高性能可扩展公钥密码协处理器研究与设计

 本文提出了一种高效的点乘调度策略和改进的双域高基Montgomery模乘算法,在此基础上设计了一种新型高性能可扩展公钥密码协处理器体系结构,并采用0.18μm 1P6M标准CMOS工艺实现了该协处理器,以支持RSA和ECC等公钥密码算法的计算加速.该协处理器通过扩展片上高速存储器和使用以基数为处理字长的方法,具有良好的可扩展性和较强的灵活性,支持2048位以内任意大数模幂运算以及576位以内双域任意椭圆曲线标量乘法运算.芯片测试结果表明其具有很好的加速性能,完成一次1024位模幂运算仅需197μs、GF(p)域192位标量乘法运算仅需225μs、GF(2^m)域163位标量乘法运算仅需200.7μs.     

基于GF（2^n）的ECC协处理器芯片设计

文章讨论了定义在Galois Field(GF)2^n有限域上椭圆曲线密码体制(ECC)协处理器芯片的设计。首先在详细分析基于GF(2^n)ECC算法的基础上提取了最基本和关键的运算，并提出了通过协处理器来完成关键运算步骤，主处理器完成其它运算的ECC加／解密实现方案。其次，进行了加密协处理器体系结构设计，在综合考虑面积、速度、功耗的基础上选择了全串行方案来实现GF(2^n)域上的乘和加运算。然后，讨论了加密协处理器芯片的电路设计和仿真、验证问题。最后讨论了芯片的物理设计并给出了样片的测试结果。     

基于GF(2~n)的ECC协处理器芯片设计

文章讨论了定义在GaloisField(GF)2有限域上椭圆曲线密码体制(ECC)协处理器芯片的设计。首先在详细分析基于GF(2n)ECC算法的基础上提取了最基本和关键的运算,并提出了通过协处理器来完成关键运算步骤,主处理器完成其它运算的ECC加/解密实现方案。其次,进行了加密协处理器体系结构设计,在综合考虑面积、速度、功耗的基础上选择了全串行方案来实现GF(2n)域上的乘和加运算。然后,讨论了加密协处理器芯片的电路设计和仿真、验证问题。最后讨论了芯片的物理设计并给出了样片的测试结果。     

一种适用于多种公钥密码算法的模运算处理器

文章设计了一种能够实现多种公钥密码算法（如RSA、ECC、DSA等）的协处理器。通过分析几种常用的公钥密码算法，归纳了一组最常用的基本模运算指令。基于基本指令，设计优化了处理器硬件结构。用微代码循环调用执行这些基本指令，实现其他各种模运算指令。基于这些模运算指令，处理器可实现多种公钥密码算法的运算。该处理器支持从106位到2048位多种长度的模运算。采用流水线结构设计，处理速度较快。处理器占用芯片面积小，核心电路等效门数约为26000门，适用于智能卡等对芯片面积有严格限制的应用。     

小面积、低能耗的GF（2^m）域ECC模运算VLSI实现

以面积、能耗为优先准则,研究了GF(2m)域椭圆曲线密码(ECC)模运算VLSI的实现.选择GF(2163)上固定多项式基,引入了简单有效的快速模平方算法和改进的模逆算法,利用串行结构分别实现了模乘、模平方与模逆模块.基于UMC 0.25μm 1.8V工艺库的仿真结果表明,提出的串行模乘、快速组合逻辑模平方和快速模逆VLSI实现方式,通过牺牲域多项式灵活性,能够有效地减小面积、降低能耗,适合于资源受限的ECC系统.     

一种新型硬件可配置公钥制密码协处理器的VLSI实现

提出了一种新型的硬件可配置的密码协处理器，同时适用于GF(p)和GF(2^m)两种域，可以实现RSA和ECC两种目前主流的加密算法。同时又具备硬件可配置的特点，可以完成32—512bit的模乘运算而无需对硬件做任何修改。本文的密码协处理芯片用TSMC0．35μm标准单元库综合，可以工作在100MHz时钟下，等效单元45k等效门，512bit的模乘运算速度可以达到190kbit／s，一次椭圆曲线上的233bit的点加运算只需18μs。     

Systolic Array算法的流水设计及其在ECC硬件实现中的应用

Systolic Array算法用于Montgomery模乘算法的硬件实现,该算法的流水设计可以很好地应用到椭圆曲线密码(ECC)的硬件实现中,大大提高了实现效率。     

长整数模运算的体系结构研究与实现

随着计算机网络技术的迅猛发展和网络技术在各行各业中的广泛应用,信息安全问题日益突出.密码技术可以有效的保证信息的保密性、完整性、可用性和抗抵赖性.密码技术,特别是公钥密码技术中的RSA算法和椭圆曲线(Ellipse Curve Cryptography, ECC)算法的硬件电路级实现,代表着一个国家信息安全保障的水平.主要研究工作为长整数模运算的体系结构研究与实现.对几种模乘运算算法进行研究,并对线性和高基两种电路体系结构进行比较.     

