Skip to main content
  • Research Article
  • Open access
  • Published:

Supporting Symmetric 128-bit AES in Networked Embedded Systems: An Elliptic Curve Key Establishment Protocol-on-Chip


The secure establishment of cryptographic keys for symmetric encryption via key agreement protocols enables nodes in a network of embedded systems and remote agents to communicate securely in an insecure environment. In this paper, we propose a pure hardware implementation of a key agreement protocol, which uses the elliptic curve Diffie-Hellmann and digital signature algorithms and enables two parties, a remote agent and a networked embedded system, to establish a 128-bit symmetric key for encryption of all transmitted data via the advanced encryption scheme (AES). The resulting implementation is a protocol-on-chip that supports full 128-bit equivalent security (PoC-128). The PoC-128 has been implemented in an FPGA, but it can also be used as an IP within different embedded applications. As 128-bit security is conjectured valid for the foreseeable future, the PoC-128 goes well beyond the state of art in securing networked embedded devices.

[1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16]


  1. J. Krasner, “Using Elliptic Curve Cryptography (ECC) for Enhanced Embedded Security: Financial Advantages of ECC over RSA or Diffie-Hellmann (DH),” Embedded Market Forecasters, American Technology, 2004.

    Google Scholar 

  2. Panjwani P, Poeluev Y: Additional ECC Groups For IKE. IPSec Working Group, INTERNET-DRAFT, 1999

    Google Scholar 

  3. Aydos M, Yanik T, Koç ÇK: High-speed implementation of an ECC-based wireless authentication protocol on an ARM microprocessor. IEE Proceedings: Communications 2001,148(5):273-279. 10.1049/ip-com:20010511

    Article  Google Scholar 

  4. Diffie W, Hellman ME: New directions in cryptography. IEEE Transactions on Information Theory 1976,22(6):644-654. 10.1109/TIT.1976.1055638

    Article  MATH  MathSciNet  Google Scholar 

  5. ANSI X9.63 : Public Key Cryptography for the Financial Services: Key Agreement and Key Transport using Elliptic Curve Cryptogrphy. American National Standards Institute, 2001

  6. IEEE-P1363-2000 : Standard Specifications for Public Key Cryptography. Institute of Electrical and Electronics Engineers, 2000

  7. ISO/IEC-15946-3 : Information Technology-Security Techniques—Cryptographic Techniques based on Elliptic Curves-Part 3: Key Establishment. International Standards Organization, 2002

  8. ANSI-X9.62-1998 : Public Key Cryptography for the Financial Services: The Elliptic Curve Digital Signature Algorithm. American National Standards Institute, 1999

  9. Strangio MA: Efficient Diffie-Hellmann two-party key agreement protocols based on elliptic curves. Proceedings of the 20th Annual ACM Symposium on Applied Computing (SAC '05), March 2005, Santa Fe, NM, USA 1: 324-331.

    Google Scholar 

  10. Daemen J, Rijmen V: AES Proposal: Rijndael. National Institute of Standards and Technology, 1999

    Google Scholar 

  11. Kumar S, Girimondo M, Weimerskirch A, Paar C, Patel A, Wander AS: Embedded end-to-end wireless security with ECDH key exchange. Proceedings of the 46th IEEE International Midwest Symposium on Circuits and Systems (MWSCAS '03), December 2003, Cairo, Egypt 2: 786-789.

    Article  Google Scholar 

  12. Huang Q, Cukier J, Kobayashi H, Liu B, Zhang J: Fast authenticated key establishment protocols for self-organizing sensor networks. Proceedings of the 2nd ACM International Workshop on Wireless Sensor Networks and Applications (WSNA '03), September 2003, San Diego, Calif, USA 141-150.

    Google Scholar 

  13. Watro R, Kong D, Cuti S-F, Gardiner C, Lynn C, Kruus P: TinyPK: securing sensor networks with public key technology. Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '04), October 2004, Washington, DC, USA 59-64.

    Chapter  Google Scholar 

  14. Duraisamy R, Salcic Z, Morales-Sandoval M, Feregrino-Uribe C: A fast elliptic curve based key agreement protocol-on-chip (PoC) for securing networked embedded systems. Proceedings of the 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA '06), August 2006, Sydney, Australia 154-161.

    Chapter  Google Scholar 

  15. Hankerson D, Menezes A, Vanstone S: Guide to Elliptic Curve Cryptography, Springer Professional Computing. Springer, New York, NY, USA; 2004.

    Google Scholar 

  16. Stratix II Device Handbook, Volume 1 Altera, 2006

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Roshan Duraisamy.

Rights and permissions

Open Access This article is distributed under the terms of the Creative Commons Attribution 2.0 International License (, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Reprints and permissions

About this article

Cite this article

Duraisamy, R., Salcic, Z., Strangio, M.A. et al. Supporting Symmetric 128-bit AES in Networked Embedded Systems: An Elliptic Curve Key Establishment Protocol-on-Chip. J Embedded Systems 2007, 065751 (2007).

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: