Implementation of ECC on FPGA using Scalable Architecture with equal Data and Key for WSN

—Security of data transferred on the Wireless Sensor Network is of vital importance. In public key cryptography RSA algorithm has been used for a long time, but it does not meet the constraints of WSNs. Elliptic Curve Cryptography(ECC) has been employed recently because of its highest security for same length bit. ECC point multiplication operation is time consuming which affects the speed of encryption and decryption of data. Security in WSNs is addressed in our work, where a modified ECC is designed by performing the point multiplication using Montgomery multiplication technique that achieves considerable speed and with reduced area utilization. The ECC is first simulated on different FPGA devices, with key length 11, 112, 131 and 163 bits and the area-speed tradeoff is compared. ECC algorithm is implemented with software and hardware choosing Artix 7 XC7a100t-3csg324 FPGA which supports key lengths of 11, 112, 131 and 163 bits. When implemented on a Artix 7 FPGA, it completes 163 bit data encryption operation over GF(2 163 ) in 1ms with the maximum frequency of 229MHz. The ECC algorithm is reconfigurable with low level to high level security with different bit key sizes. The proposed ECC algorithm modeled using VHDL and synthesized on Spartan 3 and 6, Virtex 4, 5 and 6 and Artix7 before the hardware implementation on Atrix 7. The design satisfies the needs of resource constrained devices by decreasing the encryption and decryption time to 1 ms with equal keylength and datasize, while device utilization is within 13%.


