Hai-bin SHEN,Hua-feng CHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.09.004

2006-01-01

Abstract:To accelerate point multiplication operation of elliptic curve cryptography (ECC), a fast reduction algorithm for modular operation was introduced. The algorithm applied the characteristic of the small second item's degree of irreducible polynomial in characteristic 2 finite field. Based on the algorithm and projective Montgomery point multiplication algorithm, a configurable ECC accelerator using very large scale integrated circuit technology was proposed. Scalable field design and unique pipeline technique was adapted in the accelerator. Simulation results show that the accelerator designed by the algorithm can rapidly complete ECC point multiplication operation. When 162 bits key and 192 bits key are selected, the point multiplication operation takes 0.22 ms and 0.43 ms respectively. The accelerator has simple interface and good flexibility, and provides a method for hardware implementation of public key cryptography algorithm.

Zoya Dyka,Dan Kreiser,Ievgen Kabin,Peter Langendoerfer

DOI: https://doi.org/10.1109/RECONFIG.2018.8641730

2022-01-06

Abstract:In this paper we describe our flexible ECDSA design for elliptic curve over binary extended fields GF(2l). We investigated its resistance against Horizontal Collision Correlation Attacks (HCCA). Due to the fact that our design is based on the Montgomery kP algorithm using Lopez-Dahab projective coordinates the scalar k cannot be successful revealed using HCCA, but this kind of attacks can be helpful to divide the measured traces into parts that correspond to processing of a single bit of the scalar k. The most important contribution of this paper is that our flexible field multiplier is resistant against horizontal attacks. This inherent resistance makes it a valuable building block for designing unified field multipliers.

Cryptography and Security

Wei Li,Xiaoyang Zeng,Xiao Feng,Zibin Dai

DOI: https://doi.org/10.1109/uic-atc-scalcom-cbdcom-iop.2015.114

2015-01-01

Abstract:In this paper, a mixture of VLIW and vector architecture of ECC processor is proposed to perform either prime field GF(p) operations or binary field GF(2(m)) operations for arbitrary prime numbers and irreducible polynomials. Besides, an application specific instruction set for ECC is presented to support parallel processing with VLIW instruction structure features and vector register addressing modes. Moreover, a new randomized clock cycle's insertion technique in regular calculation is designed against SPA and DPA attacks with 3% area and 4% power overhead. After implemented in 65-nm CMOS process, our proposed 521-bit dual field elliptic curve cryptographic processor can perform scalar multiplication in 1.3 ms over GF(p(521)) and 0.94 ms over GF(2(521)). Our ECC processor chip is advantageous not only in terms of functionality, scalability, and performance but also in protection against power-analysis attacks.

Yier Jin,Haibin Shen

DOI: https://doi.org/10.1109/icsict.2006.306633

2006-01-01

Abstract:A new unbalanced exponent modular reduction over GF(2m) is proposed. The algorithm can achieve high efficiency when computing on a certain class of fields generated by f(x) = xm + T(x) where deg[T(x)] Lt C m. The algorithm is applied in modular multiplication on the basis of scalable polynomial basis(SPB) to form scalable modular multiplication. Most of irreducible polynomials used in elliptic curve cryptography(ECC) fulfil the characteristic mentioned above well. So the scalable algorithm is implemented in ECC computation with high flexibility and efficiency both in theoretic calculation and application

Kang Li,Gang Chen,Haixin Wang,Guoqiang Bai,Hongyi Chen

2008-01-01

Abstract:This work presents a dual-core two-field elliptic curve cryptosystem supporting several elliptic curve cryptography (ECC) protocols to accelerate signature generation and verification. The processor uses either a cooperating mode or a separate mode to support not only several elliptic curve digital signature algorithms, but also scalar multiplication, point addition and point verification. All the parameters in the design are configurable with lengths ranging from 192 bit to 384 bit in steps of 64 bit. The cryptosystem designed with 0.18μm CMOS technology using 372 × 103 gates occupies 3.72 mm2 with a critical path of 3.77 ns. 1538 signatures or 775 verifications can be completed in one second with a clock frequency of 250 MHz and 192 bit length parameters. Because of its efficiency and configurablility, this processor is especially suitable for use as a security coprocessor for high-performance network processors.

