Hardware Implementation of Text Encryption
using Elliptic Curve Cryptography over 192 bit
Prime Field
Mohita Jaiswal∗ , Kusum Lata†
mohitajaiswal166@gmail.com∗ , kusum@lnmiit.ac.in†
Department of Electronics and Communication Engineering
The LNM Institute of Information Technology
Jaipur (Rajasthan), India 302031
Abstract—With the continuous evolution of the global
internet, the security of exchanging information has become
increasingly serious. Many malicious entities can retrieve
the valuable information via an unsecured medium. In
this regard, Elliptic Curve Cryptography (ECC) is widely
accepted and has become the attractive choice for encrypting
information. Many researchers have studied the security of
ECC and indicated as one of the most secure cryptographic
algorithms. This paper discusses the design and implemen-
tation of Text Encryption using ECC over 192 bit prime
Field on FPGA. The proposed 192 bit ECC encryption and
decryption modules are modeled in Verilog and simulated
using Xilinx Vivado 2016.2. In this paper, FPGA chosen here
is AC-701 which is evaluation board based on the Artix-
7 FPGA from Xilinx. Furthermore, the work demonstrates
the resource utilization and power consumption of proposed
encryption and decryption modules on FPGA. The authors
also presented the throughput analysis of different operations
of design.
Index Terms—Cryptography, ECC, Encryption, Decryp-
tion, FPGA, Synthesis
I. I NTRODUCTION
In this Global Era, Security of private information is
becoming a major challenging issue. This is due to data
transmission over open networks such as an internet. To
ensure data privacy, Cryptography has become a crucial
tool that deals with the actual securing of digital informa-
tion against unauthorized access [1]. In order to protect
information from a potential hacker, the traditional public
key cryptosystems such as Digital Signature Algorithm
(DSA), ElGamal, and Rivest-Shamir-Adleman(RSA) are
inadequate due to the availability of a longer size of keys
[2]. Therefore, the another cryptosystem based on Elliptic
Curve Cryptography (ECC) is becoming more demanding
because it offers better performance with the equivalent
security level and having significantly smaller keys as
compared to other cryptosystems [3]. The benefits of ECC
gave rise to a variety of applications areas such as smart
card [4], Radio Frequency Identification (RFID Tag) [5],
medical and health care [6] and Wireless Sensor Networks
[7] etc.
ECC is a relatively new cryptosystem, was invented
independently by Victor Miller [8] and Neal Koblitz [9]
in mid-1980. The popular standard Diffie-Hellman (DH)
key exchange protocol [10] is replaced with Elliptic Curve
Diffie-Hellman (ECDH) for key exchange over the elliptic
curve.The combination of ECC with DSA [11] can be
used for message signing and by combining Elgamal
978-1-5386-5314-2/18/$31.00 ©2018 IEEE 343
with ECC can be used for encryption. The security of
ECC comes from the difficulty of Elliptic Curve Discrete
Logarithm Problem (ECDLP) just as DH, depends on the
discrete logarithm problem (DLP) and RSA relies upon
the factoring problem. The ECDLP defines as if P and
Q are points on the curve, then kP = Q where, ‘k’ is a
scalar then it is complex to obtain ‘k’ even if P and Q
are known hence, this problem can be used to achieve a
higher level of security in cryptosystems. [12].
Over the past couple of years, ECC is well accepted in
the industry and has been adopted by many standards such
as NIST [13], IEEE [14], ANSI [15], ISO [16], and SEC2
[17]. The features of ECC includes strong security, smaller
key length, and fast computations, make ECC one of the
most secure algorithm to be implemented on Hardware.
[18].
A. Related Works
Authors in [19] have proposed the FPGA implemen-
tation of elliptic curve cryptography using montgomery
point multiplication in order to protect the security of
web transactions. Another FPGA implementation of ECC
is presented by authors in [20] using Montgomery Mul-
tiplication for Equal Key and Data size over GF (2m )
for Wireless Sensor Networks. Authors in [21] presented
implementation of Elliptic Curve Cryptography engine
over a binary field for Personal Communication Systems
on FPGA. Author in [22] have proposed a scalable GF (p)
elliptic curve processor architecture for programmable
hardware and also an inverter based on Fermat’s theorem
for computing inversion operation and for computing
modular multiplication a high radix montgomery multi-
plier is used.
B. Contribution and Outline
In this paper, Authors have implemented Text encryp-
tion using ECC over a 192-bit prime field in an affine
coordinate system on FPGA. Firstly, the Text message is
encoded to an affine point on the elliptic curve and further,
the algorithm is implemented on Hardware to analyze the
performance in terms of area and speed.
This paper is organized as follows. Section II introduces
Elliptic curve cryptography over Prime Field Fp . Section
III describes the ECC Algorithm. Section IV presents
Design and implementation of ECC over Fp . Section
V presents Results and Analysis. Finally, the paper is
concluded in Section VI.
II. E LLIPTIC CURVE CRYPTOGRAPHY OVER P RIME
F IELD Fp
An elliptic curve E over prime field Fp takes the general
form as
y 2 = x3 + ax + b mod p (1)
where, a and b are constant parameter and x and y are
the elements of finite field Fp , for different values of a
and b, different elliptic curves can be obtained. The values
of a and b should satisfy the given condition,
4a3 + 27b2 mod p 6= 0 (2)
where p is prime number. The set of points on the
elliptic curve E is represented by #E(Fp ) is a finite abelian
group. It is defined over (Fp ) as nh, where n is the order
of the curve and the integer h is a cofactor such as h =
#E(Fp )/n. ECC operations includes finite field arithmetic (
multiplication and inversion), and Group operations(point
addition, point doubling and point multiplication) are
discussed in this section.
A. Point Multiplication (Double and Add algorithm)
The most important and time consuming operation of
elliptic curve cryptography is called point multiplication.
A Point P is multiplied by a positive integer k resulting in
another point Q on the elliptic curve. The multiplication
can be performed by repeated number of point additions
and point doubling
Q = P + P + P + P. . . k times = kP
There are several ways to implement point multiplica-
tion [23]. The algorithm is implemented using right to left
binary point multiplication [24]. Point addition and Point
doubling are the group operations to perform point mul-
tiplication on an elliptic curve. In order to compute point
addition and doubling operations, modular multiplication
and inversion operations are required. The calculations for
point addition and doubling for an affine coordinate are
given below. Let P = (x1 , y1 ) and Q = (x2 , y2 ) ,then
R = (x3 , y3 ) =P + Q is given by:
x3 = λ 2 − x1 − x2 mod p (3)
y3 = λ(x1 − x3 ) − y1 mod p (4)
where
 y −y
2 1
 mod p; if P 6= Q(P ointAddition)
x2 − x1

