Secure Communication in Factories - Benchmarking Elliptic Curve Diffie-Hellman Key Exchange Implementations on an Embedded System

Abstract

Securing factory communication to protect corporate data is an important concern in the context of the Industrial Internet of Things (IIoT). Various cryptographic protocols can be used to establish secure communication channels. One of these protocols is the Transport Layer Security 1.3 (TLS 1.3) protocol. A key component of the TLS handshake protocol is the Elliptic Curve Diffie-Hellman Key Exchange (ECDHKE), a public key cryptosystem used to exchange keys over insecure channels which can be based on a number of standardized elliptic curves. A special form of elliptic curves are Montgomery curves which are advantageous compared to more traditional Weierstrass curves due to their fast arithmetic. This is especially important when the ECDHKE is performed on embedded devices and in time-critical situations. In this work, the performance of ECDHKE implementations using standardized Montgomery curves Curve25519 and Curve448 included in the wolfSSL library are evaluated on an embedded 32-bit STM32L476RG Nucleo development board designed by STMicroelectronics. The benchmark results show that using Curve25519 with around 220ms for the key pair generation and the key agreement respectively is approximately 75% faster than using Curve448 with around 900ms for each of the algorithms, which can be attributed to their differing security levels. These results suggest that the algorithms might not be fast enough for time critical situations.