Kai Liao,Xiaoxin Cui,Nan Liao,Tian Wang,Dunshan Yu,Xiaole Cui

DOI: https://doi.org/10.1109/tie.2016.2610402

IF: 7.7

2016-01-01

IEEE Transactions on Industrial Electronics

Abstract:Elliptic curve cryptography (ECC) is one of the most popular public key cryptosystems in recent years due to its higher security strength and lower resource consumption. However, the noninvasive side-channel attacks (SCAs) have been proved to be a big threat to ECC systems in many previous researches. In this paper, we propose a low-area-time-product ECC coprocessor for GF(2(m)) with the ability to resist most of the existing noninvasive SCAs. The basic countermeasures are relied on the underlying finite field arithmetics in randomized Montgomery domain, which can blind the intermediate value in the iterations of scalar multiplication to prevent the adversaries from cracking the private key by statistical methods. Meanwhile, we optimize the modular division and modular multiplication algorithms to fix the operating time to resist some certain timing attacks, and the Montgomery Ladder algorithm makes the coprocessor immune against simple SCAs. To efficiently implement our coprocessor, we present a hybrid operation sequence which merely needs one multiplication module and one division module to complete the entire operations. The synthesis results indicate that our design is superior to other related works in area-time product (ATP) and the extra overhead paid for the countermeasures is less than 5%.

Gang Chen,Guoqiang Bai,Hongyi Chen

DOI: https://doi.org/10.1109/ISCAS.2008.4542163

2008-01-01

Abstract:We proposed a high-performance ECC architecture for generic curves over prime fields based on a systolic arithmetic unit, in [1]. This paper is on an extension and a realization of that architecture. We extend the architecture to support binary fields, and realize the extended architecture, developing a dual-field ECC processor. Further, the processor is implemented by an ASIC. The results on the layouted processor show a high performance, confirming the efficiency of the architecture.

Hui Zhao,Long Wang,Guoqiang Bai

DOI: https://doi.org/10.1109/EDST.2007.4289807

2007-01-01

Abstract:In this paper we propose a low-cost coprocessor architecture for elliptic curves cryptography which supports the main mathematical operations for the computation of ECDSA over GF(2193), including point doubling, point addition and scalar multiplication over field ECC. As the field is fixed, we use this special property to design special operational units and pipeline structure. Although only increasing 4% area, it speeds around 40% faster at the same time. Our design allows to perform a scalar multiplication over GF(2193) in 24 ms at a clock frequency of 10 MHz, and is only 11,486 NAND gates large. The advantages of both the performance and hardware cost are much favorable compared with previous similar work.

Zilong Liu,Dongsheng Liu,Xuecheng Zou

DOI: https://doi.org/10.1109/tie.2016.2625241

IF: 7.7

2016-01-01

IEEE Transactions on Industrial Electronics

Abstract:Elliptic curve cryptography (ECC) has been widely used for the digital signature to ensure the secu-rity in communication. It is important for the ECC processor to support a variety of ECC standards to be compatible with different security applications. Thus, a flexible proces-sor which can support different standards and algorithms is desired. In this paper, an efficient and flexible dual-field ECC processor using the hardware-software approach is presented. The proposed processor can support arbitrary elliptic curve. An elaborate modular arithmetic logic unit is designed. It can perform basic modular arithmetic opera-tions and achieve high efficiency. Based on our designed instruction set, the processor can be programmed to perform various point operations based on different algorithms. To demonstrate the flexibility of our processor, a pointmultipli-cation algorithm with power analysis resistance is adopted. Our design is implemented in the field-programmable gate array platform and also in the application-specified inte-grated circuit. After implemented in the 55 nm CMOS process, the processor takes between 0.60 ms (163 bits ECC) and 6.75ms (571 bits ECC) to finish one-pointmultiplication. Compared to other related works, the merits of our ECC pro-cessor are the high hardware efficiency and flexibility.

