Most web transactions are protected by public-key cryptography, a type of encryption that allows computers to share information securely without first agreeing on a secret encryption key.
Public-key encryption protocols are very complicated, and in the world of computer networks, they’re executed by software.
That won’t work in the internet of things, a network that would connect many sensors — embedded in appliances, vehicles, structures, manufacturing, and even on livestock tags — to hosted servers.
Embedded sensors that need to maximize battery life can not afford the memory space and energy that software execution of encryption protocols would need.
Researchers at MIT have built a new chip, wired to perform public-key encryption, that consumes only 1/500 as much power as software execution of the same protocols would.
It uses about one-tenth as much memory and executes five hundred times faster.
The researchers further describe the chip in a research paper they’re presenting this week at the International Solid-State Circuits Conference.
Like most modern public-key encryption systems, the chip uses a technique known as elliptic-curve encryption.
As the name suggests, elliptic-curve encryption relies on a type of mathematical technique called an elliptical curve.
In the previous years, researchers built chips hardwired to handle specific elliptical curves or even families of curves. What sets this new chip apart is that it is designed to handle any elliptic curve.
To create their all-purpose elliptic-curve chip, the researchers decomposed the cryptographic computation into its corresponding parts.
Elliptic-curve cryptography relies on modular arithmetic, meaning that the values of the numbers that figure into the computation are assigned a limit. If the result of some calculation exceeds that limit, it’s divided by the limit, and the remainder is solely preserved. The secrecy of said limit helps ensure the cryptographic security thereof.
One of the computations to which the MIT chip devotes a special-purpose circuit is therefore modular multiplication. Because elliptic-curve cryptography deals with very large figures, the chip’s modular multiplier is huge.
Usually, a modular multiplier might be able to handle numbers with sixteen or maybe thirty-two binary digits, or bits. For bigger computations, the results of discrete sixteen- or thirty-two-bit multiplications would be integrated by more logic circuits.
The MIT chip’s modular multiplier can handle 256-bit figures, however. Eliminating the circuitry for integrating smaller computations both increases its speed and reduces the chip’s energy consumption.
Another notable operation in elliptic-curve cryptography is known as inversion.
Inversion is the calculation of a number that, when multiplied by a given number, will yield a modular product of One.
In previous computer chips dedicated to elliptic-curve cryptography, inversions were activated by the same circuits that did the modular multiplications, thus saving microchip space. The MIT researchers instead equipped their particular chip with a special-purpose “inverter circuit”. This increases the microchip’s surface area by roughly ten percent, but it cuts the power consumption in about half.
The most common encryption protocol to use elliptic-curve cryptography is dubbed the datagram transport layer security protocol, which controls not only the elliptic-curve computations themselves but also the transmission, formatting, and handling of the encrypted data.
As a matter of fact, the entire protocol is hardwired into the MIT researchers’ chip, which significantly reduces the amount of memory required for its execution.
The microchip also features a general-purpose processor which can be used in tandem with the dedicated circuitry to execute other elliptic-curve based security protocols. It can be powered down when not in use, so as to not compromise the microchip’s energy efficiency.