λ = 3x2 + a
 1
 mod p; if P = Q(P ointDoubling)
2y1
(5)
B. Point Subtraction
Consider two distinct points P and Q such that P =
(x1 , y1 ) and Q = (x2 , y2 ). Then P − Q = P + (−Q)
where −Q = (x2 , −y2 ) mod p.
344
C. Modular Multiplication
Modular Multiplication means multiplying two integers
modulo p. There are various techniques to implement
modular multiplication [25]. The Computation of M =A×
B mod p is implemented by using shift and add multi-
plication algorithm [26], where A and B are two k-bit
positive integers and p is a prime number.
D. Modular Inversion
Modular inversion field operation in ECC is costly
operation to be implemented on hardware. The definition
of the modular inversion operation can be presented by
following equation
R = A−1 mod p (6)
where p is prime and A is an integer. There are different
ways to implement modular inversion [27]. An efficient
algorithm for inversion based on the binary method which
is known as binary inversion algorithm is implemented.
[28].
III. ECC A LGORITHM
Elliptic Curve Cryptography consists of three distinct
operations: key generation, encryption, and decryption.
These operations are required to build a valid cryptosys-
tem. Since ECC is public key Cryptography, a public
and private key are required to perform cryptographic
operations and a prime field is also chosen with a large
number of points on the elliptic curve. The operations in
these sections are defined on an affine coordinate system
which is used to represent elliptic curve points in form of
(x,y) defined over prime field.
A. Key Generation
Let us assume Alice and Bob are the two communica-
tion parties and a common elliptic curve E with specific
domain parameters D is chosen so that both the parties
should agree. The communicating parties agrees upon an
Elliptic curve equation y 2 = x3 +ax+b with the generator
point G. The selection of Alice‘s private key ‘nA ’ should
lie in the interval of [1,n-1] and Bob‘s private key ‘k’
lies in interval [0,n-1] where n is the order of curve. The
public key ‘QA ’ is generated by Alice using her private
key ‘nA ’i.e. QA = nA G.
B. Encryption
After receiving Alice‘s public key ‘QA ’, Let Bob wants
to send message to Alice, then Bob has to encode mes-
sage as a point on an elliptic curve using the Koblitz
method.[29]. To ensure message security, it is essential
to choose a prime large enough such that the condition
p > m is satisfied and computing |E(Fp )| is difficult for a
potential hacker. Here, p is large prime integer and m
is message in integer form. The process of generating
point M(x,y) from message integer is known as Message
encoding. Figure.1 shows Flow chart of encoding message
to an affine point.
At the encryption side, after the generation of point
M(x,y), Bob will encrypt the message using his pri-
vate key k, will generate cipher text points C1 =kG and
C2 =M +kQA and send pair of cipher text points to Alice
C={ C1 ,C2 }.
Figure 1. Flowchart for message encoding
C. Decryption
Alice will receive the message in form of cipher text and
will decrypt pair of Cipher text C using her private key
‘nA ’, and get back the original message M =C2 + (-nA C1 ).
345
The message M(x,y) in coordinate form is transformed to
integer form m using equation (7)
jxk
m= (7)
d
where x denotes the coordinate of M(x,y) and d is a ran-
dom number. This process of conversion is called message
decoding. After decoding, the message m is converted
back to ASCII values by using following equation (8)
j m k
ak = k−1 mod b (8)
b
where, b = 28 represents an 8-bit encoding system for
ASCII values and ak denotes sequence of ASCII values
corresponding to a particular character.
Figure 2 represents Encryption and Decryption Process
Figure 2. Encryption and Decryption process
IV. D ESIGN AND I MPLEMENTATION OF ECC OVER Fp
The hardware implementation of ECC has two impor-
tant stages. In the first stage, finite field, type of elliptic
curve, point multiplication algorithm and structures related
to field operations are selected and in the second stage,
the hardware module of the encryption and decryption
operation are designed based on group operations.
A. Point Multiplication Module
The hardware module of Point Multiplication is shown
in Figure 3 where, points G(x,y) and ‘k’ are inputs and
‘kG’ is output of module. The entire module is divided
into three functional blocks which are Point Multiplica-
tion, Group operations and Field operations. The Field
operation block consists of 2 basic arithmetic operations,
which are field inversion and multiplication. These oper-
ations are combined to compute point doubling and point
addition operation. The computation of point multiplica-
tion can be achieved by using point doubling and point
addition operation. The efficiency of ECC implementation
depends on point multiplication operation.
B. Encryption module of ECC
The hardware module of encryption operation as shown
in Figure.4 consists of functional blocks which are Point
multiplication, Point addition, Message Encoding and Text
to message integer. In order to generate cipher text C1
and C2 , encryption operation is performed. The value of
inputs k (Bob’s private key), QA (Alice’s Public Key),p,
a, G(x, y) and text are stored in the registers. When reset

Figure 3. Hardware Module of Point Multiplication
is ‘0’,the intermediate signal registers are updated with
new result for every clock cycle. Finally, the output flag
will be enabled once the encryption operation is complete,
and the results are stored in output registers C1 (x,y) and
C2 (x,y).
Figure 4. Encryption Module of ECC
C. Decryption module of ECC
The hardware module of decryption consists of func-
tional blocks which are Point Multiplication, Point Sub-
traction, Point Addition, Message Decoding and Message
integer to Text that is shown in Figure.5. The input
registers nA (Alice’s private key), C1 (x,y), C2 (x,y), p and
a are initialized with the values and when reset is ’0’,
all the intermediate signal register are updated with the
values and the output done signal will be enabled after
the completion of decryption operation. Finally, the text
is stored in output register.
Figure 5. Decryption Module of ECC
V. R ESULTS AND A NALYSIS
The proposed Encryption and Decryption modules are
designed using verilog and implemented using Xilinx
Vivado 2016.2 targeting Artix-7 XC7A200T-2FBG676C
FPGA and the synthesis of individual modules are
performed for validating the functional correctness.
The simulation is performed using 192 bit prime field
recommended by Standards for efficient Cryptography
346
(SEC). Authors have chosen secp192r1 elliptic curve for
implementation. For 192 bit prime field [17], the Domain
parameters of the simulation are as follows.
a=62771017353866807638357894232076664160839087
00390324961276
b=24551555460089438177402939151974517847691080
58161191238065
p=62771017353866807638357894232076664160839087
00390324961279
(Gx,Gy)=(6020462823756886567582134805875261119
16698976636884684818,17405033229362203140485755
2280219410364023488927386650641)
n=627710173538668076383578942317605901376719477
3182842284081
Here, a and b are the constants of elliptic curve equation
y 2 = x3 + ax + b , p is prime number, Gx and Gy are
the Generator points on elliptic curve and n is order of
curve.
Private Key of Alice
nA =313855086769334038191789471160383320805175
4182984320679936
Using nA , Alice will generate public key QA . Figure.6
shows the simulation results of Key Generation, where
the values marked in red Qx and Qy is the public key.
The length of all the input and output registers is 194 bit.
(Qx,Qy)=(36591588550985238147268665049267357041
20219521172622594901,40802523554242910267751316
96754611502021596946231326591955)
Plaintext-Information Technology
m=45422645502770208236937639888420609593460877
844442697
(Mx,My)=(45422645502770208236937639888420609593
46087784444269700001,596646453030554332260399061
1424318052065155814385105872856)
Here, ‘m’ denotes message in integer form after
converting text into Big integer and (Mx,My) denotes
message point after encoding ‘m’ to an affine point.
Private Key of Bob
k=353086972615500792965763155055431235905757493
7511019413504
Figure.7 shows simulation results of ECC encryption
where, Plaintext is the input and the intermediate signals
‘m’, Mx, and My are marked in Blue. The output cipher
text c1x, c1y, c2x and c2y are marked in red.
(c1x,c1y)=(4016168941719717467480618153114166077
04852666483307290545,2870265751722343768139602
470685059913877903442660446421553)
(c2x,c2y)=(3023768178548592913653648502430596201
058809697810258266346,41976107783907043445133
10194760093759542266352881810249815)
Figure.8 shows simulation results of ECC Decryption
where, c1x, c1y, c2x, and c2y are the input ciphertext. The
output message point Mx, My, and Plaintext are marked
in Blue. The intermediate signal m is marked in red.
(Mx,My)=(45422645502770208236937639888420609593
46087784444269700001,596646453030554332260399
 Figure 6. Simulation Results of Key Generation