Yuan-Bin Xie,Pei-Jun Ma,Jiang-Yi Shi,Kang Li

DOI: https://doi.org/10.1109/icsict.2010.5667361

2010-01-01

Abstract:A flexible and efficient ECC processor is presented in this paper. We design an application-specific instruction set for the processor. The proposed parallel architecture ECC processor provides the lowest level finite-field operations and supports arbitrary elliptic curves and various ECC algorithms over general prime filed. Based on 130 nm standard-cell technology, the processor requires 184μs for a 160-bit scalar multiplication based on NAF algorithm.

DAN Yong-ping,ZOU Xue-cheng,LIU Zheng-lin,HAN Yu,YI Li-hua

DOI: https://doi.org/10.1016/s1005-8885(08)60206-x

2009-01-01

Abstract:In this article, a parallel hardware processor is presented to compute elliptic curve scalar multiplication in polynomial basis representation. The processor is applicable to the operations of scalar multiplication by using a modular arithmetic logic unit (MALU). The MALU consists of two multiplications, one addition, and one squaring. The two multiplications and the addition or squaring can be computed in parallel. The whole computations of scalar multiplication over GF(2163) can be performed in 3 064 cycles. The simulation results based on Xilinx Virtex2 XC2V6000 FPGAs show that the proposed design can compute random GF(2163) elliptic curve scalar multiplication operations in 31.17 μs, and the resource occupies 3 994 registers and 15 527 LUTs, which indicates that the crypto-processor is suitable for high-performance application.

Gang Chen,Guoqiang Bai,Hongyi Chen

DOI: https://doi.org/10.1109/tcsii.2006.889459

2007-01-01

Abstract:This brief presents a high-performance elliptic curve cryptographic processor for general curves over GF(p), which features a systolic arithmetic unit. We propose a new unified systolic array that efficiently implements addition, subtraction, multiplication and division over GF(p). At the system level, the control dependencies in the operation sequence and the mismatched communication between the systolic array and the separate storage would stall the pipeline in the systolic array. These pipeline stalls are successfully avoided by using two optimization methods. Synthesized in 0.13-mu m standard-cell technology, the processor requires 1.01 ms to compute a 256-bit scalar multiplication for general curves over GF(p).

Yong-ping Dan,Xue-cheng Zou,Zheng-lin Liu,Yu Han,Li-hua Yi

DOI: https://doi.org/10.1631/jzus.a0820024

2009-01-01

Abstract:We propose a novel high-performance hardware architecture of processor for elliptic curve scalar multiplication based on the Lopez-Dahab algorithm over GF(2163) in polynomial basis representation. The processor can do all the operations using an efficient modular arithmetic logic unit, which includes an addition unit, a square and a carefully designed multiplication unit. In the proposed architecture, multiplication, addition, and square can be performed in parallel by the decomposition of computation. The point addition and point doubling iteration operations can be performed in six multiplications by optimization and solution of data dependency. The implementation results based on Xilinx VirtexII XC2V6000 FPGA show that the proposed design can do random elliptic curve scalar multiplication GF(2163) in 34.11 μs, occupying 2821 registers and 13 376 LUTs.

