A Dual Field Elliptic Curve Cryptographic Processor Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University.

Slides:



Advertisements
Similar presentations
Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?
Advertisements

CryptoBlaze: 8-Bit Security Microcontroller. Quick Start Training Agenda What is CryptoBlaze? KryptoKit GF(2 m ) Multiplier Customize CryptoBlaze Attacks.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Notation Intro. Number Theory Online Cryptography Course Dan Boneh
The XTR public key system (extended version of Crypto 2000 presentation) Arjen K. Lenstra Citibank, New York Technical University Eindhoven Eric R. Verheul.
Elliptic curve arithmetic and applications to cryptography By Uros Abaz Supervised by Dr. Shaun Cooper and Dr. Andre Barczak.
A Handel-C Implementation of a Computationally Intensive Problem in GF(3) Joey C. Libby, Jonathan P. Lutes, and Kenneth B. Kent The Handel-C Language Handel-C.
Advanced Information Security 4 Field Arithmetic
CNS2010handout 8 :: introduction to number theory1 computer and network security matt barrie.
Cryptography and Network Security Chapter 4
Elliptic Curve Cryptography (ECC) Mustafa Demirhan Bhaskar Anepu Ajit Kunjal.
1 Efficient Algorithms for Elliptic Curve Cryptosystems Original article by Jorge Guajardo and Christof Paar Of WPI ECE Department Presentation by Curtis.
Elliptic Curve Cryptography Shane Almeida Saqib Awan Dan Palacio.
Elliptic Curve. p2. Outline EC over Z p EC over GF(2 n )
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
Electronic Payment Systems Lecture 5: ePayment Security II
An Expandable Montgomery Modular Multiplication Processor Adnan Abdul-Aziz GutubAlaaeldin A. M. Amin Computer Engineering Department King Fahd University.
CHES20021 Scalable and Unified Hardware to Compute Montgomery Inverse in GF(p) and GF(2 n ) A. Gutub, A. Tenca, E. Savas, and C. Koc Information Security.
IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©
CSE 246: Computer Arithmetic Algorithms and Hardware Design Numbers: RNS, DBNS, Montgomory Prof Chung-Kuan Cheng Lecture 3.
CPE5021 Advanced Network Security --- Advanced Cryptography: Elliptic Curve Cryptography --- Lecture 3 CPE5021 Advanced Network Security --- Advanced Cryptography:
1 Montgomery Multiplication David Harris and Kyle Kelley Harvey Mudd College Claremont, CA {David_Harris,
Workshop on Cryptographic Hardware and Embedded Systems (CHES 2006) 13/10/2006 1/26 Superscalar Coprocessor for High-speed Curve-based Cryptography K.
Elliptic Curve Cryptography
Introduction to Modular Arithmetic and Public Key Cryptography.
Lecture 10: Elliptic Curve Cryptography Wayne Patterson SYCS 653 Fall 2009.
FINITE FIELDS 7/30 陳柏誠.
CPSC 3730 Cryptography and Network Security
Application of Elliptic Curves to Cryptography
Cryptography and Network Security Introduction to Finite Fields.
Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security Dr. Johannes Wolkerstorfer IAIK – Graz University of Technology.
AES Background and Mathematics CSCI 5857: Encoding and Encryption.
Modular Arithmetic with Applications to Cryptography Lecture 47 Section 10.4 Wed, Apr 13, 2005.
Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative.
Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 4 – Finite Fields
Data Security and Encryption (CSE348) 1. Lecture # 12 2.
BCRYPT ECC-Day 2008 Requirements, Algorithms, Architectures The design space of ECC hardware.
Cryptography and Network Security Key Management and Other Public Key Cryptosystems.
Understanding Cryptography by Christof Paar and Jan Pelzl These slides were prepared by Tim Güneysu, Christof Paar and Jan Pelzl.
Information Security Lab. Dept. of Computer Engineering 87/121 PART I Symmetric Ciphers CHAPTER 4 Finite Fields 4.1 Groups, Rings, and Fields 4.2 Modular.
Cryptography and Network Security Chapter 4. Introduction  will now introduce finite fields  of increasing importance in cryptography AES, Elliptic.
Cryptographic coprocessor
Elliptic Curve Cryptography Celia Li Computer Science and Engineering November 10, 2005.
Cryptography issues – elliptic curves Presented by Tom Nykiel.
11 RSA Variants.  Scheme ◦ Select s.t. p and q = 3 mod 4 ◦ n=pq, public key =n, private key =p,q ◦ y= e k (x)=x (x+b) mod n ◦ x=d k (y)=  y mod n.
A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n ) Michael Jung 1, M. Ernst 1, F. Madlener 1, S. Huss 1, R. Blümel.
Lecture 11: Elliptic Curve Cryptography Wayne Patterson SYCS 653 Fall 2008.
The Advanced Encryption Standard Part 2: Mathematical Background
1 Network Security Dr. Syed Ismail Shah
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.
Hardware Implementations of Finite Field Primitives
Motivation Basis of modern cryptosystems
Key Management public-key encryption helps address key distribution problems have two aspects of this: – distribution of public keys – use of public-key.
Page : 1 bfolieq.drw Technical University of Braunschweig IDA: Institute of Computer and Network Engineering  W. Adi 2011 Lecture-5 Mathematical Background:
Elliptic Curve Public Key Cryptography Why ? ● ECC offers greater security for a given key size. ● The smaller key size also makes possible much more compact.
Asymmetric-Key Cryptography
Mathematical Background: Extension Fields
An Inverter Architecture for ECC-GF(2m) Based on the Stein’s Algorithm
Network Security Design Fundamentals Lecture-13
D. Cheung – IQC/UWaterloo, Canada D. K. Pradhan – UBristol, UK
Elliptic Curves.
Elliptic Curve Cryptography over GF(2m) on a Reconfigurable Computer:
Introduction to Elliptic Curve Cryptography
CSCE 715: Network Systems Security
Cryptology Design Fundamentals
Cryptology Design Fundamentals
Network Security Design Fundamentals Lecture-13
Mathematical Background: Extension Finite Fields
Presentation transcript:

A Dual Field Elliptic Curve Cryptographic Processor Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University Advisor : Prof. Cheng-Wen Wu Student : San-Yang Lin Advisor : Prof. Cheng-Wen Wu Student : San-Yang Lin

Laboratory for Reliable Computing (LaRC), OutlineOutline  Introduction  Cryptosystem  Mathematical Background  Introduction to Elliptic Curves  The Elliptic Scalar Multiplication  Elliptic Curve Crypto-Processor Design  Experimental Results  Conclusions

Laboratory for Reliable Computing (LaRC), IntroductionIntroduction  Demand of Security - E-commerce - Electronic Banking  Software vs. Hardware Implementation - The Energy/computation Inefficiencies of Software - An Open Untrustworthy environment at Software  Public Key Cryptosystem - ECC vs. RSA

Laboratory for Reliable Computing (LaRC), Cryptosystem (1/2)  Symmetric Key Cryptosystem

Laboratory for Reliable Computing (LaRC), Cryptosystem (2/2)  Asymmetric Key Cryptosystem

Laboratory for Reliable Computing (LaRC), Mathematical Background (1/2)  Galois Fields - Contain a Finite Number of Element - GF(p) Prime Field - GF(2 m ) Binary Field  Modular Arithmetic - a = b (mod) m - c = a ± b (mod) m - c = a × b (mod) m - 1 = a × a -1 (mod) m

Laboratory for Reliable Computing (LaRC), Mathematical Background (2/2)  Polynomial Basic Polynomial Addition and Substraction -(0110) + (0101) = (0011) -(0110) – (0101) = (0011) Polynomial Multiplication Irreducible Polynomial : f(x) = x 4 + x + 1 (1101)(1001) = (x 3 + x 2 + 1)(x 3 + 1) (mod f(x)) = x 6 + x 5 + 2x 3 + x (mod f(x)) = x 6 + x 5 + x (mod f(x)) = (x 4 + x + 1)(x 2 + x) + (x 3 + x 2 + x + 1)(mod f(x)) = x 3 + x 2 + x + 1 = (1111)

Laboratory for Reliable Computing (LaRC), Introduction to Elliptic Curves  Elliptic Curve Equation: y 2 = x 3 + ax + b in prime field y 2 + xy = x 3 + ax 2 + b in binary field

Laboratory for Reliable Computing (LaRC), Elliptic Curve Addition (1/2)  P + Q = R P + -P = 0

Laboratory for Reliable Computing (LaRC), Elliptic Curve Addition (1/2)  P + P = 2P = R

Laboratory for Reliable Computing (LaRC), Example of an Elliptic Curve Group over F p  Elliptic Curve Equation: y 2 = x 3 + x at F 23 The point (9,5) satisfies this equation: y 2 (mod p) = x 3 + x (mod p) 25 (mod 23) = (mod 23) 25 (mod 23) = 738 (mod 23) 2 = 2

Laboratory for Reliable Computing (LaRC), A Crypto Example for Elliptic Curve (1/2)