Figure 7. Simulation Results of ECC Encryption

Figure 8. Simulation Results of ECC Decryption

0611424318052065155814385105872856) coordinate point M(x,y) on elliptic curve.

m=4542264550277020823693763988842060959346087
7844442697
Plaintext-Information Technology
A. Resource Utilization
The results of ECC encryption and decryption module
are analyzed in the form of resource utilization. Table I
shows the utilization summary of resources for encryption
and decryption operation targeting particular device Artix-
7 XC7A200T-2FBG676C FPGA.The number of resources
consists of Look-up table (LUTs), LUTRAM, FlipFlops
(FF) and clock Buffer (BUFG) are available for Artix-7
FPGA. The percentage of usage shows that the utilization
of encryption module is more as compared to decryption
module due to the conversion of message m into an affine
B. Power Analysis
The results of the design are analyzed in the form of
power requirement for encryption and decryption mod-
ule targeting particular device. Table II shows the static
power analysis for both the modules and also shows the
distributed power consumption between clocks, logics and
signals. The analysis of power is important for crypto-
graphic devices because an attacker can reveal some con-
fidential information by observing the power consumption
on a device.
C. Throughput Analysis
Table III shows the operating frequency and latency
of different operations of design. The results are also

347
 Table I
U TILIZATION S UMMARY

Utilization Utilization
Usage Usage
Device Resources Available (Encryption (Decryption
(%) (%)
Module) Module)
LUTs 133800 84706 63.3% 3811 3.3%
Artix-7 LUTRAM 46200 24 0.05% 24 0.05%
(ac-701) FF 267600 10617 3.97% 5378 2.01%
BUFG 32 3 9.38% 3 9.38%