I. INTRODUCTION
Wireless Sensor Networks (WSNs) comprises of one or more base stations that are of low-cost, low power with multi-functional sensor nodes. WSNs form an adhoc network, which interact with one or more sink nodes with the outside world for communication. Execution of tasks between the sensors is instructed with data aggregation, followed by processing and transfer. The network connectivity and coverage area, always def nes maximum participating nodes in a sensor network. There exist a number of applications such as Industrial control, environment observation, health monitoring and military applications. In these scenarios frequently exchange of data among sensor nodes are done in insecure format. Hence, it is necessary to provide security for the WSNs against the threats in an unsecured channel that leads to achieve an integrity, authenticity and conf dentiality. In Wireless sensor networks security issues can be categorized as: key management, cryptography, secure routing, secure data aggregation and intrusion detection. Security requirements in WSNs are: • Data Confidentiality: Ensures that authorized sensor nodes, can only access the contents of messages.
• Data Authentication: Confirms identity of the sender i.e., data sent is from a known source.
• Data Integrity: Information cannot be modified easily. It is performed by encryption and digital signature.
• Data Freshness: This ensures that no old data is replayed. This type of security requirement is essential when keys are changed from time to time and when the key distribution occurs. • Data Availability: Ensures that services that are offered by WSNs or by a single node on demand.
In Embedded system market, WSNs applications have greater share with promising future. WSNs are deployed in many real-world applications, including Ambient Intelligence and Ubiquitous Computing. Owing to scarcity of energy, unsecure channel and intensive mathematical operations of asymmetric cryptographic primitives, it is difficult to realize secure WSNs. Due to these exclusive challenges, security of WSNs become a very important topic in the research area. Many mechanisms are explored to provide security for WSNs. Regardless of the efficiency of these mechanisms, sufficient security cannot be provided if they are implemented on top of unsecure platforms.
In certain application domains, security and privacy issues cause a great challenge for the current and future embracing of WSN technology. WSNs are hard to protect than a conventional network because the sensor nodes are often deployed in unattended environments. This implies that an attacker may be able to directly access individual node. In this scenario, an attacker capturing one or more nodes can extract secret keys by performing physical attacks. The adversary can manipulate the functionality of nodes to compromise the correct operation and/or security of the WSNs. As a result, WSNs necessitate a sophisticated security architecture that takes up these unusual threat scenarios and adversary models into account. Most of the security protocols designed on the basis of computation-demanding asymmetric/public key cryptography are not easily adaptable to WSNs, mainly due to the low processing power of sensor nodes.
WSNs security requirements are similar to Conventional Computer Networks. The parameters for instance, authenticity, confidentiality, integrity and availability are deeply considered in creation of a network environment. All security solutions designed for conventional computer networks cannot be implemented directly on WSNs. Due to high processing power, it was understood that the public key cryptography was not appropriate for WSNs. But through studies of encryption algorithms based on curves proved the feasibility of using public key cryptography in WSNs [1] [2]. Some of the public key cryptographic methods include RSA and Rabins scheme. RSA is one of the first practical public key crypotsystems and is generally used for secure data transmission.
Shaila et al., [3] discussed about constraints of WSNs and proposed a scheme called Modified Blooms Scheme (MBS). The asymmetric matrices of keys are used in place of symmetric matrices in order to establish secret keys between node pairs. Implementation emphasizes on improvement in network resilience against node capture attack. In [4] Secured data fusion technique reduces the packet drop that is caused by the malicious nodes and at the same time reduces the traffic load and increase the network life time. The network is secure and reliable. A light weight cryptosystem, using AES and ECC is proposed. ECC is used to verify the authenticity of the data that ensures data integrity and authenticity of node [5].
Specific architecture of sensor networks and resource limitations are identified for custom-made security mechanisms in WSNs. To accomplish the cryptographic computation there exist the following possible solutions: (i) Software (ii) Hardware with Application-Specific Integrat ed Circuits (ASICs) (iii) Hardware with Field-Programmable Gate Arrays (FPGAs). Solutions with software are cheaper and most flexible, but performance is slow. The solutions with ASICs are faster, inflexible performance, very expensive and needs long development time. The FPGAs solution is flexible, fast and the development time required is less [6] [ 7]. The advantages of using Reconfigurable Hardware FPGA for security algorithm implementations are: (i) Algorithm agility (ii) Algorithm upload (iii) Architecture efficienc y (iv) Resource efficiency (v) Algorithm modification, (vi) High Throughput and Cost efficient. Public Key Cryptography algorithms are the most promising schemes with respect to energy and time consumption, which makes it suitable for data encryption in WSNs. Motivation: Various security mechanisms projected for WSNs in literature avoids Private key/asymmetric primitives, as a result of their high energy and time utilization, in particular for software implementations. The conception of infeasibility of these asymmetric primitives has been changed moderately because of the development of new asymmetric algorithms which are more eff cient than RSA i.e., ECC. Elliptic Curve Cryptosystem with 163 bit is known to provide a security level comparable to that of a 1024-bit RSA-based cryptosystem. A 2048-bit RSA-based cryptosystem is comparable to a 224-bit Elliptic Curve Cryptosystem. The Elliptic Curve Cryptography (ECC) is expected to be the most suitable asymmetric cryptographic primitive for WSNs. In ECC the per-bit security is higher than in other asymmetric algorithms. ECC is derived from algebraic concepts associated with elliptic curves over Galois Fields i.e., binary f elds GF(2 m ) or prime f elds GF(P). Binary f elds are more attractive, for low energy hardware implementations. The operations engaged in binary f elds are only shifts and bitwise addition modulo 2 arithmetic [6]. Contribution: To achieve secure communication in WSNs, we have implemented public key cryptographic system based on Elliptic curves with Montgomery multiplication technique that promises faster and memory eff cient encryption and decryption compared to other traditional approaches. This work concentrates on the design and development of the ECC cryptosystem for sensor nodes used in WSNs. Montgomery Multiplier is used in the design for increasing the eff ciency of the system by optimizing the area and throughput parameters based on FPGA. Different FPGA with variable capacity has been chosen for simulation with bit sizes 11, 112, 131, 162 and the parameters are compared with earlier work. Our work concentrates on software implementation, followed by hardware implementations of PKC on FPGA.
Organization: In Section II research works related to security techniques, public key cryptography and elliptic curve cryptography, different multiplication algorithms are explained. Background work is discussed in Section III. In Section IV def nes the Problem and network model is described in Section V. Modular multiplication with Montgomery techniques and Elliptic Curve Cryptography are discussed in Section VI. Algorithm is explained in Section VII. Implementation and Performance Evaluation details are explained in Section VIII and Section IX respectively. Section X contains Conclusions.
II. LITERATURE SURVEY Neal Koblitz and Victor Miller proposed Elliptic Curve Cryptography (ECC) in 1985. Elliptic Curve Cryptographic schemes provide similar functionality as RSA schemes. Currently, ECC is treated as the most eff cient public key cryptosystem because it utilizes shorter keys. To implement public key cryptography in particular, ECC on Embedded devices, numerous researches were conducted. For computation of ECC scalar multiplication, in literature several hardware implementations have been reported.
