椭圆曲线密码体制中的快速点乘算法

点乘运算是实现椭圆曲线密码体制的基本运算,同时也是最耗时的运算,它的运算效率直接决定着ECC的性能。本文从三方面分析了椭圆曲线密码体制中快速点乘的实现,并将Marc Joye和Sung-Ming Yen提出的具有最小汉明重的从左到右带符号二进制编码应用于椭圆曲线密码体制的点乘算法中,生成了一个能快速实现的二进制编码新点乘算法,适用于计算能力和集成电路空间受限,要求高速实现的情况。     

椭圆曲线密码体制中的快速点乘算法

点乘运算是实现椭圆曲线密码体制的基本运算，同时也是最耗时的运算，它的运算效率直接决定着ECC的性能。本文从三方面分析了椭圆曲线密码体制中快速点乘的实现，并将Marc Joye和Sung—Ming Yen提出的具有最小汉明重的从左到右带符号二进制编码应用于椭圆曲线密码体制的点乘算法中，生成了一个能快速实现的二进制编码新点乘算法，适用于计算能力和集成电路空间受限，要求高速实现的情况。     

GF(p)上椭圆曲线密码的并行基点选取算法研究*

提出一种GF(p)上椭圆曲线密码系统的并行基点选取算法,该算法由并行随机点产生算法和并行基点判断算法两个子算法组成,给出了算法性能的理论分析和实验结果.结果表明:各并行处理器单元具有较好的负载均衡特性;当执行并行基点判断算法,其标量乘的点加计算时间是点倍数计算时间的三倍时,算法的并行效率可达90%.因此该算法可用于椭圆曲线密码(Elliptic Curve Cryptography,ECC)中基点的快速选取,从而提高ECC的加/解密速度.     

Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks

All elliptic curve cryptographic schemes are based on scalar multiplication of points, and hence its faster computation signifies faster operation. This paper proposes two different parallelization techniques to speedup the GF(p) elliptic curve multiplication in affine coordinates and the corresponding architectures. The proposed implementations are capable of resisting different side channel attacks based on time and power analysis. The 160, 192, 224 and 256 bits implementations of both the architectures have been synthesized and simulated for both FPGA and 0.13μ CMOS ASIC. The final designs have been prototyped on a Xilinx Virtex-4 xc4vlx200-12ff1513 FPGA board and performance analyzes carried out. The experimental result and performance comparison show better throughput of the proposed implementations as compared to existing reported architectures.     

抗能量攻击的新标量乘算法

标量乘算法是椭圆曲线密码中最基础也是最关键的运算,对整个密码体制的效率和安全性具有举足轻重的作用.在分析NAF(Non-Adjacent Form)标量乘算法和能量分析攻击基础上,综合考虑标量乘算法的速度和安全性,提出一种随机高效的ECC快速算法——改进的随机标量乘算法.与已有算法相比,该算法在保证同NAF等汉明重量的基础上,克服了由于引入随机变量所导致的冗余计算,实现了速度与安全的折中;也克服了NAF标量乘中需要预存储标量的不足,提高了存储效率.同时通过引入随进变量,每次产生不同的随机NAF表示,增强了抗SPA、DPA的攻击.     

基于椭圆曲线密码的分组网通信安全与保密

提出一种基于椭圆曲线数字签名方法，研究由H.323协议集部署的基于分组网络的多媒体终端通信的安全与保密，包括认证、隐私性、完整性及不可否认性。给出椭圆曲线密码体制（ECC）的定义与椭圆曲线数字签名方案，设计与实现了有限域GF(p)上与(ECC)相关的快速算法，包括模乘、点加、点积等算法，由此可构造出一个实用的支持各种安全级的软件引擎。使得结合H.235协议与H.323信令流程的ECC安全应用变得实际可行。     

??????????????????????????????

提出一种基于椭圆曲线数字签名方法，研究由H.323协议集部署的基于分组网络的多媒体终端通信的安全与保密，包括认证、隐私性、完整性及不可否认性。给出椭圆曲线密码体制（ECC）的定义与椭圆曲线数字签名方案，设计与实现了有限域GF（p）上与（ECC）相关的快速并法，包括模乘、点加、点积等算法，由此可构造出一个实用的支持各种安全级的软件引擎。使得结合H-235协议与H-323信令流程的ECC安全应用变得实际可行。     

椭圆曲线密码中抗功耗分析攻击的标量乘改进方案

椭圆曲线标量乘法运算是椭圆曲线密码(ECC)体制中最主要的计算过程,标量乘法的效率和安全性一直是研究的热点。针对椭圆曲线标量乘运算计算量大且易受功耗分析攻击的问题,提出了一种抗功耗分析攻击的快速滑动窗口算法,在雅可比和仿射混合坐标系下采用有符号滑动窗口算法实现椭圆曲线标量乘计算,并采用随机化密钥方法抵抗功耗分析攻击。与二进制展开法、密钥分解法相比的结果表明,新设计的有符号滑动窗口标量乘算法计算效率、抗攻击性能有明显提高。     