Yong-ping Dan,Xue-cheng Zou,Zheng-lin Liu,Yu Han,Li-hua Yi

DOI: https://doi.org/10.1631/jzus.a0820024

2009-01-01

Journal of Zhejiang University SCIENCE A

Abstract:We propose a novel high-performance hardware architecture of processor for elliptic curve scalar multiplication based on the Lopez-Dahab algorithm over GF(2163) in polynomial basis representation. The processor can do all the operations using an efficient modular arithmetic logic unit, which includes an addition unit, a square and a carefully designed multiplication unit. In the proposed architecture, multiplication, addition, and square can be performed in parallel by the decomposition of computation. The point addition and point doubling iteration operations can be performed in six multiplications by optimization and solution of data dependency. The implementation results based on Xilinx VirtexII XC2V6000 FPGA show that the proposed design can do random elliptic curve scalar multiplication GF(2163) in 34.11 μs, occupying 2821 registers and 13 376 LUTs.

Shiyang He,Hui Li,Qingwen Li,Fenghua Li

DOI: https://doi.org/10.23919/cje.2022.00.267

IF: 1.019

2023-01-01

Chinese Journal of Electronics

Abstract:The elliptic curve scalar multiplication (ECSM) is the core of elliptic curve cryptography (ECC), which directly determines the performance of ECC. In this paper, a novel time-area-efficient and compact design of a 256-bit ECSM processor over GF (p) for the resource-constrained device is proposed, where p can be selected flexibly according to the application scenario. A compact and efficient 256-bit modular adder/subtractor and an improved 256-bit Montgomery multiplier are designed. We select Jacobian coordinates for point doubling and mixed Jacobian-affine coordinates for point addition. We have improved the binary expansion algorithm to reduce 75% of the point addition operations. The clock consumption of each module in this architecture is constant, which can effectively resist side-channel attacks. Reuse technology is adopted in this paper to make the overall architecture more compact and efficient. The design architecture is implemented on Xilinx Kintex-7 (XC7K325T-2FFG900I), consuming 1439 slices, 2 DSPs, and 2 BRAMs. It takes about 7.9 ms at the frequency of 222.2 MHz and 1763k clock cycles to complete once 256-bit ECSM operation over GF (p).

Junjie Jiang,Jing Chen,Jian Wang,Duncan S. Wong,Xiaotie Deng

2008-01-01

Abstract:We propose a new architecture for performing Elliptic Curve Scalar Multiplication (ECSM) on elliptic curves over GF (2). This architecture maximizes the parallelism that the proj ective version of the Montgomery ECSM algorithm can achieve. It completes one ECSM operation in about 2(m−1)(dm/De+4)+m cycles, and is at least three times the speed of the best known result currently available. When imp le ented on a Virtex-4 FPGA, it completes one ECSM operation overGF (2) in 12.5μs with the maximum achievable frequency of 222MHz. Two other i mplementation variants for less resource consumption are also proposed. O ur first variant reduces the resource consumption by almost 50% while still maintaining the utilization efficiency, whi ch is measured by a performance to resource consumption ratio. Our second variant achieves the best utilization effi ci ncy and in our actual implementation on an elliptic curve group overGF (2), it gives more than 30% reduction on resource consumption wh ile maintaining almost the same speed of computation as that of our original design. For achi eving this high performance, we also propose a modified finite field inversion algorithm which takes only m cycles to invert an element over GF (2), rather than2m cycles as the traditional Extended Euclid algorithm does, and this new design yields much better utilization of the cycle time.

刘志伟,刘雷波,黄海,张琦,于斌,赵石磊,崔健博

DOI: https://doi.org/10.12263/dzxb.20210967

2023-01-01

Abstract:This paper proposes a high-performance elliptic curve cryptographic processor for the widely used TLS1.3 protocol. The processor supports two types of elliptic curve with general modulus in prime field defined in TLS1.3 protocol. Firstly, by modifying the high-radix Montgomery algorithm, a modular multiplication unit is proposed,which supports less than 521-bit width operators. Secondly, a parallel scalar multiplier structure with dual-modular multipliers is proposed. Based on this structure, to make full use of the two modular multipliers, a series of point operation timing arrangement is proposed in Jacobian coordinate, which supports two types of elliptic curves, makes the utilization rate of the modular multiplication unit reach 100%, 95.4% and 86.5% under different types of point operations. Compared with the existing design, the scalar multiplier in this work has a less cycle cost and less time consumption, as well as stronger versatility and configurability with similar time-area products. Under TSMC 55 nm CMOS technology, the clock frequency reaches 454 MHz. The scalar multiplication cost 851K equivalent logic gates, and the calculation speed of Secp256r1 curve is 31 230 times/sec.