椭圆曲线密码体制中快速标量乘算法实现

椭圆曲线密码(ECC),是一种以椭圆曲线离散对数问题为出发点而制定出的各种公钥密码体制,在1985年由学者Koblitz和Miller两人分别独立提出。ECC的主要特征是采用有限域上的椭圆曲线有限点群而非是传统的基于离散对数问题密码体制中所采用的有限循环群。因为标量乘算法是ECC中最耗时同时也是最为重要的算法,因为其运算效率的高低将直接影响到ECC实现的效率。本篇论文即是研究椭圆曲线密码中的标量乘法,以期能够探寻出一种快速安全的标量乘算法。     

一种网络安全协处理器的椭圆曲线密码模块设计

提出了一种网络安全协处理器的椭圆曲线密码(ECC)模块设计方法,可以两个核共同完成多种椭圆曲线数字签名算法,而且支持多倍点、点加和点验证运算.在0.18μmCMOS工艺下,综合后关键路径为3.42ns、面积为3.58mm2.时钟频率为250MHz时,每秒完成770多次参数长度为192位椭圆曲线数字签名算法(ECDSA)的签名或者验证.     

Hardware Elliptic Curve Cryptographic Processor Over$rm GF(p)$

A novel hardware architecture for elliptic curve cryptography (ECC) over$ GF(p)$is introduced. This can perform the main prime field arithmetic functions needed in these cryptosystems including modular inversion and multiplication. This is based on a new unified modular inversion algorithm that offers considerable improvement over previous ECC techniques that use Fermat's Little Theorem for this operation. The processor described uses a full-word multiplier which requires much fewer clock cycles than previous methods, while still maintaining a competitive critical path delay. The benefits of the approach have been demonstrated by utilizing these techniques to create a field-programmable gate array (FPGA) design. This can perform a 256-bit prime field scalar point multiplication in 3.86 ms, the fastest FPGA time reported to date. The ECC architecture described can also perform four different types of modular inversion, making it suitable for use in many different ECC applications.     

Elixir: High-Throughput Cost-Effective Dual-Field Processors and the Design Framework for Elliptic Curve Cryptography

We present a design framework that consists of a high-throughput, parallel, and scalable elliptic curve cryptographic (ECC) processor, and its cost-effectiveness methodology for the design exploration. A two-phase scheduling methodology is proposed to optimize the ECC arithmetic over both ${rm GF}(p)$ and ${rm GF}(2^m)$. Based on the methodology, a parallel and scalable ECC architecture is also proposed. Our dual-field ECC architecture supports arbitrary elliptic curves and arbitrary finite fields with different field sizes. The optimization to a variety of applications with different area/throughput requirements can be achieved rapidly and efficiently. Using 0.13-$mu$m CMOS technology, a 160-bit ECC processor core is implemented, which can perform elliptic-curve scalar multiplication in 340 $mu$s over ${rm GF}(p)$ and 155 $mu$s over ${rm GF}(2^m)$, respectively. The comparison of speed and area overhead among different ECC designs justifies the cost-effectiveness of the proposed ECC architecture with its design methodology.      

Fast Elliptic Curve Cryptography on FPGA

This paper details the design of a new high-speed pipelined application-specific instruction set processor (ASIP) for elliptic curve cryptography (ECC) using field-programmable gate-array (FPGA) technology. Different levels of pipelining were applied to the data path to explore the resulting performances and find an optimal pipeline depth. Three complex instructions were used to reduce the latency by reducing the overall number of instructions, and a new combined algorithm was developed to perform point doubling and point addition using the application specific instructions. An implementation for the United States Government National Institute of Standards and Technology-recommended curve over GF(2¹⁶³) is shown, which achieves a point multiplication time of 33.05 s at 91 MHz on a Xilinx Virtex-E FPGA-the fastest figure reported in the literature to date. Using the more modern Xilinx Virtex-4 technology, a point multiplication time of 19.55 s was achieved, which translates to over 51120 point multiplications per second.     