Abidalrahman et al., [8] scrutinizes the security problems in WSNs scenario and checks the existing techniques to implement the cryptographic approaches used to provide security services for WSNs. Further, they have proposed a customized hardware platform to f x holes for Wireless Sensor Networks. The cryptoprocessor utilizes AES algorithm along with ECC. The synthesis results on Spartan VI shows utilisation of 4828 slices i.e., 53% of device utilization. Ajay et al., [9] demonstrated the hardware implementation of Elliptic Curve Cryptography on Vertex-Pro XCV1000 FPGA. Conditional successive subtractions used to perform the modular arithmetic division operations with reduction in area, that is suitable for the systems which has limited storage space and computation ability. Arya et al., [10] design and implement high performance cryptosystem on a single FPGA Virtex6 XC6VCX75T based on Elliptic curve cryptosystems with projective co-ordinate representation and normal basis representation over GF(2 m ) to reduce hardware complexity. A single module is used, on the basis time sharing and there is increase in hardware for implementing message encryption by 1%.
Bednara et al., [11] analyze how eff ciently mapping of f eld multipliers to lookup table based FPGAs can be done. A LFSR and a word-serial Massey-Omura multipliers are compared with respect to area and performance. The multipliers are analyzed in two different models (i) a classical 2-input gate model (ii) a 4-input LUT model for FPGA. Roy et al., [12] illustrate suitable scheduling for performing point addition and doubling in a pipelined data path of the ECSMA. It is observed high speed design with signif cantly low area due to better utilization of LUTs.
Shylashree et al., [13] introduce Ancient Indian Vedic Mathematics for prime f elds with Point addition, doubling to speed up Scalar Multiplication. Implementation emphasizes on point doubling rather than the complete ECC operation.Houssain et al., [14] provide, study of hardware implementations of ECC in Wireless Sensor Networks. ECC using normal basis representation over GF(2 m ) is implemented in this work.
Rahuman et al., [15] [16]propose an architecture with Lopez-Dahab Elliptic Curve Point Multiplication algorithm that is based on an eff cient Montgomery add and double algorithm using Xilinx XCSVLX200 FPGA device. GF (2 193 ) with Gaussian normal basis for f eld arithmetic, KaratsubaOfman multiplier and Itoh-Tsujii algorithm are used as the inverse component. The design lacks the storage and computational power.
Hassan et al., [17] investigate the strength of a hardware/software co-design techniques to realize a scalable Elliptic Curve Cryptography (ECC) processor with low resources. The processor designed with binary f nite f elds GF(2 m ) on an platform of FPGA. The software is run on a free-soft-core processor from Xilinx FPGA i.e., PicoBlaze. The two novel arithmetic circuits serve as the hardware platform to perform multi-precision arithmetic and scalable reduction. Cui et al., [18] introduced the concepts of Finite binary f eld and Public Key cryptography i.e., Elliptic Curve Cryptography. Some of the operations are optimized by mapping the ECC algorithm to hardware. Authors achieve a good speed up with their processor for ECC computing.
Thapiyal et al., [19] utilizes Vedic Mathematics to implement Elliptic Curve Encryption that speeds up the task of multiplication process. Houssain et al., [20] describe an implementation of an ECC crypto processor on a Nano Field Programmable Gate Array. Nano FPGAs provide groundbreaking possibilities with essential parameter i.e., power, size, cost and performance. The ECC crypto processor is coded with VHDL and synthesized on Nano FPGA Actel IGLOO AGLN250V2VQFP100 and satisfy the requirements of nodes in Wireless Sensor Network (WSN).
Hassan et al., [21] present, a scalable Elliptic Curve Point Multiplication on FPGA. Out of the two new low area designs, f rst design is a pure software implementation and second is novel hardware architecture. The designs are implemented on a PicoBlaze from Xilinx 8-bit embedded microcontroller which is a compact ECC processor. The device utilization is 23% and 61% with Spartan-III XC3S50.
Talapatra et al., [22] propose multiplication architecture based on Montgomery multiplication (MM) algorithm, for ECC. In order to simplify the multiplications over GF(p), the polynomial coeff cients are represented in Montgomery residue format. Carry-Save-Adder (CSA) based implementation is utilized to reduce the complexity of the MM architecture over GF(p). In the proposed architecture area complexity is signif cantly less. Leboeuf et al., [23] explicitly present a GPU implementation of the MM algorithm which is optimized for the GPUs SEVID architecture. The f eld sizes and parameter constraints required for Elliptic Curve Cryptography is also optimized.
Orlando et al., [24] present an optimized high performance elliptic curve co-processor that uses Lopez and Dahabs projective coordinate system specif cally for Koblitz curves, where a f eld multiplier performs a f eld multiplication over the extension f eld with degree of 163. A prototype processor runs at 66 MHz for both generic and Koblitz curve. On Xilinx XCV2000E FPGA prototype performs an elliptic curve scalar multiplication in 0.233 msec and 0.075 msec respectively. Sutter et al., [25] discuss the implementation of a new highspeed point multiplier used for Elliptic Curve Cryptography on ASIC. This works only for point multiplication than complete ECC operation. Inversion is performed using repeated multiplications and squaring requires extra time for computation.
Lee et al ., [26] propose a novel diverse Dual-Processing Element (Dual-PE) architecture based on priorityoriented scheduling of right-to-left double-and-add Elliptic Curve Scalar Multiplication (ECSM). Pontie et al., [27] designed a coprocessor that supports critical operations on ECC cryptosystem. It utilizes a window method that scans leftto-right the scalar value. The main drawback while using window method in scalar multiplication results in large area consumption because of variable window size and is not suitable for WSNs applications.
Munoz et al., [28] demonstrated the cryptoprocessors with two multipliers over f nite f eld GF(2 163 ) using digit-level processing. The Scalar Multiplication kP was performed using window-NAF algorithm with good computation time and area trade-off. It uses approximately 17% of the Arithmetic LUTs of FPGA. The architecture designed for generic curves and cannot be applied to accelerate scalar multiplication. Table 1 depicts the survey on different methods of implementations of scalar multiplication and cryptographic process using various techniques. Most of the works are implemented using FPGAs, few are with ASIC design. In [10]- [13] Elliptic Curve Scalar Multiplication architectures are implemented using different multipliers. In [16], the design is implemented on Xilinx XC4VLX200 device. In this FPGA 16.209 slices are utilized, which shows more hardware usage compared to our design. In [19] Vedic mathematics squaring architecture helps to accelerate the process of point multiplication. The complete encryption and decryption process using different FPGA devices are concentrated in [18] [20]. In [21], Montgomery multiplication algorithm with Lopex Dahab coordinates are utilized for the Hardware-software co-design with Picoblaze microcontroller with data width 8-32 bits and the design is implemented upto f eld width of 571 bits. But it leads to hardware complexity in implementation. ASIC implementation using MM architecture with primary f eld is discussed in [22]. The design uses Carry save representation of data for point multiplication. Further in [23] MM algorithm for the GPU with SIMD architecture, is heavily optimized for 112-521 bits. In [25][28] point multiplication is implemented using digit serial and window techniques. When these techniques are utilized for complete cryptographic process, mapping of area, energy consumption and computational time becomes very tedious to provide security for wireless sensor nodes. Our design involves the Montogomery Multiplication algorithm for the complete cryptographic process i.e., encryption and decryption with equal key and data sizes that achieve considerable area and time tradeoff.

