Fast Elliptic Curve Cryptography in OpenSSL [chapter]

Emilia Käsper
2012 Lecture Notes in Computer Science  
We present a 64-bit optimized implementation of the NIST and SECG-standardized elliptic curve P-224. Our implementation is fully integrated into OpenSSL 1.0.1: full TLS handshakes using a 1024-bit RSA certificate and ephemeral Elliptic Curve Diffie-Hellman key exchange over P-224 now run at twice the speed of standard OpenSSL, while atomic elliptic curve operations are up to 4 times faster. In addition, our implementation is immune to timing attacks-most notably, we show how to do small table
more » ... ok-ups in a cache-timing resistant way, allowing us to use precomputation. To put our results in context, we also discuss the various security-performance trade-offs available to TLS applications.
doi:10.1007/978-3-642-29889-9_4 fatcat:2rui4auv65eobl4wsldewhpn2e