README for TinyECC Version 0.2 Author/Contact: aliu3@ncsu.edu Introduction ------------ TinyECC is a software package providing Elliptic Curve Cryptography (ECC) on TinyOS. By using this package, you can do all elliptic curve operations, including point addition, point doubling and scalar point multiplication. In addition to the basic elliptic curve operations, we also implement ECDSA operations (signature generation and verification) in this package. The natural number operations in TinyECC are based on RSAREF2.0. We plan to include other ECC schemes (e.g. ECDH) in this package in the future. All recommended 128-bit, 160-bit and 192-bit Elliptic Curve Domain Parameters over F_p by SECG are supported. TinyECC has been tested on both MICAz and TelosB. How to install -------------- Only steps 1~3 are required for using TinyECC. 1) Install TinyOS 1.1.11 or a later version(1.x). 2) Extract TinyECC.zip to directory /opt/tinyos-1.x/apps/TinyECC. 3) Add the following lines into your makefile if your program is in another directory. (Note that the maximum payload size in IEEE 802.15.4 is 102 bytes. The test program requires a packet with more than 29 bytes (the TinyOS default maximum payload size) to include an ECDSA signature.) CFLAGS+=-DMICA //use MICAz CFLAGS+=-DSECP160R1 //use secp160r1, check Makefile in TinyECC for more options MSG_SIZE=102 //change maximum payload size to 102 PFLAGS=-I../TinyECC //include TinyECC package Steps 4~6 are necessary only if you want to use ECDSA in Java program. 4) Install JDK5.0 (http://java.sun.com/j2se/1.5.0/download.jsp) and Bouncy Castle Provider for JCE (http://www.bouncycastle.org/). (This step is necessary to use ECDSA in Java program.) 5) Download and install Sun's javax.comm package from http://java.sun.com/products/javacomm/. You can use the following steps (instructions for a cygwin shell), assuming you install JDK in C:\Program Files\Java\jdk1.5.0: unzip javacomm20-win32.zip cd commapi cp win32com.dll "c:\Program Files\Java\jdk1.5.0\jre\bin" chmod 755 "c:\Program Files\Java\jdk1.5.0\jre\bin\win32com.dll" cp comm.jar "c:\Program Files\Java\jdk1.5.0\jre\lib\ext" cp javax.comm.properties "c:\Program Files\Java\jdk1.5.0\jre\lib" 6) There is a bug in Java Runtime Library (rt.jar). You have to fix it if you want to use Koblitz curve in your Java programs. Fix it using following steps, assuming you install JDK in C:\Program Files\Java\jdk1.5.0: - Unzip C:\Program Files\Java\jdk1.5.0\src.zip. - Find EllipticCurve.java in C:\Program Files\Java\jdk1.5.0\src\java\security\spec\. In function checkValidity, modify "c.signum() != 1" to "c.signum() == -1". - Compile EllipticCurve.java to EllipticCurve.class. - Replace the old EllipticCurve.class in C:\Program Files\Java\jdk1.5.0\jre\lib\rt.jar with the newly compiled EllipticCurve.class. Interfaces provided ------------------- 1) NN.nc defines the interface NN, which provides big natural number operations. Please read NN.nc for more details. NNM.nc implements this interface. 2) ECC.nc defines the interface ECC, which provides the basic elliptic curve operations and enhanced elliptic curve operations based on sliding window method. Please read ECC.nc for more details. ECCM.nc implements this interface. 3) ECDSA.nc defines the interface ECDSA, which provides the ECDSA signature generation and verification. Please read ECDSA.nc for more details. ECDSAM.nc implements this interface. 4) SHA1.nc defines the interface SHA1, which provides the SHA-1 functions. Please read SHA1.nc for more details. SHA1M.nc implements this interface. 5) CurveParam.nc defines the interface CurveParam, which provides one function to get the parameters of elliptic curves and another function for optimized multiplication with omega. secp128*.nc, secp160*.nc, secp192*.nc implement this interface to provide parameters for SECG defined elliptic curves. You only need to define curve name in your makefile to select the elliptic curve parameters. Examples -------- Example 1 This example shows how to use TinyECC when public key is predistributed. We use two sensors in this example. One sensor is Alice, another is Bob. Suppose Alice's public key is predeployed in Bob. Alice broadcasts packets with signature. Bob verifies all packets from Alice. For Alice, red LED indicates the signature generation. For Bob, red LED means Bob is verifying the signature. If signature is correct, Bob will toggle the green LED. Otherwise Bob will turn on all three LEDs. If you are using MICAz, take the following steps. Suppose the programming board MIB510 is connected to COM4. make -f makefile_Bob micaz install mib510,/dev/ttyS3 make -f makefile_Alice micaz install mib510,/dev/ttyS3 If you are using TelosB, take the following steps. select TelosB in makefile_Alice and makefile_Bob make -f makefile_Bob telosb install make -f makefile_Alice telosb install Example 2 testECDSA.nc and testECDSAM.nc are used to measure the execution time of TinyECC. Use the following steps to run this example. Assume you are using MICAz, mib510 Programming and Serial Interface Board, which is connected to COM4. 1) Program node, and then leave the node on the programming board. make micaz install mib510,/dev/ttyS3 2) Run SerialForwarder. java net.tinyos.sf.SerialForwarder -comm serial@COM4:57600 & 3) Run show_result. java show_result If you are using TelosB, take the following steps. 1) Plug TelosB into USB port. Suppose the corresponding serial port is COM5. comment out the line for MICAz in Makefile uncomment the line for TelosB in Makefile make telosb install 2) Run SerialForwarder. java net.tinyos.sf.SerialForwarder -comm serial@COM5:telos & 3) Change variable n_ticks in show_result.java to 32768. Compile and run show_result. javac show_result.java java show_result Inline Assembly Code -------------------- There are some inline assembly code in NNM.nc to speed up natural number operations. These inline assembly code are written in AVR instruction set. If you want to use TinyECC on other 8-bit platforms, you must comment "#define INLINE_ASM" in NN.h. Acknowledgement --------------- NNM.nc is based on the natural number operations in RSAREF2.0. TODO ---- 1) Implement hybrid multiplication in assembly code for TelosB. (Due to time reason, our current implementation focuses on MICAz.) 2) Port TinyECC for 32-bit processor based sensor(e.g. Imote, Imote2) 3) Add other ECC schemes (e.g. ECDH, ECAES) into TinyECC.