A. Background
Xining et al., [18] propose an ECC based on FPGA. The computation process of ECC at bit level is parallelized. This modif cation achieves a considerable speed-up. The key lengths of 113-bit, 163-bit and 193bits are supported by this ECC processor which is implemented in hardware. Multiplication is performed according to Karatsuba algorithm that consumes area and time.
Houssain et al., [20] utilize nanoFPGA for the implementation of ECC for resource constrained devices, providing low level security. Double and Add algorithm is utilized for scalar multiplication that consumes more time to perform the operation in ECC. The synthesis results reveals the information that the bit size cannot be more than 11 bits as they have chosen nano FPGA. This criteria affects power, size and cost of the processor designed. These limitations are addressed in our work based on the selection of FPGA and algorithm for implementation [20].

B. Problem Definition
Cryptographic algorithms on general purpose processors are not suitable for WSNs. To achieve high performance, hardware implementations are of quite important to provide security against system intruders. In some asymmetric algorithms, a cryptographic task is time consuming and key lengths no longer provide suff cient protection from contemporary threats. The main problem in asymmetric algorithms is poor utilization of chip area, low performance and low throughput architectures. Further, many of the architectures do not utilize the area eff ciently resulting in high cost when implementation is done using silicon.

C. Objectives
The main objectives are : • Implement Elliptic Curve Cryptography on FPGA to increase the area utilization and speed. The area and throughput are traded that makes it suitable for Wireless Sensor Node Communication.
• Provide required security level, through selection of appropriate Elliptic Curve parameters set.

D. Assumptions
• Encode the character set to the points for elliptic curve with equation 1, by choosing p1(x,y), p2(x,y), p3(x,y) ., • The public key Kb (computed using Montgomery multiplication) of the sender is published and is made available to the receiver.
III. PRELIMINARIES The Public Key Cryptography (PKC) involves cryptographic operations which are computationally intensive and are incompatible for providing security services in WSN. Recently it has been proved that PKC is in fact possible to be realized in sensor networks. Even though its realization on WSNs is diff cult, Public Key Cryptography brings immense simplicity and effectiveness in providing security services.
Due to its less signif cant key size, Elliptic Curve Cryptography is having good potential for Wireless Sensor Network security, as there is a possibility to reduce key calculation time. It uses Scalar Multiplication that consumes around 80% of key computation time on WSNs motes. Elliptic Curve PKC Cryptosystems are upand-coming as a new creation of cryptosystems. They offer the smallest key size and maximum strength per bit in comparison to other public key cryptosystem. Smaller key sizes make them highly suitable for hardware implementation on FPGAs.
The earlier versions of PKC was very expensive but it is partially changed for WSN as a result of the existence of innovative hardware and software prototypes which are based on Elliptic Curve Cryptography and new Public Key Cryptography primitives.