一种高性能R-LWE格加密算法的电路结构及其FPGA实现

随着量子计算机的发展,传统的公钥加密方案,如RSA加密和椭圆曲线加密算法(Elliptic curve cryptography,ECC）受到了严重威胁。为了对抗量子攻击,基于格的密码学引起了关注,其中环错误学习（Ring-learning with error,R-LWE）格加密算法具有电路实现简单、抗量子攻击等优点,在硬件加密领域具有极大的应用潜力。本文从硬件应用的角度,提出并实现了一种R-LWE加密方案中多项式乘法的并行电路结构,采用了数论转换（Number theoretic transforms, NTT）方法,并使用了两个并行的蝶形运算单元。结果表明在增加较少硬件资源的情况下,本文设计的算法提升了42%的运算速度。     

域椭圆曲线点乘的VLSI实现方法研究

为了实现椭圆曲线密码算法的高效性,提出了基于优化的底层有限域算法的点乘设计方法;基于对二进制有限域运算的研究,提出并行模乘算法和基于欧几里得算法的右移求逆算法,并在实现中进行优化,在此基础上采用蒙哥马利算法实现点乘的快速运算;根据该算法,提出了ECC硬件电路实现方法,并用Verilog RTL进行逻辑设计,最终在Xilinx的XC7A100T FPGA硬件平台上验证实现;通过仿真测试、综合验证和时序后仿真的结果分析,所设计电路的时钟频率可以达到110 MHz,运算速度可达2.92 ms,证明了设计的有效性和可行性。     

Error Detection and Fault Tolerance in ECSM Using Input Randomization

For some applications, elliptic curve cryptography (ECC) is an attractive choice because it achieves the same level of security with a much smaller key size in comparison with other schemes such as those that are based on integer factorization or discrete logarithm. For security reasons, especially to provide resistance against fault-based attacks, it is very important to verify the correctness of computations in ECC applications. In this paper, error-detecting and fault-tolerant elliptic curve cryptosystems are considered. Error detection may be a sufficient countermeasure for many security applications; however, fault-tolerant characteristic enables a system to perform its normal operation in spite of faults. For the purpose of detecting errors due to faults, a number of schemes and hardware structures are presented based on recomputation or parallel computation. It is shown that these structures can be used for detecting errors with a very high probability during the computation of the elliptic curve scalar multiplication (ECSM). Additionally, we show that using parallel computation along with either PV or recomputation, it is possible to have fault-tolerant structures for the ECSM. If certain conditions are met, these schemes are more efficient than others such as the well-known triple modular redundancy. Prototypes of the proposed structures for error detection and fault tolerance have been implemented, and experimental results have been presented.     

素数域椭圆曲线密码系统算法实现研究

针对素数域椭圆曲线密码系统的算法高速实现，分别讨论了对椭圆曲线上的点的加法和倍点运算。以及对点的标量乘法运算进行优化的技术，同时给出了测试比较结果，说明了所讨论的优化技术可以大大提高整个椭圆曲线密码系统的算法实现性能。     

基于Kummer曲面的RFID标签

理论上使用公钥密码,包括椭圆曲线密码和超椭圆曲线密码来设计RFID标签已经比较成熟了.实验结果表明椭圆曲线密码或者超椭圆曲线密码用于RFID标签设计也很有效.与超椭圆曲线密码相比较,在亏格为2的曲线上使用Kummer曲面来计算标量乘会更快.但是,由于在Kummer曲面上没有简单的点加计算公式,这导致很难使用Kummer曲面来构造密码协议.在本文中,我们把Schnorr的鉴别协议扩展到Kummer曲面上.研究表明该协议可以只使用有限域Fq上的加法和乘法来计算,而且也不降低安全性.进一步地,我们用该协议来设计RFID标签.结果表明该协议在Kummer曲面上非常有效并很容易用于RFID标签设计中.在本文中,我们选取的是可转换为超椭圆曲线y^2+xy=x^5+f3x^3+εx^2+f0的Kummer曲面,其中ε∈{0,1}.我们方案的性能比其它使用公钥密码来设计RFID标签的方案都有效.     

