Optimization and Performance Improvement of Elliptic Curve Digital Signature Algorithm (ECDSA) Shilpa R. Bagde1, Meghana A. Hasamnis 2 Researcher Professor 1, 2 Department of Electronics Engineering, Shri Ramdeobaba College of Engineering and Management Nagpur, India, [email protected] , 8390292462 Abstract Securing e-commerce and other online transactions in today's Internet era requires authentication which is a necessity. To secure information, cryptography plays an important role in today's world. The Elliptic Curve Digital Signature Algorithm (ECDSA) is an encryption algorithm used for authentication. This article presents the performance improvement of the ECDSA algorithm. To improve the performance of the ECDSA algorithm in terms of throughput, the algorithm has been optimized. The optimization reduced the time and complexity of the program. Two optimization techniques “Loop Unrolling” and “Force Reduction” are used to optimize the ECDSA C code, through which the code execution speed is improved by 67.39%. ECDSA C code and optimized ECDSA converted to hardware using Vivado HLS tool. After conversion to hardware code, it is implemented on Xilinx ISE 14.5. The results are obtained and the execution time of the hardware implementation is improved by 25.75%. Keywords Code optimization techniques C, ECC, ECDSA.Say no to plagiarism. Get a tailor-made essay on “Why Violent Video Games Should Not Be Banned”? Get the original essayI. Introduction In today's world, everyone uses the Internet. To send emails, chat online, purchase goods and products from the e-commerce website, their security is the most important. Information security is of the greatest importance in the world where there is communication on open networks and storage of data in digital form. The need for cryptography occurs because in order to secure certain things, like our Internet passwords, credit card numbers, banking information, and business documents, fall into the wrong hands. profitable. Personal information is the most important, but criminals misuse this information and take advantage of it. To protect the growing number of criminals on networks, cryptography is necessary. Cryptography secures communications. It is the art and science of creating a cryptographic system that can keep information secure. Cryptography is about truly securing digital information. It refers to the plan of components based on scientific calculations that provide essential services in information security. Cryptography allows individuals to maintain confidence in the electronic world. It is used in many applications such as bank card transactions, computer passwords and e-commerce transactions. The advantages of cryptography are: Confidentiality Integrity Non-repudiation Authentication Cryptography has 2 types, symmetric key cryptography and asymmetric key cryptography. Symmetric key cryptography: In symmetric key cryptography, the same key is used by both parties. The sender uses this key and an encryption algorithm to encrypt the data; the receiver uses the same key and corresponding decryption algorithm to decrypt the data [2]. AES, DES, RC5 are examples of symmetric key cryptography. Asymmetric key cryptography: asymmetric cryptography,also known as public key cryptography, uses public and private keys to encrypt and decrypt data. Keys are simply large numbers that are matched but not identical (asymmetric). A key of the pair can be shared with everyone; it is called public key. The other key of the pair is kept secret; This is called the private key. Either key can be used to encrypt a message; the opposite key to that used to encrypt the message is used for decryption [3]. CEC,DSA, ECDSA, RSA are examples of asymmetric key algorithm II. ECC Algorithm Elliptic curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys. ECC generates keys through the properties of the elliptic curve equation instead of the traditional method of generating them as the product of very large prime numbers. Because ECC helps establish equivalent security with reduced computing power and battery resource usage, it is increasingly used for mobile applications [3]. ECC has additional advantages such as more compact structure, lower bandwidth and faster computation which all make ECC usable in high-speed and low-resource applications [1]. Due to the better performance of ECC, the elliptic curve has been adapted for several cryptographic schemes, such as key agreement scheme: ECDH, encryption scheme: ECIES, digital signature scheme: ECDSA. Figure 1. shows the operation performed on the elliptic curve. a) Addition: P + Q = R b) Doubling P + P = R Fig.1 Geometric addition and doubling of elliptic curve points [1]. III.ECDSA Algorithm In this paper, the ECDSA algorithm used for implementation. The Elliptic Curve Digital Signature Algorithm (ECDSA) is the elliptic curve analogue of the Digital Signature Algorithm (DSA). This is the most widely standardized elliptic curve-based signature scheme [1]. The ECDSA algorithm offers high security, faster calculation and less processing power, as well as storage space due to its smaller key size. Elliptic curve digital signatures used for software distribution, financial transactions, vehicles and mobiles. This article used the secp256r1 elliptic curve-based digital signature algorithm. Using the domain parameters of this curve, the ECDSA algorithm is implemented. Key pair generation, signature generation and signature verification, these are the most important part of the ECDSA algorithm. 