E. Elliptic Curve Cryptography
A number of cryptographic schemes exists, based on elliptic curves that exert on a subgroup of points of an Elliptic Curve over a f nite f eld. Variables and coeff cients are constrained to elements of a f nite f eld. ECC relies on a group structure on an elliptic curve. Arbitrary f nite f elds are accepted to be appropriate for ECC. Two families of elliptic curves are def ned for use in cryptography, • Binary f elds denoted by GF (2 m ), where m is big integer.
• Prime f elds denoted by GF (p), where p is the big prime number.
In IEEE P1363 Public Key Cryptography are used for successful implementation of the Elliptic Curve Cryptography. The binary f eld uses only two coeff cients 0 and 1, hence coding can be done very easily and is well suited for hardware implementations. The prime f eld GF (p) ) requires the modular operations performing coprocessor that increases the speed of operation.
3 = 3 1 + + 1 + 1 The Elliptic curve point multiplication is computed by repeated point addition such as P + P +.... + P = k.P = R with k ∈ N and P, R ∈N. The elliptic curve points can be countable and can be added together. Addition of any two points on the elliptic curve results in a third point on the same curve. This process is called as point addition. Point doubling is def ned as adding a point with itself. The points along with the addition operation form a elliptic curve group.Group members are responsible for selecting the points for Elliptic Curve Cryptographic Implementations, which results in the formation of a f nite f eld. So groups and f nite f elds are two vital concepts required for the Elliptic Curve Cryptographic implementation.

IV. NETWORK MODEL
Consider a WSN Cryptography task consisting of a base station and limited mobile nodes which are stable in network. A typical sensor node with an 8 bit processor with frequency between 4-12 MHz, ROM, Flash memory, limited RAM, two AA batteries, an RF module complaint to the IEEE 802.15.4. Power limitation of sensor nodes constrains the 8-bit or 16-bit microcontrollers that consume low power but have restricted memory resources and low processing capabilities. The probability of communication failures in nodes are more in WSNs, than traditional networks as nodes are often located in unattended places and they use a limited power supply. When they are using cryptographic communication, they consume much more energy. In our proposed approach, the computation time, energy and hardware implementation of cryptographic applications are considered, to increase the average network lifetime.

Fig1. Block diagram of Network model
The proposed scheme is implemented in four phases.(i) Elliptic Curve Parameter Selection (ii) Key Generation (iii) Encryption (iv) Decryption Figure 1 shows the complete model in which the f rst step is to generate the keys. Both public key and private keys are generated by the sender and the receiver. The public key of the sender is published over the network, which is used for the decryption process. The encryption process utilizes the private key of the sender, provides enhanced security for data through digital signature and authentication.
With the aim of achieving essential requirements of security area and speed constraints, ECC algorithm is implemented using hardware. A high degree of f exibility with respect to the cryptographic algorithms is desirable in WSNs. Best solutions can be obtained by combining high f exibility with speed for different data widths and traditional hardware for physical security. It is implemented with cryptographic algorithms for FPGAs which are reconf gurable devices. FPGAs are hardware devices that can be programmed systematically. FPGA implementation can be simply upgraded to integrate a few protocol changes. Whereas ASIC, necessitates for expensive and time consuming physical design, fabrication and testing.

V. ALGORITHM A. Montogomery Algorithm
In our design, point multiplication is implemented using Montgomery point multiplication algorithm. Scalar or point multiplication over an equation (1) elliptic curve is carried out in three steps.
• Finite Field Arithmetic • Point Addition and Point Doubling • Scalar or Point Multiplication In this algorithm, the point multiplier is combination of point adder, doubler, squarer and inverter as shown in Figure 2. Pseudo code is given in Algorithm 1. In Figure 2, Point multiplier consists of point adder, point doubler and conversion module. The point multiplier diagram is shown in Figure 3. Advantages of Montgomery algorithm are: (i) on an average involves less number of f eld multiplications compared to the traditional method.
(ii) since projective coordinates are utilized instead of aff ne coordinates, inversion is performed at coordinate transformation step. (iii) it is secure against side channel attack. Therefore, Montgomery scalar multiplication algorithm is employed in this work for performing multiplication.