一种灵活的椭圆曲线密码并行化方法

提出标量划分与整合模型,基于此模型,提出一种灵活的椭圆曲线密码标量乘的并行化处理方法。由于该方法是基于标量乘的算法操作级别,因此能在各种不同处理器数量的并行系统中实现。相对于现有的基于固定数量处理器的标量乘并行化方法,本文的并行化方法是灵活的。同时,本文提出的标量乘并行化方法最优时间复杂度可以减少到(logk)A+kD。通过实例比较,本文提出的方法的最优时间复杂度比经典的二进制方法减少了大约30%。     

一种用于加速椭圆曲线数量乘的Signed—Binary整数表示法

椭圆曲线公开加密系统已经得到了广泛的应用，其中最重要并且花费运行时间最多的运算就是计算数量乘。为了提高数量乘的运算度，本文提出了一种用于加速椭圆曲线数量乘的容易实现的Signed—Binary整数表示法，在不增加计算数量乘算法中预处理的复杂度的前提下，减少了点倍乘的次数，有效地提高了计算椭圆曲线点数量乘的速度。     

A Synthesis of Multi-Precision Multiplication and Squaring Techniques for 8-Bit Sensor Nodes: State-of-the-Art Research and Future Challenges

Multi-precision multiplication and squaring are the performance-critical operations for the implementation of public-key cryptography, such as exponentiation in RSA, and scalar multiplication in elliptic curve cryptography (ECC). In this paper, we provide a survey on the multi-precision multiplication and squaring techniques, and make special focus on the comparison of their performance and memory footprint on sensor nodes using 8-bit processors. Different from the previous work, our advantages are in at least three aspects. Firstly, this survey includes the existing techniques for multiprecision multiplication and squaring on sensor nodes over prime fields. Secondly, we analyze and evaluate each method in a systematic and objective way. Thirdly, this survey also provides suggestions for selecting appropriate multiplication and squaring techniques for concrete implementation of public-key cryptography. At the end of this survey, we propose the research challenges on efficient implementation of the multiplication and the squaring operations based on our observation.     

改进的Koblitz曲线上数字签名算法

标量乘法的效率决定着椭圆曲线密码体制的性能,而JSF算法是当前最流行的计算椭圆曲线双标量乘的算法;Koblitz曲线上的快速标量乘算法是标量乘法研究的重要课题。Lee[12]算法采用Frobenius映射扩展正整数k并将其扩展后的系数改写成二进制形式有效地提高标量乘算法效率。将JSF应用到扩展后的系数中,以较小存储空间为代价来提高算法效率,并将算法运用到改进的ECDSA算法中,减少乘法运算次数,加速签名及验证过程,节约数字签名时间。     

FPGA based unified architecture for public key and private key cryptosystems

Recently, security in embedded system arises attentions because of modern electronic devices need cautiously either exchange or communicate with the sensitive data. Although security is classical research topic in worldwide communication, the researchers still face the problems of how to deal with these resource constraint devices and enhance the features of assurance and certification. Therefore, some computations of cryptographic algorithms are built on hardware platforms, such as field program gate arrays (FPGAs). The commonly used cryptographic algorithms for digital signature algorithm (DSA) are rivest-shamir-adleman (RSA) and elliptic curve cryptosystems (ECC) which based on the presumed difficulty of factoring large integers and the algebraic structure of elliptic curves over finite fields. Usually, RSA is computed over GF(p), and ECC is computed over GF(p) or GF(2 ^p ). Moreover, embedded applications need advance encryption standard (AES) algorithms to process encryption and decryption procedures. In order to reuse the hardware resources and meet the trade-off between area and performance, we proposed a new triple functional arithmetic unit for computing high radix RSA and ECC operations over GF(p) and GF(2 ^p ), which also can be extended to support AES operations. A new high radix signed digital (SD) adder has been proposed to eliminate the carry propagations over GF(p). The proposed unified design took up 28.7% less hardware resources than implementing RSA, ECC, and AES individually, and the experimental results show that our proposed architecture can achieve 141.8MHz using approximately 5.5k CLBs on Virtex-5 FPGA.     

An area/performance trade-off analysis of a GF(2) multiplier architecture for elliptic curve cryptography

A hardware architecture for GF(2^m) multiplication and its evaluation in a hardware architecture for elliptic curve scalar multiplication is presented. The architecture is a parameterizable digit-serial implementation for any field order m. Area/performance trade-off results of the hardware implementation of the multiplier in an FPGA are presented and discussed.     

有限域GF(2m)上椭圆曲线密码体制的快速实现

椭圆曲线密码体制的快速实现是当前公钥密码体制研究的热点之一。椭圆曲线上点的标量乘和加法运算是椭圆曲线密码算法的核心运算。为了提高运算速度，利用射影坐标思想，改进椭圆曲线上求两点和运算公式，对标量乘算法进行优化。讨论了椭圆曲线密码体制的优势及研究其快速实现的意义。