Jiakun Li,Weijiang Wang,Jingqi Zhang,Yixuan Luo,Shiwei Ren

DOI: https://doi.org/10.1109/access.2021.3051282

IF: 3.9

2021-01-01

IEEE Access

Abstract:High-performance Elliptic Curve Cryptography (ECC) implementation in encryption authentication severs has become a challenge due to the explosive growth of e-commerce's demand for speed and security. Point multiplication (PM) is the most common and complex operation in ECC which directly determines the performance of the whole system. This article proposes a 6CC-6CC (clock cycle) dual-field PM architecture and a 6CC-4CC dual-field PM architecture based on maximizing utilization of Karatsuba multipliers and re-ordering schedule strategy in PM. The Montgomery Ladder algorithm used in PM is modified to a 4CC algorithm for better resource utilization and parallel computation. To solve the frequency drop problem while working on large finite field, the PM architectures for high and low field are carefully studied to have universal critical path length and balanced performance. Both of the architectures are implemented over GF(2571) and GF(2283) on Xilinx Virtex-5 and Virtex-7 FPGAs (Field-Programmable Gate Array) for comparison. The 6CC-6CC architecture is shown to have the best performance on GF(2571), which achieves one PM operation in $17.44~\mu s$ using 81549 LUTs (Look-Up-Table) with the frequency of 197.2 MHz on Virtex-5, and $12.55~\mu s$ using 80970 LUTs with the frequency of 274.1 MHz on Virtex-7. The 6CC-4CC architecture performs better on GF(2283) with the shortest computation time. It takes only $3.21~\mu s$ to finish one PM operation on Virtex-5 and $2.22~\mu s$ on Virtex-7, which are faster than all the previous designs. The implementation results prove that the proposed architectures have state-of-the-art performance as well as higher versatility for ECC designs.

Guoqiang Bai

2007-01-01

Abstract:Inthispaperwepropose alow-cost coprocessor architecture forelliptic curvescryptography whichsupports the mainmathematical operations forthecomputation ofECDSA overGF(2193), including point doubling, point addition andscalar multiplication overfield ECC.Asthefield isfixed, weusethis special property todesign special operational units andpipeline structure. Although onlyincreasing 4% area,itspeeds around 40% faster atthesametime. Ourdesign allows toperform a scalar multiplication overGF(2193) in24msataclock frequency of10MHz,andisonly11,486 NAND gates large. Theadvantages ofboththeperformance andhardware costaremuchfavorable compared withprevious similar work. IndexTerms - hardware design, architecture, Elliptic Curves Cryptography (ECC), EmbeddedSystem

但永平,邹雪城,刘政林,韩煜

DOI: https://doi.org/10.3969/j.issn.1007-130x.2009.02.032

2009-01-01

Abstract:In this paper, a parallel hardware processor to compute elliptic curve scalar multiplication is proposed. The processor is able to compute all the operations by using a modular arithmetic logic unit, and the modular arithmetic logic unit consists of two multiplications, one addition and one squaring. The two multiplications can operate in parallel. Multiplication and addition or squaring can also compute in parallel. The implementation results based on Xilinx Virtex2 XC2V6000 FPGAs show that our proposed design is able to compute a scalar multiplication on the random GF(2163) elliptic curve in 3 064 cycles. The total computation time is only 31.17μs, occupying 3 994 registers and 15 527 LUTs. It implies this processor is suitable for high-performance applications.