Jingqi Zhang,Yujie Jiang,An Wang

DOI: https://doi.org/10.1109/iscas58744.2024.10558204

2024-01-01

Abstract:The inversion over GF(2 m ) is crucial for elliptic curve cryptography algorithms such as ECDSA and SM2. The Itoh-Tsujii’s Algorithm (ITA) can compute inversions in a sequential procedure by utilizing multiplications and exponentiations. This paper proposes a series of novel low-latency architectures with Cascaded Exponentiation Blocks (CEBs) and then derives the estimated clock cycle latency. The complexity of CEBs is evaluated by the matrix weight. We also employ a movable internal pipeline stage to optimize the critical path. Experiments on the Virtex-7 FPGA show the optimal exponentiation blocks for GF(2 163 ), GF(2 283 ) and GF(2 571 ), respectively. Compared with existing works, both the performance and latency of our proposed architecture with OEBs are at the cutting edge.

Hai-bin SHEN,Hua-feng CHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.09.004

2006-01-01

Abstract:To accelerate point multiplication operation of elliptic curve cryptography (ECC), a fast reduction algorithm for modular operation was introduced. The algorithm applied the characteristic of the small second item's degree of irreducible polynomial in characteristic 2 finite field. Based on the algorithm and projective Montgomery point multiplication algorithm, a configurable ECC accelerator using very large scale integrated circuit technology was proposed. Scalable field design and unique pipeline technique was adapted in the accelerator. Simulation results show that the accelerator designed by the algorithm can rapidly complete ECC point multiplication operation. When 162 bits key and 192 bits key are selected, the point multiplication operation takes 0.22 ms and 0.43 ms respectively. The accelerator has simple interface and good flexibility, and provides a method for hardware implementation of public key cryptography algorithm.

Xiaodong Yan,Shuguo Li

DOI: https://doi.org/10.1109/icasic.2007.4415574

2007-01-01

Abstract:This paper proposes a new, efficient algorithm for modular inversion in Galois field GF(p). This algorithm reduces the number of operations cycles required by 31% when compared with previous algorithms reported in the literature. The 256 bit modular inversion circuit based on the proposed algorithm is implemented in 0.18 mum CMOS standard cell technology. The synthesis result shows a significant speed-up in the same area complexity.

Lijuan Li,Shuguo Li

DOI: https://doi.org/10.1109/iscas.2017.8050627

2017-01-01

Abstract:Inversion over GF(2(m)) is crucial for cryptographic applications such as elliptic curve cryptography. The commonly used Itoh-Tsujii algorithm (ITA) computes the inversion by an entirely sequential process consisting of multiplications and squarings. In this paper, we first propose a modified ITA algorithm (MITA) for inversion with polynomial basis (PB). The MITA reduces the required clock cycles of ITA inversion by enabling the parallel computation between part of multiplications and squarings. Furthermore, we generalize the MITA to inversion with arbitrary addition chains. Several criteria are proposed to find the optimal addition chains (OACs) leading to the fastest inverters with given hardware resources. Implemented on Xilinx Virtex-4 FPGA, the proposed inversion architecture with a digit-serial multiplier achieves averagely 61% faster speed with 69% less resources than previous designs with normal basis. Using a fully combinational multiplier, the OAC inverters outperform existing PB-based designs by at least 60.9%, 35.1%, 94.9% for m = 163, 233, 283 respectively in terms of area-time product.

Jian Wang,Anping Jiang,Shimin Sheng

2007-01-01

Abstract:The finite field arithmetic is the base of cryptography and modular inversion is the kernel arithmetic operation. The authors present a dual field modular inversion algorithm. The 256-bit inversion circuit based on the proposed algorithm can be used at the 167 MHz clock frequency. It also has an improvement in area complexity compared with other designs.

T Zhou,XJ Wu,GQ Bai,HY Chen

DOI: https://doi.org/10.1049/el:20020472

2002-01-01

Electronics Letters

Abstract:A new, efficient algorithm for modular inversion in Galois field GF(p) is presented. Very large scale integration (VLSI) implementation of the algorithm is described and the high performance and low silicon penalty is demonstrated.

T Zhou,XJ Wu,GQ Bai,HY Chen

DOI: https://doi.org/10.1109/icccas.2002.1179061

2002-01-01

Abstract:Modular inversion is one of the kernel arithmetic operations in public key cryptosystems, so the design of low-cost and high-speed hardware implementation is absolutely necessary. In this paper, an improved algorithm for prime fields is presented for hardware facilitation and optimization. The hardware-oriented algorithm involves only ordinary addition/subtraction, and does not need any modular operations or multiplication and division. All of the arithmetic operations in the algorithm can be accomplished by only one adder. These features make it very suitable for fast small VLSI implementation. The VLSI implementation of the algorithm is also given and shows the high performance and low silicon penalty.