B. Montogomery Multiplication
Montgomery Multiplication algorithm is a very elegant and competent algorithm for manipulating the modular multiplication. A shift and modulus-addition operation, replaces the division operation, which are faster. The implementation of Montgomery multiplication involves the tradeoff between chip area and computational speed and appropriate for hardware implementation. Montgomery has a regular behaviour in execution of sequence of operations, irrespective of the value of bit of key. Performing the same operations over and over again is one of the advantages and this customary behaviour adopts it to be more resilient to attacks like side channel attacks, time and power analysis attacks. It is used in computation of the private keys by point multiplication and a scalable architecture that can be conf gured to attain the design tradeoff i.e., area-time. Xining et al., [18] along with double and add algorithm utilized Montgomery algorithm, their implementation is compared with our work in Table I and Table VI.

C. Montogomery Point Multiplication
There exists several algorithms for point multiplication over elliptic curve. The Montgomery point multiplication algorithm is used in our work. Point multiplication is all about the computation of kP, where k is an integer and P i.e., P(x,y) is a point on an elliptic curve E given by equation (1) and def ned over a f eld GF(2m). The execution time of Elliptic Curve Cryptographic Schemes is dominated by Point multiplication, which is also called Scalar Multiplication. The security of ECC is completely based on the stability of Elliptic Curve Discrete Logarithmic problem (ECDLP). The ECDLP f nds the value of k, given (P, Q) points on the def ned curve, k is scalar value, where Q=kP, and P is a p(x, y), a point on def ned Elliptic Curve.

D. Point Multiplier
The point addition and doubling are the two important operations of the Elliptic Curve Cryptography that decides its performance. This point addition requires mainly two points (i) one is in projective coordinate and (ii) other point aff ne coordinates. Finally, the results are in the projective coordinates.

E. Projective Coordinate System
An elliptic curve def ned by equation (1) comprises of the inf nity point O and a set of points in the aff ne coordinates (x, y) for x, y a f nite f eld GF(2 m ).A point on an elliptic curve can be represented in a projective coordinate system in the form (x, y, z). The Point addition in which p1=(x1, y1, z1), p2=(x2, y2, z2) and the resultant point p3 = p1 + p2. Point doubling is 2p1= (x3 , y3, z3). Point addition and doubling are signif cant operations in ECC algorithm. They are the construction blocks for scalar multiplications that are required for all ECC schemes. These addition and doubling operations in aff ne coordinate system demand modular inversion operations. The modular inversions are much more luxurious than other operations such as modular multiplications, which is not appropriate for wireless sensor nodes and resource forced devices.
By means of projective coordinate system, modular inversions can be replaced with a small number of modular multiplications and squares operations. As a result of this, the execution times of point addition and doubling based on projective coordinate system are faster. Use of Optimized ECC involves mixed point addition algorithm, which purely adds a point in projective coordinate and a second point in aff ne coordinate. To further reduce the number of modular multiplications and squaring operation this algorithm can be used in scalar multiplications, resulting in smaller and faster code.
The main purpose of our design is to optimize the parallel processing of Montgomery point multiplication and reduce chip area by using (i) Point doubler (ii) Point Adder and (iii) co-ordinate converter. The block diagram of a Point Multiplier is shown in Figure 3.  3) Coordinate Converter: The coordinate converter maps the four outputs in projective coordinates (X1, Z1, X2, Z2) into aff ne coordinate (xk, yk). The previous resources used for point addition and doubling, are utilized eff ciently to calculate conversions. Note that there is only one inversion in realization of coordinate converter as shown in Figure 6. The pseudocode is given in Function 3.

VI. IMPLEMENTATION
This section presents the design and key parameters considered for the hardware realization using Montgomery approach.

A. Design of Main Unit
The ECC algorithm was coded and modeled using VHDL and synthesized on different FPGA devices. As an accelerator/ application specif c processor, the main unit of ECC works like application software controlling data f ow, computation and the state of the processor. ECC algorithm works faster in FPGA than in software implementation. The design of main unit is followed using Finite State Machine (FSM).

B. Encryption Unit
The sender chooses a scalar value which is a prime number as his private key Kenc, for public key generation shown in network model in Figure 1. Using the Equation (1), the elliptic curve points are generated, out of those one point will be selected as generator point p(x,y) and this point is multiplied with the Kenc to generate pubic key of the sender i.e., Ka. This calculation is called point multiplication and given in Equation (6). In the same way the public key Kb of the Receiver is calculated in our implementation.
The encryption unit receives inputs plaintext (x, y), a generator point on the curve P(x, y), key for encryption Kenc and a public key of a receiver. This unit ouputs Cm, ciphertext (x, y) and public key of sender Ka.
In order to perform encryption of the message to obtain cipher text Cm, the private key of sender is multiplied with the public key of the receiver and the product is added to the message M. For example, in our implementation for 11bit data and key, the plaintext i.e., point on curve p(x,y) is choosen as p(ode, ode), and Kenc is 6ad. The cipher text obtained is Cm=(0336,0336). The above procedure is repeated for 112, 131, 163 bits. , = The decryption unit receives inputs ciphertext (x, y) public key of the sender, a generator point on the curve P(x, y), key for decryption Kdec and a public key of a receiver. This unit outputs plaintext (x, y). For example : the cipher text is Cm= (0336, 0336), the key for decryption Kdec is 6ad, the plaintext obtained is p(ode,ode) which is calculated using Equation (8). The above procedure is repeated for 112, 131, 163 bits.

VII. PERFORMANCE EVALUATION AND ANALYSIS
The FPGA approach is measured as one of the widely used prototyping environments. The FPGA solutions are considered more than a validation step with their adaptability to the re-use concept. Figure 8 shows Schematic Diagram of Main Unit which consists of both encryption and decryption of implemented VHDL code using Xilinx on FPGA. The Sections B and C describe the operation of modules.

