A Low Hardware Consumption Elliptic Curve Cryptographic Architecture over GF(p) in Embedded Application
Abstract
:1. Introduction
- Interleaved Modular Multiplication Algorithm and Binary Modular Inversion Algorithm are improved carefully to make full use of hardware source of adder and register. MM and MI are implemented with two full-word adder units and four full-word register units.
- The utilization of registers is optimized to minimize the hardware area. For data register, MA, MS, MM, MI consume four full-word register units and scalar multiplication (SM) operation uses eight full-word register units.
- The architecture is flexible and safe from SPA. The parameters, such as prime value p, elliptic curve point P and scalar value k, can be easily deployed without hardware reconfiguration.
2. Mathematical Background
2.1. Elliptic Curve Over GF(p)
2.2. Elliptic Curve Scalar Multiplication
Algorithm 1: Elliptic Curve SPA Resistant Scalar Multiplication |
Input: scalar k and, EC point P Output: EC point : 1: ; 2: for down to 0 do 3: 4: 5: 6: end 7: reture |
3. Scalar Multiplication Architecture
3.1. Modular Addition/Subtraction
Algorithm 2: Modular Addition and Subtraction in GF(p) | |
Input: : is prime field. | Input: : is prime field. |
Output: R: | Output: R: |
1: | 1: |
2: | 2: |
3: if then | 3: if then |
4: return | 4: return |
5: else | 5: else |
6: return | 6: return |
3.2. Modular Multiplication
Algorithm 3: Standard Interleaved Modular Multiplication Algorithm |
Input: : is prime field. Output: R: 1: 2: for downto 0 do 3: 4: if then 5: if then 6: end 7: return R |
Algorithm 4: Interleaved Modular Multiplication Algorithm |
Input: : is prime field. Output: R: 1: 2: for downto 0 do 3: 4: 5: end 6: if then 7: return R |
3.3. Modular Inversion
Algorithm 5: Binary Modular Inversion Algorithm |
Input: Output: y, satisfying step1: ; ; ; ; step2: if (u is even) ; if (r is odd) ; else if (r is negative) ; else ; step3: if (v is even) ; if (s is odd) else if (s is negative) else step4: if (both u and v are odd) if () ; ; else ; ; step5: if () if () return ; else return r. else if () if () return ; else return s. else go to step 2. |
3.4. Point Addition and Point Doubling
Algorithm 6: Point Addition and Point Doubling | |
Input: ), | Input: , |
Output: | where and |
1: | Output: |
2: | 1: |
3: | 2: |
4: | 3: |
5: | 4: |
6: | 5: |
7: | 6: |
8: | 7: |
9: | 8: |
10: return , | 9: |
10: | |
11: | |
12: | |
13: return , |
3.5. Scalar Multiplier Architecture
4. Implementation and Result
5. Conclusions
Author Contributions
Funding
Conflicts of Interest
Abbreviations
ECC | elliptic curve cryptography |
EC | elliptic curve |
SM | scalar multiplication |
MM | modular multiplication |
MI | modular inversion |
MA | modular addition |
MS | modular subtraction |
PA | point addition |
PD | point doubling |
References
- Miller, V.S. Use of elliptic curves in cryptography. In Proceedings of the Annual International Cryptology Conference (CRYPTO), Santa Barbara, CA, USA, 18–22 August 1985; pp. 417–426. [Google Scholar]
- Koblitz, N. Elliptic curve cryptosystems. Math. Comput. 1987, 48, 203–209. [Google Scholar] [CrossRef]
- National Institute of Standards and Technology. Digital Signature Standard; FIPS Publication 186-2; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2000.
