Hai-bin SHEN,Hua-feng CHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.09.004

2006-01-01

Abstract:To accelerate point multiplication operation of elliptic curve cryptography (ECC), a fast reduction algorithm for modular operation was introduced. The algorithm applied the characteristic of the small second item's degree of irreducible polynomial in characteristic 2 finite field. Based on the algorithm and projective Montgomery point multiplication algorithm, a configurable ECC accelerator using very large scale integrated circuit technology was proposed. Scalable field design and unique pipeline technique was adapted in the accelerator. Simulation results show that the accelerator designed by the algorithm can rapidly complete ECC point multiplication operation. When 162 bits key and 192 bits key are selected, the point multiplication operation takes 0.22 ms and 0.43 ms respectively. The accelerator has simple interface and good flexibility, and provides a method for hardware implementation of public key cryptography algorithm.

ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

Hua-feng CHEN,Hai-bin SHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2007.11.002

2007-01-01

Abstract:A parallel fast computation method was proposed for elliptic curve cryptography (ECC) point multiplication over characteristic 2 finite field. The method made use of hardware dynamic instruction schedule technique which applied instruction level parallelism in combination with thread level parallelism to improve the parallel computation performance. The structure designed by this method monitors the operation of arithmetic component and generates point multiplication instruction sequences dynamically before the decode stage. The dynamic schedule cuts the performance loss caused by the data hazards stall which cannot be solved by the data bypass or forwarding. The results achieved by the field programmable gate array (FPGA) implementation show that the proposed design can complete the elliptic curve point multiplication operation in Galois Fields GF (2193) in 22.7μs.

Xiang Feng,Shuguo Li

DOI: https://doi.org/10.1109/trustcom/bigdatase/icess.2017.245

2017-01-01

Abstract:In this paper, we propose a novel high-speed and SPA-resistant architecture for elliptic curve cryptography (ECC) point multiplication. A new Karatsuba-Ofman based pipelined multiplier is proposed to lower the latency, and an improved comb point multiplication method is employed to reduce the clock cycles and to resist simple power analysis (SPA). The proposed ECC architecture has been implemented on Altera's Stratix II FPGA platform. Implementation results show that our processor can perform 256-bit ECC point multiplication in 0.16 ms at the cost of 14.2k ALMS. Compared with the previous implementations, our implementation achieves a speed up factor of no less than 4 times without compromising the SPA-resistance.

Yi-feng MO,Shu-guo LI

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2017.11.003

2017-01-01

Abstract:In this paper,we implement RSA cryptographic using Residue number system (RNS).We choose four modulo similar in the form for every computational unit.The reduction unit supports these four modulo is smaller and shorter than the required reduction unit corresponding to the conventional method selection.According to our proposed method,we select seven groups of modulo with a width of 74,and design a RNS Montgomery multiplier based on Cox-Rower architecture to implement RSA cryptography.In the SMIC 0.13μm standard cell library,clock frequency reaches up to 278 MHz.At this frequency,1 024,2 048-bit RSA decryption in Chinese Remainder Theorem (CRT) mode and 1 024-bit RSA decryption require 710μs,99 μs,350μs,respectively,faster than the published related designs.

Amer Aljaedi,Furqan Aziz Qureshi,Mohammad Mazyad Hazzazi,Malik Imran,Zaid Bassfar,Sajjad Shaukat Jamal

DOI: https://doi.org/10.1109/access.2024.3403771

IF: 3.9

2024-05-28

IEEE Access

Abstract:This article presents an area-efficient hardware architecture for the implementation of elliptic-curve point multiplication (PM) operation over . The area is minimized through three strategies: 1) implementing a bit-serial-based Booth polynomial multiplication architecture to multiply two polynomials with clock cycles overhead, 2) using one modular adder, Booth multiplier and square block in the arithmetic unit, and 3) realizing the modular inversion computation using the implemented square and Booth multiplier circuits. Moreover, the critical path is evaluated by the placement of registers in the datapath of the PM and Booth multiplier architectures. Moreover, a dedicated finite-state machine is implemented for control functionalities. Finally, a figure-of-merit (FoM), defined as throughput/area, facilitates realistic comparisons. The implementation results are reported on Xilinx field-programmable gate array (FPGA) devices. On the Virtex-7 device, our accelerator utilizes 1343 slices and can operate on a maximum of , requiring 174457 clock cycles and for one PM computation. It consumes power. The implementation results and comparison to state-of-the-art show that the proposed accelerator is suitable for cryptographic applications that demand lower hardware resource utilization without significant concerns regarding computation time.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xiang Feng,Shuguo Li