周涛,吴行军,白国强,陈弘毅

DOI: https://doi.org/10.3321/j.issn:1000-0054.2003.01.037

2003-01-01

Abstract:Modular inversion is one of the key arithmetic operations in public key cryptosystems, so low-cost, high-speed hardware implementation is absolutely necessary. This paper presents an algorithm for prime fields for hardware implementation. The algorithm involves only ordinary addition/subtraction and does not need any modular operations, multiplications or divisions. All of the arithmetic operations in the algorithm can be accomplished by only one adder, so it is very suitable for fast very large scale integration (VLSI) implementation. The VLSI implementation of the algorithm is also given with good performance and low silicon penalty.

HAN YONGXIANG,BAI GUOQIANG,CHEN HONGYI

DOI: https://doi.org/10.3969/j.issn.1008-0570.2008.02.001

2008-01-01

Abstract:On , through Extended Euclidean algorithm for binary polynomials, this paper presents a modular inversion circuit on affine coordinates. Base on Fermat's theorem, we designed a modular inversion circuit on standard projective coordinates, which can reuse multiplication and squaring modules. Comparison and analysis on their performances has been made. These circuits hold practical value, and the second one has been embedded in an ECC chip.

R. Coliban

DOI: https://doi.org/10.1109/IDAACS53288.2021.9660847

2021-09-22

Abstract:Modular multiplication is the fundamental operation in Elliptic Curve Cryptography (ECC) and a multitude of hardware implementations have been developed so far. In this paper, a series of modifications to a high performance radix-2 interleaved modular multiplication architecture are proposed. The design was implemented on a Virtex-7 FPGA for five prime fields recommended for ECC by the National Institute of Standards and Technology (NIST), showing a significant improvement in area-time efficiency in comparison to the original architecture.

Engineering,Computer Science

Sen Xu,Haihua Gu,Lingyun Wang,Zheng Guo,JunRong Liu,Xiangjun Lu,Dawu Gu

DOI: https://doi.org/10.1109/cis.2017.00122

2017-01-01

Abstract:As an important operation, modular inversion is crucial for high-performance public key cryptosystems (PKC), especially in Elliptic curve-based schemes over prime fields. Both security and efficiency must be considered in a specific implementation. Straightforward implementation leaks side channel information which can be used for breaking Elliptic curve signature algorithm (ECDSA) through a combination attack. Modular inversion is also the most time-consuming operation which has important impact on the performance. Therefore, efficient and constant time modular inversion is an optimal option to ensure both security and efficiency. In this paper, we describe a general principle on how to construct efficient constant time modular inversion based on Fermat's little theorem (FLT) over prime fields. We give the tight upper bounder of multiplications needed in our schemes. Improvements are obtained from both algorithm architecture and Montgomery trick. We extended our scheme to NIST and Chinese Elliptic curve standard, which can save 90% multiplications. The total improvement is a factor of 2 by comparing the straightforward implementation.

WANG Long,BAI Guo-qiang

2008-01-01

Abstract:RSA and ECC are two prevailing public-key crypto-systems.In order to demonstrate the feasibility of using an RSA coprocessor to accelerate the ECC algorithm,we presented a new method for implementing modular inversion which is required by the ECC algorithm.The new method is based on the Montgomery multiplication algorithm and the Montgomery inversion algorithm.We proposed a modification to the Montgomery inversion algorithm and improved the RSA coprocessor.With regard to performance and hardware cost,the new method compares favorably with other methods for modular inversion.The new method is 2.2 times and 7.2 times faster than the implementations based on the extended Euclidean algorithm and those based on Fermat's little theorem,respectively.

Jing Tian,Jun Lin,Zhongfeng Wang

DOI: https://doi.org/10.1109/sips47522.2019.9020384

2019-01-01

Abstract:Supersingular isogeny key encapsulation (SIKE) protocol delivers promising public and secret key sizes over other post-quantum candidates. However, the huge computations form the bottleneck and limit its practical applications. The modular multiplication operation, which is one of the most computationally demanding operations in the fundamental arithmetics, takes up a large part of the computations in the protocol. In this paper, we propose an improved unconventional-radix finite-field multiplication (IFFM) algorithm which reduces the computational complexity by about 20% compared to previous algorithms. We then devise a new high-speed modular multiplier architecture based on the IFFM. It is shown that the proposed architecture can be extensively pipelined to achieve a very high clock speed due to its complete feedforward scheme, which demonstrates significant advantages over conventional designs. The FPGA implementation results show the proposed multiplier has about 67 times faster throughput than the state-of-the-art designs and more than 12 times better area efficiency than previous works. Therefore, we think that these achievements will greatly contribute to the practicability of this protocol.

Guoqiang Yang,Fanyu Kong,Qiuliang Xu

DOI: https://doi.org/10.1109/trustcom50675.2020.00043

2020-01-01

Abstract:Elliptic curve cryptosystem has been widely applied in a lot of fields, such as finance, E-commerce and E-government. In this paper, we propose an optimized FPGA implementation of elliptic curve cryptosystem over 256-bit prime fields, which has high computational performance and low resource consumption. Specifically, we design a novel modular multiplier supporting four-level pipelining, which only needs 7 clock cycles to complete a single modular multiplication. It can process 4 modular multiplication operations (4 MMPO) simultaneously. We further design, on the basis of 4MMPO, a parallel architecture to efficiently implement point doubling and point addition operation. Finally, we testify the validity of our ECC processor on Xilinx's Virtex-7 FPGA platform. The result shows that it takes only 0.15ms for an elliptic curve point multiplication, the maximum frequency of the processor is about 123.27Mhz and the resource only needs 22938 look-up tables (LUTs).

YUAN Dan-shou,RONG Meng-tian

DOI: https://doi.org/10.3321/j.issn:1006-2467.2006.01.009

2006-01-01

Abstract:A scalable architecture for inversion over Galois field GF(2~k)(1k≤m) was proposed based on an extended Euclid's algorithm.The degree k of the irreducible polynomial F(x) can be changed by adding extra configure signals,which leads to the scalability of the inversion architecture.The computing inversion of an element in GF(2~k) requires 2k clock cycles.The gated clock technique is used to reduce power consumption.The proposed inversion architecture has high order of flexibility,low hardware complexity and low power consumption.It suits VLSI design of high-security cryptographic algorithms with small silicon area requirement.

Qiucheng Deng,Xuefei Bai,Li Guo,Yao Wang

DOI: https://doi.org/10.1109/primeasia.2009.5397344

2009-01-01

Abstract:In this paper, a fast hardware implementation of multiplicative inversion in GF(2m) using the optimal normal basis of type II is presented. The approach followed is based on the Sunar-Koc multiplier and the Itoh-Tsujii algorithm. Our design is able to compute multiplicative inversion in GF(2233) using only 26 clock cycles.

DanShou Yuan,Mengtian Rong

2006-01-01

Abstract:A modified extended binary Euclid's algorithm which is more regularly iterative for computing an inversion in GF(2m) is presented. Based on above modified algorithm, a serial-in serial-out architecture is proposed. It has area complexity of O(m), latency of 5m-2, and throughput of 1/m. Compared with other serial systolic architectures, the proposed one has the smallest area complexity, shorter latency. It is highly regular, modular, and thus well suited for high-speed VLSI design.

Jinnan Ding,Shuguo Li

DOI: https://doi.org/10.1109/trustcom/bigdatase/icess.2017.353

2017-01-01

Abstract:Elliptic curve cryptography (ECC) is widely used in the field of cyber security such as TLS protocol. Compared with symmetric cryptography, the computation of ECC is much slower. In this paper, a reconfigurable high-speed processor supporting all currently used NIST primes on FPGA platform is constructed. The modular addition and substraction is eliminated in our design by applying lazy reduction strategy. Throughput of modular multiplication is improved significantly with Karatsuba algorithm and compact pipeline schedule. The latency of modular inverse is tactfully avoided by pipeline coverage at the level of scalar multiplication. Furthermore, Montgomery-ladder algorithm and base-point randomization is applied to resist side-channel and timing attacks. Most of these techniques can also be used in software designs. Compared with previous works, our FPGA design outperforms times of others in term of scalar multiplication performance, while the hardware cost remains moderate, which makes it suitable for computation-intensive applications.

Xiang Feng,Shuguo Li

DOI: https://doi.org/10.1587/transfun.e98.a.863

2015-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Field Programmable Gate Array (FPGA) implementation of Elliptic Curve Cryptography (ECC) over GF(p) is commonly not fast enough to meet the request of high-performance applications. There are three critical factors to determine the performance of ECC processor over GF(p): multiplication structure, modular multiplication algorithm, and scalar point multiplication scheduling. This work proposes a novel multiplication structure which is a two-stage pipeline on the basis of Karatsuba-Ofman algorithm. With the proposed multiplication structure, we design a 256-bit modular multiplier based on Improved Barret Modular Multiplication algorithm. Upon the modular multiplier, we finish the scalar point multiplication scheduling and implement a high-performance ECC processor on FPGA. Compared with the previous modular multipliers, our modular multiplier reduces the 256-bit modular multiplication time by 28% at least. Synthesis result on Altera Stratix II shows that our ECC processor can complete a 256-bit ECC scalar point multiplication in 0.51ms, which is at least 1.3 times faster than the currently reported FPGA ECC processors over GF(p).

Jinnan Ding,Shuguo Li

DOI: https://doi.org/10.1109/tcsii.2017.2771239

2018-01-01

Abstract:In this brief, we propose a modular multiplication algorithm with four truncated multiplications to reduce the critical path. According to our algorithm, a high-speed 3-stage modular multiplier is constructed. Moreover, synthesized with TSMC 90 nm, our design can perform a 256-bit modular multiplication for every clock period of 3.58 ns with circuit scale of approximately 629K equivalent gates. Further, by utilizing the modular multiplier, an elliptic curves cryptography processor is constructed, and it can perform a scalar multiplication in 19.4 $\mu \text{s}$ , which is one of the fastest to date in published literatures.