- American National Standards Institute. ANSI X9.63, Public Key Cryptography for the Financial Services Industry: Elliptic Curve Key Agreement and Key Transport Protocols; American National Standards Institute: Washington, DC, USA, 2000. [Google Scholar]
- Institute of Electrical and Electronic Engineers. P1363 Standard Specifications for Public Key Cryptography; Institute of Electrical and Electronic Engineers: Piscataway, NJ, USA, 2000. [Google Scholar]
- Javeed, K.; Wang, X. FPGA Based High Speed SPA Resistant Elliptic Curve Scalar Multiplier Architecture. Int. J. Reconfig. Comput. 2016, 2016, 6371403. [Google Scholar] [CrossRef]
- Marzouqi, H.; Al-Qutayri, M.; Salah, K. Review of Elliptic Curve Cryptography processor designs. Microprocess. Microsyst. 2015, 39, 97–112. [Google Scholar] [CrossRef]
- Satoh, A.; Takano, K. A scalable dual-field elliptic curve cryptographic processor. IEEE Trans. Comput. 2003, 52, 449–460. [Google Scholar] [CrossRef]
- Paar, C. Ultra High Performance ECC over NIST Primes on Commercial FPGAs. In Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Washington, DC, USA, 10–13 August 2008; Springer: Berlin/Heidelberg, Germany, 2008; pp. 62–78. [Google Scholar]
- Zhao, Z.; Bai, G. Ultra High-Speed SM2 ASIC Implementation. In Proceedings of the 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, Beijing, China, 24–26 September 2014; pp. 182–188. [Google Scholar]
- Khan, Z.-U.-A.; Benaissa, M. Throughput/Area-efficient ECC Processor Using Montgomery Point Multiplication on FPGA. IEEE Trans. Circuits Syst. II Express Briefs 2015, 62, 1078–1082. [Google Scholar] [CrossRef]
- Ghosh, S.; Alam, M.; Chowdhury, D.R.; Gupta, I.S. Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks. Comput. Electr. Eng. 2009, 35, 329–338. [Google Scholar] [CrossRef]
- Sghaier, A.; Zeghid, M.; Massoud, C.; Mahchout, M. Design And Implementation of Low Area/Power Elliptic Curve Digital Signature Hardware Core. Electronics 2017, 6, 46. [Google Scholar] [CrossRef]
- Wajih, E.; Noura, B.; Mohsen, M.; Rached, T. Low Power Elliptic Curve Digital Signature Design for Constrained Devices. Int. J. Secur. 2012, 6, 1–14. [Google Scholar]
- Chen, G.; Bai, G.; Chen, H. A High-Performance elliptic curve cryptographic processor for general curves over GF(p) based on a systolic arithmetic unit. IEEE Trans. Circuits Syst. II Express Briefs 2007, 54, 412–416. [Google Scholar] [CrossRef]
- Wenger, E.; Feldhofer, M.; Felber, N. Low-resource hardware design of an elliptic curve processor for contactless devices. In Proceedings of the International Conference on Information Security Applications, Jeju Island, Korea, 24–26 August 2010; Springer: Berlin/Heidelberg, Germany, 2010; pp. 92–106. [Google Scholar]
- Leinweber, L.; Papachristou, C.; Wolff, F.G. Efficient architectures for elliptic curve cryptography processors for RFID. In Proceedings of the IEEE International Conference on Computer Design, Lake Tahoe, CA, USA, 4–7 October 2009; pp. 372–377. [Google Scholar]
- Azarderakhsh, R.; Järvinen, K.U.; Mozaffari-Kermani, M. Efficient algorithm and architecture for elliptic curve cryptography for extremely constrained secure applications. IEEE Trans. Circuits Syst. I Regul. Pap. 2014, 61, 1144–1155. [Google Scholar] [CrossRef]
- Montgomery, P.L. Modular multiplication without trial division. Math. Comput. 1985, 44, 519–521. [Google Scholar] [CrossRef]
- Nassar, M.A.; El-Sayed, L.A.A. Efficient interleaved modular multiplication based on sign detection. In Proceedings of the 2015 IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA), Marrakech, Morocco, 17–20 November 2015; pp. 1–5. [Google Scholar]
- Hankerson, D.; Menezes, A.; Vanstone, S. Guide to Elliptic Curve Cryptography; Springer: New York, NY, USA, 2004. [Google Scholar]
- Amanor, D.N.; Paar, C.; Pelzl, J.; Bunimov, V. Efficient Hardware Architectures for Modular Multiplication. Master’s Thesis, The University of Applied Sciences Offenburg, Offenburg, Germany, 2005. [Google Scholar]
- Ghosh, S.; Alam, M.; Gupta, I.S.; Chowdhury, D.R. A Robust GF(p) parallel arithmetic unit for public key cryptography. In Proceedings of the 10th Euromicro Conference on Digital System Design Architectures, Methods and Tools (DSD 2007), Lubeak, Germany, 29–31 August 2007; pp. 109–115. [Google Scholar]
- Urbano-Molano, F.A.; Trujillo-Olaya, V.; Velasco-Medina, J. Design of an elliptic curve cryptoprocessor using optimal normal basis over GF(2233). In Proceedings of the 2013 IEEE 4th Latin American Symposium on Circuits and Systems (LASCAS), Cusco, Peru, 27 February–1 March 2013; pp. 1–4. [Google Scholar]
State | 111 | 000 | 001 | 010 | 011 | 100 | 101 | 110 |
---|---|---|---|---|---|---|---|---|
+ | + | − | − | 0 | + | null | ||
r | s | r | s | 0 | r | null | ||
0 | null | |||||||
0 | 0 | 1 | 1 | 0 | 0 | null | ||
− | − | − | − | 0 | + | null | ||
u | u | v | 0 | s | null | |||
0 | null | |||||||
1 | 1 | 1 | 1 | 0 | 0 | null | ||
r | 0 | r | r | r | r | null | ||
s | b | s | s | null | ||||
u | p | u | u | u | u | null | ||
v | a | v | v | v | v | null |
Field Order | Number of Cycles | ||||
---|---|---|---|---|---|
Modular Mult. | Modular Inversion | Point Addition | Point Doubling | Scalar Mult. | |
160 | 163 | 338 | 671 | 834 | 239 k |
192 | 195 | 405 | 801 | 998 | 344 k |
224 | 227 | 473 | 932 | 1163 | 467 k |
256 | 259 | 545 | 1066 | 1325 | 610 k |
Field Order | Total Area | Area | Percent | ||||
---|---|---|---|---|---|---|---|
Register | Adder | Reg and Add | Register | Adder | Reg and Add | ||
160 | 35.43 | 9.91 | 4.86 | 14.77 | 27.97% | 13.72% | 41.69% |
192 | 43.37 | 11.83 | 6.26 | 18.09 | 27.28% | 14.43% | 41.71% |
224 | 50.38 | 13.93 | 7.23 | 21.16 | 27.65% | 14.35% | 42.00% |
256 | 57.05 | 15.75 | 8.61 | 24.36 | 27.61% | 15.09% | 42.70% |
Design | Technology | Field Order | Area (k gate) | Frequency (MHz) | Cycles (k) | SM (ms) | AT | Power (mW) | Energy (J) |
---|---|---|---|---|---|---|---|---|---|