Flexible Hardware Processor for Elliptic Curve Cryptography Over NIST Prime Fields

Exchange of private information over a public medium must incorporate a method for data protection against unauthorized access. Elliptic curve cryptography (ECC) has become widely accepted as an efficient mechanism to secure sensitive data. The main ECC computation is a scalar multiplication, translating into an appropriate sequence of point operations, each involving several modular arithmetic operations. We describe a flexible hardware processor for performing computationally expensive modular addition, subtraction, multiplication, and inversion over prime finite fields $GF(p)$ . The proposed processor supports all five primes $p$ recommended by NIST, whose sizes are 192, 224, 256, 384, and 521 bits. It can also be programmed to automatically execute sequences of modular arithmetic operations. Our field-programmable gate-array implementation runs at 60 MHz and takes between 4 and 40 ms (depending on the used prime) to perform a typical scalar multiplication.      

Efficient FPGA Implementation of a Programmable Architecture for GF(p) Elliptic Curve Crypto Computations

This paper presents a processor architecture for elliptic curve cryptography computations over GF(p). The speed to compute the Elliptic-curve point multiplication over the prime fields GF(p) is increased by using the maximum degree of parallelism, and by carefully selecting the most appropriate coordinates system. The proposed Elliptic Curve processor is implemented using FPGAs. The time, area and throughput results are obtained, analyzed, and compared with previously proposed designs showing interesting performance and features.     

Novel Method for DNA-Based Elliptic Curve Cryptography for IoT Devices

Elliptic curve cryptography (ECC) can achieve relatively good security with a smaller key length, making it suitable for Internet of Things (IoT) devices. DNA-based encryption has also been proven to have good security. To develop a more secure and stable cryptography technique, we propose a new hybrid DNA-encoded ECC scheme that provides multilevel security. The DNA sequence is selected, and using a sorting algorithm, a unique set of nucleotide groups is assigned. These are directly converted to binary sequence and then encrypted using the ECC; thus giving double-fold security. Using several examples, this paper shows how this complete method can be realized on IoT devices. To verify the performance, we implement the complete system on the embedded platform of a Raspberry Pi 3 board, and utilize an active sensor data input to calculate the time and energy required for different data vector sizes. Connectivity and resilience analysis prove that DNA-mapped ECC can provide better security compared to ECC alone. The proposed method shows good potential for upcoming IoT technologies that require a smaller but effective security system.     

Customizable elliptic curve cryptosystems

This paper presents a method for producing hardware designs for elliptic curve cryptography (ECC) systems over the finite field GF(2/sup m/), using the optimal normal basis for the representation of numbers. Our field multiplier design is based on a parallel architecture containing multiple m-bit serial multipliers; by changing the number of such serial multipliers, designers can obtain implementations with different tradeoffs in speed, size and level of security. A design generator has been developed which can automatically produce a customised ECC hardware design that meets user-defined requirements. To facilitate performance characterization, we have developed a parametric model for estimating the number of cycles for our generic ECC architecture. The resulting hardware implementations are among the fastest reported: for a key size of 270 bits, a point multiplication in a Xilinx XC2V6000 FPGA at 35 MHz can run over 1000 times faster than a software implementation on a Xeon computer at 2.6 GHz.     

AN IMPLEMENTATION OF FAST ALGORITHM FOR ELLIPTIC CURVE CRYPTOSYSTEM OVER GF（p）

The design and implementation of fast algorithms related to Elliptic Curve Cryptography (ECC) over the field GF(p), such as modular addition, modular subtraction, point addition, point production, choice of embedding plaintext to a point, etc. are given. A practical software library has been produced which supports variable length implementation of the ECCbased ElGamal cryptosystem. More importantly, this scalable architecture of the design enables the ECC being used in restricted platforms as well as high-end servers based on Intel Pentium CPU. Applications such as electronic commerce security, data encryption communication, etc.are thus made possible for real time and effective ECC.     

基于VLIW体系结构的椭圆曲线密码专用指令处理器

The requirement of the flexible and effective implementation of the Elliptic Curve Cryptography (ECC) has become more and more exigent since its dominant position in the public-key cryptography application. Based on analyzing the basic structure features of Elliptic Curve Cryptography (ECC) algorithms, the parallel schedule algorithm of point addition and doubling is presented. And based on parallel schedule algorithm, the Application Specific Instruction-Set Co-Processor of ECC that adopting VLIW architecture is also proposed in this paper. The coprocessor for ECC is implemented and validated using Altera’s FPGA. The experimental result shows that our proposed coprocessor has advantage in high performance and flexibility.