Table II
P OWER C ONSUMPTION R EPORT

Static Total
Device Module Clocks Signals Logic
Power Power
Artix Encryption 0.001W 0.369W 0.318W 0.134W 0.822W
(ac-701) Decryption 0.001W 0.002W 0.001W 0.131W 0.135W

Table III
T HROUGHPUT A NALYSIS

Clock Latency Throughput

Prime Size Operations
Frequency(MHz) (µs) (Kbits/s)
Modular
54 2.8 3.7
Multiplication
Modular Inverse 90 1 17.2
Point Addition 43.9 7.02 1.2
192 bit
Point Doubling 48.3 6.9 1.3
Point Multiplication 43.2 1002 0.082
Encryption 48.4 1007 0.092
Decryption 43.8 1006 0.083

Table IV implement Text encryption using ECC algorithm with

C OMPARATIVE R ESULTS different prime field and key size on FPGA.
Point
Clock R EFERENCES
Reference Prime Size Multiplication
Frequency
(Latency) [1] J. Katz, Y. Lindell, Introduction to Modern Cryptography, (2nd
Proposed edition) [online] https://books.google.co.in.
192 43.2 MHz 1ms
Work [2] W. Diffie and M. E. Hellman, “New Directions in Cryptography”,
Paar[21] 192 40 MHz 3ms IEEE Transactions on Information Theory, vol. 22, pp. 644-454,
1976.
[3] G. Harper, A. Menezes, and S. Vanstone, “Public-key cryptosystems
analyzed in the form of throughput for different opera- with very small key lengths”, Advances in Cryptology-EUROCRYPT
’92, Lecture Notes in Computer Science, 1992, pp. 163-173.
tions. The throughput (T ) is basically number of results [4] H. Pietiläinen, “Elliptic curve cryptography on smart cards.” M.Sc.,
produced per unit of time. It is given as ratio of frequency Helsinki Univ. of Technology, 2000.
of operation (F o) to the latency (L) multiplied by input [5] Q. Qian, Y. L. Jia, and R. Zhang, “A Lightweight RFID Security
Protocol Based on Elliptic Curve Crytography”. in International
size. Here, latency defines as the number of clock cycles Journal of Network Security, vol. 18, no. 2, pp. 354-361, 2016
required to perform particular operation. To calculate the [6] S. K. Shankar, A. S. Tomar, and G. K. Tak, “Secure medical data
throughput of the design, the following equation can be transmission by using ECC with mutual authentication in WSNs.”
in Procedia Computer Science, vol. 70, pp. 455-461, 2015.
used. [30]. [7] M. H. Ahmed, S. W. Alam, N. Qureshi, and I. Baig, “Security
  for WSN based on elliptic curve cryptography.”in International
Fo Conference on Computer Networks and Information Technology
T = × 192 (9) (ICCNIT), IEEE, 2011, pp. 75-79.
L
[8] V. Miller, “Use of Elliptic Curves in Cryptography”, Advances in
The comparative results with existing literature work are Cryptology - Crypto ’85 proceedings, Lecture Notes in Computer
presented in Table IV. Table IV shows comparison of clock Science, vol. 218/1986, 1986, pp. 417-426.
[9] N. Koblitz, “Elliptic Curve Cryptosystems”, in Mathematics of
frequency and latency of point multiplication operation Computation, vol. 48, no. 177, pp. 203-209, 1987.
with existing work. [10] R. R. Ahirwal, and M. Ahke. “Elliptic curve diffie-hellman key
exchange algorithm for securing hypertext information on wide
VI. C ONCLUSION AND F UTURE W ORK area network.” in International Journal of Computer Science and
Information Technologies, vol. 4, no. 2, pp. 363-368, 2013.
The hardware implementation of ECC Text Encryption [11] A. Abidi, B. Bouallegue, and F. Kahri, “Implementation of elliptic
and Decryption over the 192-bit prime field is proposed. curve digital signature algorithm (ECDSA).” in Global Summit on
The efficiency of ECC cryptosystem in terms of area and Computer & Information Technology (GSCIT), IEEE, 2014, pp. 1-6.
[12] D. H. A. Menezes and S. Vanstone, “Guide to Elliptic Curve
power consumption is analyzed. The point multiplication Cryptography”, Springer, 2004.
operation exhibits high operating frequency and low la- [13] FIPS, Federal Information Processing Standards Publications
tency as compared to existing work. Encrypting text using (FIPS)186-2, U.S. Department of Commerce/NIST: Digital Signa-
ture Standard (DSS), 2000.
ECC makes difficult for an attacker to break the security [14] IEEE P1363, Editorial Contribution to standard for Public Key
of the private key. Further, the authors have planned to Cryptography, 2000.