This work | 130 nm | 160 | 35.43 | 150 | 239 | 1.60 | 57 | 7.40 | 11.79 |
192 | 43.37 | 150 | 342 | 2.28 | 99 | 8.18 | 18.65 | ||
224 | 50.38 | 150 | 468 | 3.12 | 157 | 10.05 | 31.36 | ||
256 | 57.05 | 150 | 610 | 4.07 | 232 | 11.60 | 47.17 | ||
[12] | 130 nm | 160 | 101.3 | 150 | 129.3 | 0.87 | 88 | - | - |
192 | 123.1 | 138 | - | 1.36 | 167 | - | - | ||
224 | 143.9 | 130 | - | 1.95 | 281 | - | - | ||
256 | 167.5 | 110 | - | 3.01 | 504 | - | - | ||
[8] | 130 nm | 160 | 117.5 | 137.7 | 153 | 1.21 | 142 | - | - |
192 | 118.02 | 137.7 | 184 | 1.44 | 170 | - | - | ||
224 | 120.26 | 137.7 | 297 | 2.34 | 281 | - | - | ||
256 | 120.26 | 137.7 | 340 | 2.68 | 322 | - | - | ||
[10] | 130 nm | 256 | 659 | 163.7 | 3.3 | 0.02 | 13 | - | - |
[15] | 130 nm | 256 | 122 | 556 | 562 | 1.01 | 123 | - | - |
[16] | UMC L180 | P-192 | 11.686 | 1.695 | 1003 | 592 | 6915 | 0.193 | 114.2 |
[17] | IBM 130 nm | GF() | 8.756 | - | 191 | - | - | - | 4.19 |
[18] | 65 nm | GF() | 11.571 | 13.56 | 7.87 | 0.58 | 6.71 | 0.077 | 0.61 |
Field Order | Frequency (MHz) | Cycles (k) | Slice LUTs | Flip Flops | DSP | Slice |
---|---|---|---|---|---|---|
160 | 26.89 | 239 | 9199 | 2833 | 8 | 5595 |
192 | 21.55 | 342 | 11,184 | 3377 | 10 | 7080 |
224 | 20.87 | 468 | 14,184 | 2787 | 12 | 8423 |
256 | 20.44 | 610 | 16,195 | 3194 | 14 | 9370 |
Design | Platform | Field Order | Area | Frequency (MHz) | Cycles (k) | SM (ms) |
---|---|---|---|---|---|---|
This work | Virtex-4 | 160 | 5595 Slices | 26.89 | 239 | 8.89 |
192 | 7080 Slices | 21.55 | 342 | 15.87 | ||
224 | 8423 Slices | 20.87 | 468 | 22.43 | ||
256 | 9370 Slices | 20.44 | 610 | 29.84 | ||
[6] | Virtex-4 | 160 | 7088 Slices | 53 | 74.2 | 1.4 |
192 | 8590 Slices | 48 | 110.4 | 2.3 | ||
224 | 10,800 Slices | 43 | 150.5 | 3.5 | ||
256 | 13,158 Slices | 40 | 200.0 | 5.0 | ||
[12] | Virtex-4 | 160 | 12,415 Slices | 60 | 132.0 | 2.2 |
192 | 14,858 Slices | 53 | 185.5 | 3.5 | ||
224 | 17,331 Slices | 47 | 253.8 | 5.4 | ||
256 | 20,123 Slices | 43 | 331.1 | 7.7 | ||
[13] | Virtex-5 | GF() | 9670 Slices | 147.5 | 41.7 | 0.283 |
[14] | Virtex-4 | GF() | 13,016 Slice LUTs | 194.88 | 109.7 | 0.5621 |
6823 Flip Flops | ||||||
[24] | EP3SL150F1153C | GF() | 8799 ALUT | 276.24 | 447.5 | 1.621 |
7143 Registers |
© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Hu, X.; Zheng, X.; Zhang, S.; Cai, S.; Xiong, X. A Low Hardware Consumption Elliptic Curve Cryptographic Architecture over GF(p) in Embedded Application. Electronics 2018, 7, 104. https://doi.org/10.3390/electronics7070104
Hu X, Zheng X, Zhang S, Cai S, Xiong X. A Low Hardware Consumption Elliptic Curve Cryptographic Architecture over GF(p) in Embedded Application. Electronics. 2018; 7(7):104. https://doi.org/10.3390/electronics7070104
Chicago/Turabian StyleHu, Xianghong, Xin Zheng, Shengshi Zhang, Shuting Cai, and Xiaoming Xiong. 2018. "A Low Hardware Consumption Elliptic Curve Cryptographic Architecture over GF(p) in Embedded Application" Electronics 7, no. 7: 104. https://doi.org/10.3390/electronics7070104