A. Simulation Setup
The FPGA devices used in this work are Spartan 3 XC3S400-5pq208, Spartan 6 XC6s1X150t-3csg484, Virtex 4 xc4vlx200-11ff11513, Virtex 5 xc5vlx330t-2ft1738, Virtex-6 XC6vlx760-2ff1760, Artix 7 xc7a100t-3csg324. The Artix 7 xc7a100t-3csg324 is chosen for hardware implementation with Nexys4 board. The Nexys4 can host designs ranging from introductory combinational circuits to powerful embedded processors with its large, highcapacity FPGA, Xilinx part number XC7A100T-1CSG324C, liberal external memories, Ethernet, collection of USB and other ports. It consists of several built-in peripherals, including temperature sensor, an accelerometer, MEMs digital microphone, a speaker amplif er. A number of I/O devices allow the Nexys4 to be utilized for a broad range of designs without the requirement of any other components. The Artix-7 FPGA that is considered for this work is optimized for high performance logic, higher performance and more resources than earlier designs. Artix-7 100T features comprise 15,850 logic slices, each logic cell with four 6-input LUTs and eight FFs, 4,860 Kbits of fast block RAM, six clock management tiles with Phase-Locked Loop (PLL), internal clock speeds exceeding 450MHz, On-chip analog-to-digital converter, 240 DSP slices. B. Simulation Results Figure 9, 10, 11 and 12 show the simulation results with Atrix 7-Xc7a100t-3csf324. The parameters observed in the results are plain-text with 11 bits in Figure 9, 112 bits in Figure 10, 131 bits in Figure 11, 163 bits in Figure 12 and the key for encryption kenc and decryption kdec along with cipher text and plain-text. The timing diagram for corresponding data and key sizes are shown in Figure 9, 10, 11 and Figure 12 with same size input of plain-text and key size. The minimum input arrival time before clock and maximum output required time after clock for 11, 112, 131 and 163 bits are 2.286η seconds and 3.307η seconds, 2.354η seconds and 3.065η, 2.364η seconds and 3.083η seconds, 3.967η seconds and 4.797η seconds respectively. The synthesis results of 163 bits are shown in Figure 13.   Figure 14 gives the details of computational time with Atrix 7-Xc7a100t-3csf324 device. The encryption and decryption time with software and hardware implementation are compared. From graph as shown in Figure 14, it is experiential that the time required with software implementation is more than 2.5 milliseconds and it increases as the the number of input bit size increases. Whereas with hardware implementation the computational time is around 1.091 ms, for all input data size considered.
From Table II, Figure 14 and Figure 15, it is observed that the time required for the software implementation is more than 75% compared to the Hardware implementation. As the input data and key sizes increases i.e., from 11 bits to 163 bits the time increases from 2.5 milli seconds to 4.5 milliseconds. In comparison with previous results of [18] [19][20] [21], our implementation shows around 70% of improved software and hardware results with device utilization and computational time, maintaining input data and key sizes same.    Figure 16 shows the number of slices utilized for encryption and decryption operation with different key and data sizes. There is variation in device utilization with respect to the devices chosen i.e., Artix 7, Virtex 7, Virtex 5,Virtex 4 and Spartan 6. The overall percentage utilization of area is from 0% to 13%, i.e., is the improved results compared with previous implementations of [18] [19][20] [21]. Here, 0% indicates very low amount usage of devices. From the results, Table III and Table IV, the designer can select the desired device for implementation. The simulation results shown in Table IV and V gives detailed information about Utilization of Slices for different bits of data and key, along with encryption and decryption times. D. Performance Analysis From the table VI, it is observed that with software implementation, time consumption for encryption and decryption is more in [18] compared to our work. In Xining Cui et al., [18], as the number of data input bit size increases, the computation time increases, whereas in our implementation, it varies slightly with software implementation and almost remains constant with hardware implementation. It also shows that energy consumption required is less in our work in comparison with [18]. Level of security provided is good as data and key size is same. The work designed is most suitable for constrained environments such as Wireless Sensor Networks.
It is observed that from the graphs shown in Figure 17 and Figure 18 there is a great improvement in-terms of computational time both in hardware and software in comparison with [18]. The data-size is varied from 16 bits to 512 bits, with key size of 163 bits. As the data size increases, the software encryption time and decryption time also increases, whereas in our work, as the data and key size increases, there is a slight variation in the encryption time and it is repeated with software decryption time. The Hardware implementation shows same variation with bit-size maintaining constant key-size. The computational time remains constant for both encryption and decryption that avoids the attacks.   The proposed design gives a extensive reduction of around 70% computational delay time in comparison with earlier designs [18] [19][20] [21]. Enhancing the speed of most time critical part of Elliptic Curve (EC) Crypto schemes i.e., Point multiplication, enables the use of this method within combined Hardware/Software systems with reasonably 75% low computing time and 13% area utilization. Consecutively, the ECC algorithms in software facilitate algorithmic f exibility and at the same time the requisite performance is contributed by dedicated coprocessors. Whatever the value of scalar k in binary (0,1) point addition and doubling is performed in both hardware and software implementation. In all the iterations, that depends on the key size and key value in binary, the process of operation involved for binary 0 and binary 1, is similarly visible to an attacker who performs a side channel attack. On analysis of power and time consumption by the adversary, useful information about k cannot be obtained. Brute force attack is not possible as the key size used is large i.e., 11 bits to 163 bits. In Brute force attack, the attacker keeps checking bits patterns of particular key size in trial and error basis. If the bit size is n there are 2n patterns needed to be checked. Moreover, in our implementation we have used both data and same key size same which puts attacker in more effort to decrypt and long time investment. The above results reveals that the speed and area tradeoff can be obtained by selecting suitable FPGA device. An extensive speed-up of Elliptic Curve cryptosystems can be achieved for the nodes in Wireless Sensor Networks by exploiting the offered coprocessor architectures. The designed cryptosystems utilized 2%, 13%, 19%, 23% of arithmetic Look Up Tables (LUT) of the Artix 7-Xc7a100t-3csf324for 11, 112, 131 and 163 bits respectively. The software and hardware results reveals that the computational time for both encryption and decryption is almost the same for different bit sizes of both data and key. This constant time puts an attacker in confusion about the bit sizes used for data and key as shown in Table II. Thus, using of same data and key sizes avoids many of the attacks including power analysis attack. Since, the energy consumed is same as that of the time required to perform both encryption and decryption process of 0 and 1 bits. The attacker is unable to know whether 0 or 1 is encrypted or decrypted in that duration of time. The computational time for encryption and decryption in hardware is in the order of 1.091ms. The wireless sensor nodes based on off-the-shelf general purpose microcontrollers, have utilized by most deployments of wireless sensor networks over the past years. The hardware accelerators for custom system architecture are required to characterize WSNs applications to achieve long deployment lifetime and bursts of computation. The work and design adopts the accelerator-based computing paradigm, together with acceleration for the process of Encryption and decryption of data in WSNs. VIII. CONCLUSIONS Although realization of Public Key Cryptography (PKC) is challenging on WSN, PKC brings enormous simplicity and effectiveness in providing a number of necessary security services. Public Key Cryptography algorithms are the most promising schemes with respect to energy and time consumption, which makes it suitable for data encryption in WSN. For WSNs, we have selected Elliptic Curve Cryptography to achieve the security in spite of constraints of the WSN node. The proposed work deals with the different level of security with different FPGA devices to make it suitable for WSNs. In order to evaluate, analysis was performed on different key sizes in F(2 m ) and implemented on different FPGAs, with the aim to recognize the one that is most appropriate for WSNs applications. The key size with 11 bits to 163 bits, were generated to provide low level to elevated level of security that can be used for various applications in Wireless Sensor Networks. Both software