MIT's public-key encryption chip slashes power consumption by 99.75%

February 13, 2018 // By Julien Happich
Public-key encryption protocols are complicated and in computer networks, they’re executed by software, making them burdensome for low-compute power IoT devices. If embedded sensors are to maximize their battery life, then they can’t afford the energy and memory space that software execution of encryption protocols would require.

Given that premise, MIT researchers have built a dedicated chip hardwired to perform public-key encryption at only 1/400th the power that equivalent software execution would require, while using only a tenth of the memory and running 500 times faster.

The chip described in a paper presented at the International Solid-State Circuits Conference has been designed to be able to handle any type of elliptic-curve encryption.

“Cryptographers are coming up with curves with different properties, and they use different primes,” explains Utsav Banerjee, an MIT graduate student in electrical engineering and computer science and first author on the paper.

“There is a lot of debate regarding which curve is secure and which curve to use, and there are multiple governments with different standards coming up that talk about different curves. With this chip, we can support all of them, and hopefully, when new curves come along in the future, we can support them as well.”

To create their general-purpose elliptic-curve chip, the researchers decomposed the cryptographic computation into its constituent parts. Elliptic-curve cryptography relies on modular arithmetic, meaning that the values of the numbers that figure into the computation are assigned a limit. If the result of some calculation exceeds that limit, it’s divided by the limit, and only the remainder is preserved. The secrecy of the limit helps ensure cryptographic security.

One of the computations to which the MIT chip devotes a special-purpose circuit is thus modular multiplication. But because elliptic-curve cryptography deals with large numbers, the chip’s modular multiplier is massive. Typically, a modular multiplier might be able to handle numbers with 16 or maybe 32 bits. For larger computations, the results of discrete 16- or 32-bit multiplications would be integrated by additional logic circuits. The MIT chip’s modular multiplier can handle 256-bit numbers, eliminating the extra circuitry for integrating smaller computations and reducing the chip’s energy consumption while increasing its speed.