3.1. Generating ECDSA Key Pairs Before an ECDSA authenticator can operate, it must know its private key. The public key is derived from the private key and domain settings. As the name suggests, the private key is not accessible from the outside world. The public key, on the other hand, must be openly accessible for reading. Figure 2 shows the generation of the key pair [4]. Figure 2. Key pair generation [4] This step requires a pseudo-random number generator to choose d and one-point multiplication to calculate Q for added security. To generate keys, the sender does the following: Select an elliptic curve E set to Fp. The number of points in E must be divisible by a large n prime. Select a point generator P€E (a, b) of order n. Select a statistically unique and unpredictable integer d from [1, n - 1]. Calculate the point Q= dP The sender's public key is Q; the private key ofthe sender is d. 3.2. ECDSA Signature Generation A digital signature allows the variable-length message to be converted into a fixed-length message digest H(m) using a secure hashing algorithm. Once the message digest is calculated, a random number generator is activated to provide a k value for elliptic curve calculations [4]. Figure 3 shows the signature generation process. Figure 3. Signature generation [4] The signature is the set (r, s). To sign a message m, select a statistically unique and unpredictable integer k from [1, n - 1]. Calculate kP = (x1, y1). Calculate r = x1 mod n Calculate e = h (m) with e the message digest and h the hash function Calculate s = kl. (e + dr) mod n 3.3. ECDSA signature verification Signature verification is the counterpart of signature calculation. Its purpose is to verify the authenticity of the message using the sender's public key [3]. Figure 4 shows the signature verification process. Figure 4. Signature verification [4] To verify the sender's signature (r, s) on m, the recipient must compare v and r. If v = r then the signature is identical otherwise it is not identical. Calculate e = h (m) Calculate ul =es-1 mod n Calculate u2 = rs-1 mod n Calculate ul.P + u2.Q = (xl, y2) Calculate v = x2 mod n Accept the signature if and only if v = r. IV. Software implementation 4.1. ECDSA Algorithm The ECDSA algorithm written in C language using the Dev-C++ 5.11 GCC compiler, it was compiled and executed. Figure 5. shows the timing analysis of ECDSA algorithm Fig.5.Timing analysis of ECDSA algorithm The key pair of public key and private key of user 1 and user 2 generated by the using elliptic curve properties. Using the ECDSA algorithm, hash the data. The hash used for the digital signature process where the message passes through a hash function, with a private key of user 1 and the public key of user 2 generate the signature. The resulting signature is given to user 2, where user 2 verifies the signature using user 1's public key and user 2's private key. The resulting signature matches the received signature, and the two turn out to be identical, so the signature is identical if the signature does not match, then the signature is not identical. When using the same public and private keys of the same user, the signature does not match, this indicates that the algorithm is working correctly. 4.2. Optimized ECDSA Algorithm To improve the performance of the ECDSA algorithm, the optimization techniques of loop unrolling, force reduction, code movement, constant folding, constant propagation, dead code elimination, common subexpression elimination, etc. were studied. According to the expression used in the C code of the ECDSA loop unrolling and force reduction algorithm, these two techniques applied and optimized the C code which increases the speed. 4.4.1 Loop unrolling optimization Loop unrolling, also known as loop unrolling, is a loop transformation technique that attempts to optimize the execution speed of a program. It increases program efficiency and reduces loop overhead. Through the use of the loop unrolling technique, the two for loops unrolled the ECDSA algorithm so that the code executed quickly. 4.4.2 Optimization using force reduction This is an optimization technique in which one type of operation is replaced by another type of operation, with operations that are computationally expensive replaced by simpler ones having an equivalent effect. The C code of the ECDSA algorithm includes numerous operations of.