348
[15] ANSI X9.62-1999, the Elliptic Curve Digital Signature Algorithm,
ANSI, Washington, D.C., USA, 1999.
[16] ISO/IEC 14888-3, Information technology Security techniques
Digital signatures with appendix Part 3: Discrete logarithm based
mechanisms, 2006.
[17] SEC.2. Recommended elliptic curve domain parameters, Standard
for efficient cryptography. The SECG Group, 2000.
[18] T. Güneysu, and C. Paar, “Ultra high performance ECC over
NIST primes on commercial FPGAs.” in International Workshop on
Cryptographic Hardware and Embedded Systems, 2008, pp. 62-78.
[19] J. Huang, H. Li, and P.H. Sweany, “An FPGA implementation of
elliptic curve cryptography for future secure web transaction.” in
ISCA PDCS, 2007, pp. 296-301.
[20] M. B. I. Reaz, J. Jalil, H. Husian, and F. H. Hashim, “FPGA
Implementation of Elliptic Curve Cryptography Engine for Per-
sonal Communication Systems,” in WSEAS TRANSACTIONS on
CIRCUITS and SYSTEMS, vol. 11, 2012, pp. 82-91.
[21] G. Leelavathi, K. Shaila, and K. R. Venugopal. “Elliptic Curve
Cryptography implementation on FPGA using Montgomery multi-
plication for equal key and data size over GF (2m ) for Wireless
Sensor Networks.” in Region 10 Conference (TENCON), IEEE,
2016, pp. 468-471.
[22] G. Orlando and C. Paar, “A scalable GF (p) elliptic curve processor
architecture for programmable hardware” in International Workshop
on Cryptographic Hardware and Embedded Systems, 2001, pp. 356-
371.
[23] R. Bahram “A Survey on Hardware Implementations of Elliptic
Curve Cryptosystems.” CoRR abs/1710.08336 (2017).
[24] Debdeep Mukhopadhyay, Classnotes,Topic: “Elliptic Curve Cryp-
tography” Dept of Computer Sc and Engg IIT Madras.
[25] N. Nedjah, and L. de Macedo Mourelle. “A review of modular
multiplication methods and respective hardware implementation.”
Informatica, vol. 30, no. 1, 2006.
[26] E. Chiranth, H. V. A. Chakravarthy, P. Nagamohanareddy, T. H.
Umesh, and M. Chethan Kumar. “Implementation of rsa Cryptosys-
tem using verilog.” in International Journal of Scientific Engineer-
ing Research, vol. 2, no. 5, pp. 1-7, 2011.
[27] G. Lai, “Analysis of modular inverse GF (p) implementations.”
IEEE Trans. Inform. School Of Electrical Engineering And Com-
puter Science, Oregon State University, Corvallis, Oregon, vol.
97331, 2004.
[28] M. S. Hossain, and Y. Kong “High-Performance FPGA Imple-
mentation of Modular inverse over F256 for Elliptic Curve Cryp-
tography” in International Conference on Data Science and Data
Intensive Systems (DSDIS), IEEE, pp. 169-174, 2015.
[29] Reneẽ Brady. Florida AM University. Naleceia Davis. Spelman
College. Anna Tracy. University of the South, “Encrypting with
Elliptic Curve Cryptography”, July 2010
[30] R. Vig, and R. Tandon. “Performance Analysis of Elliptic Curve
Cryptography on Reconfigurable Hardware.” in Proceedings of the
World Congress on Engineering, vol. 1, 2008.

349