Michael Hutter

VLSI Projects

NaCl's crypto_box in Hardware

date: 18/06/2015

We present a low-resource hardware implementation of the widely used crypto_box function of the Networking and Cryptography library (NaCl). It supports the X25519 Die-Hellman key exchange using Curve25519, the Salsa20 stream cipher, and the Poly1305 message authenticator. Our targeted application is a secure communication between devices in the Internet of Things (IoT) and Internet servers. Such devices are highly resource-constrained and require carefully optimized hardware implementations. We propose the rst solution that enables 128-bit-secure public-key authenticated encryption on passivelypowered IoT devices like WISP nodes. From a cryptographic point of view we thus make a rst step to turn these devices into fully-edged participants of Internet communication. Our crypto processor needs a silicon area of 14.6 kGEs and less than 40uW of power at 1MHz for a 130nm low-leakage CMOS process technology.

The source files (VHDL code) of the project can be downloaded here (zip, 3.4 MB).