DOI: https://doi.org/10.1587/transfun.e98.a.863

2015-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Field Programmable Gate Array (FPGA) implementation of Elliptic Curve Cryptography (ECC) over GF(p) is commonly not fast enough to meet the request of high-performance applications. There are three critical factors to determine the performance of ECC processor over GF(p): multiplication structure, modular multiplication algorithm, and scalar point multiplication scheduling. This work proposes a novel multiplication structure which is a two-stage pipeline on the basis of Karatsuba-Ofman algorithm. With the proposed multiplication structure, we design a 256-bit modular multiplier based on Improved Barret Modular Multiplication algorithm. Upon the modular multiplier, we finish the scalar point multiplication scheduling and implement a high-performance ECC processor on FPGA. Compared with the previous modular multipliers, our modular multiplier reduces the 256-bit modular multiplication time by 28% at least. Synthesis result on Altera Stratix II shows that our ECC processor can complete a 256-bit ECC scalar point multiplication in 0.51ms, which is at least 1.3 times faster than the currently reported FPGA ECC processors over GF(p).

Lijuan Li,Shuguo Li

DOI: https://doi.org/10.1109/tcsii.2017.2785382

2018-01-01

Abstract:Point multiplication is the key operation that dominates the speed and area of each elliptic curve cryptosystem. In this brief, we propose a highly efficient architecture for point multiplication on Koblitz curves. The right-to-left point multiplication algorithm is adopted to allow parallel computation of Frobenius maps and point additions. In order to achieve short latency as well as high frequency, we explore operation rescheduling in consecutive point additions with a pipelined bitparallel finite field multiplier accumulator. Furthermore, the pipelined mixed-form double-digit scalar converter with compact recoding is employed to reduce the wait time and consumed logic resources by scalar conversion. Fast inversion based on optimal addition chains is used to further reduce the latency. Implementation results on Xilinx Virtex V show that the proposed architecture can perform a point multiplication in as few as 2.50, 4.09, 5.81, 9.50, 18.51 mu s over the five NIST Koblitz curves K-163, K-233, K-283, K-409, and K-571, respectively. To the best of our knowledge, the proposed architecture of point multiplication has the fastest speed in comparison to the reported results.

Yifeng Mo,Shuguo Li

DOI: https://doi.org/10.1109/edssc.2017.8126455

2017-01-01

Abstract:Modular multiplier is the key to implement RSA algorithm. This paper proposes the design of an 8192-bit residue number system (RNS) Montgomery multiplier based on Cox-Rower architecture. To accelerate the reduction unit, we select modulo with a small Hamming weigh, and modulo are grouped by the number of Rowers. Each Rower unit only needs to support the reduction processes of one group of modulo instead of all modulo, thus eliminating the redundancy of the conventional structure and reducing delay and area of reduction units. Our reduction unit is smaller and faster than classic reduction unit. In SMIC 0.13 μm, one 8192-bit modular multiplication is accomplished in 8056 ns at the cost of 1240 KG.

Yujun Xie,Zhenhui He,Yuan Liu,Xin Zheng,Shuting Cai,Xiaoming Xiong

DOI: https://doi.org/10.1049/ell2.13069

2024-02-10

Electronics Letters

Abstract:This paper proposes a 256‐bit speed‐area‐efficient hardware elliptic curve point‐multiplication engine (ECPM‐engine) in GF(p) over generic Weierstrass curves, which is optimized by a new speed‐area‐efficient radix‐64 Montgomery modular multiplication (R64MMM) and a novel Montgomery ladder scheduling. This paper proposes a 256‐bit speed‐area‐efficient hardware elliptic curve point‐multiplication engine (ECPM‐engine) in GF(p) over generic Weierstrass curves, which is optimized by a new speed‐area‐efficient radix‐64 Montgomery modular multiplication (R64MMM) and a novel Montgomery ladder scheduling. The R64MMM calls one 129‐bit adder and one (64x64+129)‐bit multiply‐accumulator (64‐129‐MAC) in parallel to make a trade‐off between speed and area. The novel Montgomery ladder scheduling is used to improve the utilization of MAC in ECPM operation. In this ECPM‐engine, both MAC utilization in R64MMM operations and R64MMM utilization in ECPM operations are close to 100%. The result shows that the proposed ECPM‐engine consumes 72k gates when the clock frequency is 714 MHz with a 90 nm standard cell library, and it computes one 256‐bit ECPM in 0.14 ms.

