecdsb.c: elliptic curve digital signature generation/verification over binary fields
ecdsp.c: elliptic curve digital signature generation/verification over prime fields

elg.c: ElGamal encryption/decryption
ecelgb.c: elliptic curve ElGamal encryption/decryption over binary fields
ecelgp.c: elliptic curve ElGamal encryption/decryption over prime fields

rsa.c: RSA encryption/decryption with exponent 65537

How to use the benchmark

Diffie-Hellman key exchange: Reads a prime suitable for Diffie-Hellman from a file, calculates the shared key (depending on the length of a prime given in input file param.1024, param.2048, or param.3072 it calculates 1024, 2048, or 3072-bit key) and writes it into a file dh.key.

dh [param.1024, param.2048, param.3072]

Digital signature: Reads three integers suitable for generating keys from parameter file (dsparam.1024, dsparam.2048, or dsparam.3072), generates public and private keys and writes them into files private.dss and public.dss, calculates message digest of the file given as argument using the private key and SHA hash algorithm, writes signature into a file, and verifies it using public key. Depending on the length of the prime given in parameter file, it can generate 1024, 2048, or 3072-bit public key.

ds [dsparam.1024, dsparam.2048, dsparam.3072] [file_to_sign]

ElGamal encryption/decryption: Reads a suitable prime from parameter files (param.1024, param.2048, or param.3072), generates public and private keys, encrypts file passed as argument, writes ciphered text into a file, reads private key from a file, and finally decrypts the content of the file using the private key.

elg [param.1024, param.2048, param.3072] [file_to_encrypt] [decrypted_file]

RSA encryption/decryption with exponent 65537: Reads public key from a file (rsaparam.1024, rsaparam.2048, or rsaparam.3072), encrypts file passed as argument, writes ciphered text into a file, reads private key from a file, reads ciphered content from a file and decrypts it using the private key.

rsa [rsaparam.1024, rsaparam.2048, rsaparam.3072] [file_to_encrypt] [decrypted_file]

Elliptic curve Diffie-Hellman key exchange: Reads parameter file for the elliptic curve, calculates shared key and writes it into a file.

ecdhb [b163.txt, b233.txt, b283.txt, b409.txt, b571.txt]
ecdhp [p192.txt, p224.txt, p256.txt, p384.txt, p521.txt]

Elliptic curve digital signature algorithm: Reads private key and elliptic curve parameters from files, calculates message digest of a file given as argument, writes signature into a file, and immediately verifies the signature using the public key.

ecdsb [b163.txt, b233.txt, b283.txt, b409.txt, b571.txt] [file_to_sign]
ecdsp [p192.txt, p224.txt, p256.txt, p384.txt, p521.txt] [file_to_sign]

Elliptic curve ElGamal encryptiom/decryption: Generates a public/private key pair, encrypts the base point on a curve, and then immediately decrypts it.

ecelgb [b163.txt, b233.txt, b283.txt, b409.txt, b571.txt]
ecelgp [p192.txt, p224.txt, p256.txt, p384.txt, p521.txt]

A shell script runme.sh can be used for executing the benchmarks.

Elliptic curve parameter files

The elliptic curve methods in the package use parameter files (p192.txt, p224.txt, p256.txt, p384.txt, p521.txt for prime fields,
b163.txt, b233.txt, b283.txt, b409.txt, b571.txt for binary fields). The number denotes the field size used.
All field sizes and curves were chosen according to NIST DSS standard, however to add a new curve it is enough to write to corresponding parameter file.
Parameter files are used for initializing the curve, setting the base point on the curve and setting the irreducible polynomial for multiplication in binary fields.

NIST curves over binary fields
curve equation: y^2 + xy = x^3 + x^2 + b
parameter files: b163.txt, b233.txt, b283.txt, b409.txt, b571.txt

the first four entries are coefficients of the irreducible polynomial
(in case that the field has a trinomial, the second two coefficients are zeros)
curve coefficient b (hex)
base point x coordinate (hex)
base point y coordinate (hex)
the curve order (dec)

Example: b163.txt
163
7
6
3
20a601907b8c953ca1481eb10512f78744a3205fd
3f0eba16286a2d57ea0991168d4994637e8343e36
0d51fbc6c71a0094fa2cdd545b11c5c0c797324f1
5846006549323611672814742442876390689256843201587

NIST curves over prime fields
curve equation: y^2 = x^3 -3x + b
parameter files: p192.txt, p224.txt, p256.txt, p384.txt, p521.txt

the prime modulus p (dec)
the curve coeeficient b (hex)
base point x coordinate (hex)
base point y coordinate (hex)
the curve order (dec)

Example: p384.txt
39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319
b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef
aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7
3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f
39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643