engineering, electrical & electronic

Yingchao Cui,Qing Liu,Yingbiao Yao,Xiaorong Xu,Wei Wu,Xin Xu

DOI: https://doi.org/10.1016/j.micpro.2023.104944

IF: 3.503

2023-10-18

Microprocessors and Microsystems

Abstract:For the elliptic curve cryptography (ECC) over prime field, this paper presents an area-efficient and low-latency elliptic curve scalar multiplication (ECSM) accelerator, which supports to process any prime number p ≤ 256 bits. The proposed accelerator is based on a parallel hardware implementation of iterative digit-digit Montgomery multiplication and an optimized data flow architecture for elliptic curve point operations. The proposed design is implemented in Xilinx Virtex-7 FPGA. The experimental results show that the proposed architecture occupies 23.7k look-up tables (LUTs) and performs single 256-bit scalar multiplication in 0.56 ms. The area-time product of the proposed architecture is only 13.36. Compared with other state-of-the-art ECSM implementations, the proposed architecture has obvious advantage in terms of the area-time product.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Jiahe Liu,Bangtian Liu,Haohuan Fu

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata.2016.137

2016-01-01

Abstract:Originated from Chinese Remainder Theorem in the 4th century AD, Residue Number System (RNS) has been regarded as a promising number representation method in the field of digital computer arithmetic. Even though reconfigurable hardware devices such as Field Programmable Gate Arrays (FPGA) have been a popular platform for RNS applications due to its feasible architectural features, work that explores highly efficient RNSs through FPGA devices is still rare to be seen. In this paper, we replace the most commonly used moduli set {2 n - 1, 2 n , 2 n + 1} with {2 n - 1, 2 2n , 2 n + 1}, and explore performance potential of the whole RNS system by optimizing the residue arithmetic units and deploying a highly-efficient RNS on the FPGA platform. Furthermore, we develop a user-controlled FPGA-based RNS library generator for the moduli set {2 n - 1, 2 2n , 2 n + 1}. Our RNS reduces the latency and LUT cost by up to 20% and 42% respectively for a large number of additions, and saves up to 45% DSP cost than large bit-width binary forms for multiplications. It is demonstrated through several experiments that, for the computation-intensive applications involving a large bit-width setting or a large number of calculations, RNS has a better performance than binary forms. Our optimized RNS design is applicable with other RNS applicationslatform for RNS applications due to its feasible architectural features, work that explores highly efficient RNSs through FPGA devices is still rare to be seen. In this paper, we replace the most commonly used moduli set {2 n - 1, 2 n , 2 n + 1} with {2 n - 1, 2 2n , 2 n + 1}, and explore performance potential of the whole RNS system by optimizing the residue arithmetic units and deploying a highly-efficient RNS on the FPGA platform. Furthermore, we develop a user-controlled FPGA-based RNS library generator for the moduli set {2 n - 1, 2 2n , 2 n + 1}. Our RNS reduces the latency and LUT cost by up to 20% and 42% respectively for a large number of additions, and saves up to 45% DSP cost than large bit-width binary forms for multiplications. It is demonstrated through several experiments that, for the computation-intensive applications involving a large bit-width setting or a large number of calculations, RNS has a better performance than binary forms. Our optimized RNS design is applicable with other RNS applications.

Guantong Su,Xingjun Wu,Guoqiang Bai

DOI: https://doi.org/10.1109/edssc.2019.8753928

2019-01-01

Abstract:In this paper, we present a high performance extension field multiplier for pairing acceleration on reconfigurable device. It is shown that combining Residue Number System (RNS), which is designed for concurrent architecture and modern FPGA programmable logic array. The parallelism of RNS can be fully exploited. The proof of concept is implemented on a Xilinx Ultrascale+ FPGA, which takes 352 DSPs and accomplish a F-p6 multiplication in 44 cycles at a 500MHz clock frequency.

Nawras H. Sabbry,Alla B. Levina

DOI: https://doi.org/10.3390/math12060881

IF: 2.4

2024-03-17

Mathematics

Abstract:Elliptic curve cryptography (ECC) is widely acknowledged as a method for implementing public key cryptography on devices with limited resources thanks to its use of small keys. A crucial and complex operation in ECC calculations is scalar point multiplication. To improve its execution time and computational complexity in low-power devices, such as embedded systems, several algorithms have been suggested for scalar point multiplication, with each featuring different techniques and mathematical formulas. In this research, we focused on combining some techniques to produce a scalar point multiplication algorithm for elliptic curves over finite fields. The employed methodology involved mathematical analysis to investigate commonly used point multiplication methods. The aim was to propose an efficient algorithm that combined the best computational techniques, resulting in lower computational requirements. The findings show that the proposed method can overcome certain implementation issues found in other multiplication algorithms. In certain scenarios, the proposed method offers a more efficient approach by reducing the number of point doubling and point addition operations on elliptic curves using the inverse of the targeted point.

mathematics

Tao Wu,ShuGuo Li,LiTian Liu

DOI: https://doi.org/10.1007/s11432-014-5215-4

2015-01-01

Science China Information Sciences

Abstract:This paper improves the quotient-pipelined high radix scalable Montgomery modular multiplier by processing w-bit and k-bit words in carry save form instead of some(w + k)-bit length operands. It directly reduces both the critical path and the area overhead of the original processing elements. Then based on this improved high-radix scalable Montgomery modular multiplier, we propose an efficient hardware architecture for RSA decryption with Chinese Remainder Theorem. With simple configuration logics, the hardware unit works in three modes:(1) scalable modular reduction for precomputation,(2) scalable Montgomery modular multiplication for modular exponentiation, where an approximation method is developed to reduce the expanded result below the modulus, and(3) scalable multiplication for post-processing. Hardware implementation shows that the proposed architecture is optimal with reference to the literature in terms of speed, area, and frequency.A 4096-bit RSA decryption in XC2V6000-6 FPGA can be completed in 11.05 ms with 14041 slices/17409 LUTs,128 16 × 16 multipliers, and 70 kbits of block RAMs. Finally, by the use of Montogmery powering ladder the modular exponentiation unit based on the improved high radix scalable Montgomery modular multiplier can be built resistant to fault and simple power attacks. A 1024-bit modular exponentiation unit with such resistances costs about 255 K NAND2 gates in.18 μm CMOS process, and one full modular exponentiation takes about1.44 ms at 250 MHz.

Lijuan Li,Shuguo Li

DOI: https://doi.org/10.1109/tvlsi.2015.2453360

2016-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:This paper proposes an efficient pipelined architecture of elliptic curve scalar multiplication (ECSM) over GF(2m). The architecture uses a bit-parallel finite field (FF) multiplier accumulator (MAC) based on the Karatsuba-Ofman algorithm. The Montgomery ladder algorithm is modified for better sharing of execution paths. The data path in the architecture is well designed, so that the critical path contains few extra logic primitives apart from the FF MAC. In order to find the optimal number of pipeline stages, scheduling schemes with different pipeline stages are proposed and the ideal placement of pipeline registers is thoroughly analyzed. We implement ECSM over the five binary fields recommended by the National Institute of Standard and Technology on Xilinx Virtex-4 and Virtex-5 field-programmable gate arrays. The three-stage pipelined architecture is shown to have the best performance, which achieves a scalar multiplication over GF(2163) in 6.1 μs using 7354 Slices on Virtex-4. Using Virtex-5, the scalar multiplication for m = 163, 233, 283, 409, and 571 can be achieved in 4.6, 7.9, 10.9, 19.4, and 36.5 μs, respectively, which are faster than previous results.

Jinnan Ding,Shuguo Li,Zhen Gu

DOI: https://doi.org/10.1109/tcsi.2018.2878598

2019-01-01

IEEE Transactions on Circuits and Systems I Regular Papers

Abstract:In this paper, a high-speed elliptic curve cryptography (ECC) processor specialized for primes recommended by the National Institute of Standards and Technology (NIST) was constructed. Toom–Cook multiplication without division was proposed to implement modular multiplication for NIST primes. Compared with a traditional algorithm, the computation complexity was reduced from 16 base multiplications to 7 in 4-way Toom–Cook multiplication. Moreover, we introduced non-least-positive (NLP) form into our design, so that the carry chain in the large array accumulation was broken down, which greatly shortened the critical path and made parallel processing possible. In order to support NLP form and lazy reduction strategy, conventional fast reduction methods for NIST primes were also modified. In addition, pipeline technique at the level of point multiplication was used, so the latency of modular inverse can be covered. Implemented on the Xilinx Virtex-6 FPGA platform, the ECC processor can perform a point multiplication every 54 $\mu s$ at the cost of 30.3k LUTs and 48 DSPs. Synthesized with 180nm CMOS technology, the speed achieves 43.7 $\mu s$ with 466k gate counts. These experimental results show a significantly better performance per area than previous works.

Junjie Jiang,Jing Chen,Jian Wang,Duncan S. Wong,Xiaotie Deng

2008-01-01

Abstract:We propose a new architecture for performing Elliptic Curve Scalar Multiplication (ECSM) on elliptic curves over GF (2). This architecture maximizes the parallelism that the proj ective version of the Montgomery ECSM algorithm can achieve. It completes one ECSM operation in about 2(m−1)(dm/De+4)+m cycles, and is at least three times the speed of the best known result currently available. When imp le ented on a Virtex-4 FPGA, it completes one ECSM operation overGF (2) in 12.5μs with the maximum achievable frequency of 222MHz. Two other i mplementation variants for less resource consumption are also proposed. O ur first variant reduces the resource consumption by almost 50% while still maintaining the utilization efficiency, whi ch is measured by a performance to resource consumption ratio. Our second variant achieves the best utilization effi ci ncy and in our actual implementation on an elliptic curve group overGF (2), it gives more than 30% reduction on resource consumption wh ile maintaining almost the same speed of computation as that of our original design. For achi eving this high performance, we also propose a modified finite field inversion algorithm which takes only m cycles to invert an element over GF (2), rather than2m cycles as the traditional Extended Euclid algorithm does, and this new design yields much better utilization of the cycle time.

tao wu,shuguo li,litian liu

DOI: https://doi.org/10.1007/978-81-322-1695-7_27

2014-01-01

Abstract:Finite field arithmetic in residue number system (RNS) necessitates modular reductions, which can be carried out with RNS Montgomery algorithm. By transforming long-precision modular multiplications into modular multiplications with small moduli, the computational complexity has decreased much. In this work, two implementation methods of RNS Montgomery algorithm, residue recovery as well as parallel base conversion, are reviewed and compared. Then, we propose a new residue recovery method that directly employs binary system rather than mixed radix system to perform RNS modular multiplications. This improvement is appropriate for a series of long-precision modular multiplications with variant operands, in which it is more efficient than parallel base conversion method.

Xiang Feng,Shuguo Li,Sufen Xu

DOI: https://doi.org/10.1109/tcsii.2019.2917621

2020-01-01

IEEE Transactions on Circuits & Systems II Express Briefs

Abstract:Cryptography based on ring learning with error (RLWE) problem has become increasingly popular due to its resistance against quantum analysis. The most time-consuming operation in RLWE cryptosystem is polynomial multiplication. This brief presents a novel polynomial multiplier based on Stockham fast Fourier transform (FFT) algorithm. We propose a multi-lane number theoretic transform (NTT) algorithm which can achieve ${n}$ -degree polynomial multiplication in ${(nlgn)/d+2n/d}$ clock cycles with ${d}$ lanes of butterfly units. In addition, we also customize a memory addressing strategy and a round constant managing scheme for the proposed multi-lane NTT algorithm. Based on our proposed algorithm, a high-speed polynomial multiplier is accomplished on FPGA platform. Implementation results on Spantan-6 FPGA show that our proposed algorithm can achieve a speed up factor of no less than 2.7 times compared with the state of art designs.