Laboratory for Reliable Computing (LaRC), A Crypto Example for Elliptic Curve (2/2)  Suppose B = (2,7) and Bob chooses a=7  Bob ’ s public key = 7B = (7,2)  Alice wishes to send M=(10,9) to Bob. Randomly select k = 3 then, [ kB, M + k(aB) ] = [ (8,3), (10,9) + 3(7,2) ] = [ (8,3), (10,9) + (3,5) ] = [ (8,3), (10,2) ]  Bob receives pair and multiplies a by kB  7(8,3) and subtracts from M + k(aB) to obtain: M + k(aB) – a(kB) = (10,2) – 7(8,3) = (10,2) – (3,5) = (10,2) + (3,6) = (10,9)

Laboratory for Reliable Computing (LaRC), The Elliptic Scalar Multiplication  The Scalar Multiplication Algorithm ComplexityMontgomery Form Double and Add (projective) Double and Add (affine) Add and Subtract (projective) Add and Subtract (affine) #Square5log 2 k (log 2 k – 1)1.5(log 2 k - 1)5.33(log 2 k –1)1.33(log 2 k-1) #Mult6log 2 k (log 2 k –1)3(log 2 k – 1)10(log 2 k – 1)2.33(log 2 k–1) #Inverse121.5(log 2 k – 1)21.33(log 2 k-1)

Laboratory for Reliable Computing (LaRC), Multiplication in GF(p)  Multiply-then Divide vs. Montgomery multiplier  Montgomery multiplier: MM(A,B,M) = AB2 -n mod M AB mod M = MM(AB2 -n modM,2 2n modM,M)

Laboratory for Reliable Computing (LaRC), Multiplication in GF(2 n )  Parallel vs. Serial algorithm  Serial Algorithm:

Laboratory for Reliable Computing (LaRC), Inversion in GF(2 n )  Extended Euclidean Algorithm :

Laboratory for Reliable Computing (LaRC), Elliptic Curve Crypto-Processor Design

Laboratory for Reliable Computing (LaRC), The Instruction Set of the ECC processor

Laboratory for Reliable Computing (LaRC), IO Interface

Laboratory for Reliable Computing (LaRC), ControllerController

Laboratory for Reliable Computing (LaRC), D Gated Clock Design clk_r0clk_r0 clk_r1clk_r1 clk_r2clk_r2 clk_r3clk_r3 clk_r4clk_r4 enableenable

Laboratory for Reliable Computing (LaRC), Arithmetic Unit

Laboratory for Reliable Computing (LaRC), Register File

Laboratory for Reliable Computing (LaRC), Comparator Unit

Laboratory for Reliable Computing (LaRC), Adder Unit

Laboratory for Reliable Computing (LaRC), Multi-Arithmetic Unit

Laboratory for Reliable Computing (LaRC), Simulation Flow DefineSpecificationDefineSpecification Behavior Model Establishment HDL Design FunctionSimulationFunctionSimulation SynthesisSynthesis Pre-layoutSimulationPre-layoutSimulation MatchMatch MatchMatch MismatchMismatch MismatchMismatch

Laboratory for Reliable Computing (LaRC), Experimental Results  Maximum Frequency : 384 MHz using UMC 0.18 CMOS Process Binary FieldPrime Field EC Scalar Multiplication (cycles) (m – 1 )(6m + 94) +16m (m – 1)(32m + 196) + 964

Laboratory for Reliable Computing (LaRC), Circuit Size Functional blockCircuit size (gated)Circuit size (normal) MAU core (logic) MAU core (local registers) Register File Adder Compare IO interface Controller Total

Laboratory for Reliable Computing (LaRC), Power Results  Gated Clock Design: 128bit160bit192bit224bit256bit Power143mW151mW163mW183mW205mW

Laboratory for Reliable Computing (LaRC), Compare (1/2) ReferenceFieldPlatform Maximum Frequency EC mult time Notes This workGF(2 163 )0.18um CMOS ASIC 384MHz0.46msdual field multiplier and inversion: logic size: gates Eberle(03) GF(2 163 ) Xilinx xcv2000E-7 66MHz0.30ms256*64bit Binary multiplier (estimated:460k gates) Eberle(03) GF(2 163 ) Xilinx xcv2000E-7 66MHz0.14msOptimal for named curve Satoh(03)GF(2 163 )0.13um CMOS ASIC 510.2MHz0.36ms64*64bit dual field multiplier logic size: gates Orlando (00) GF(2 167 )Xilinx xcv400E 76.7MHz0.21ms167*16bit binary multiplier and 167*167bit squarer for P(x) = x 167 +x 6 +1 (estimated:140k gates)

Laboratory for Reliable Computing (LaRC), Compare (2/2) ReferenceFieldPlatform Maximum Frequency EC mult time Notes This work GF(p) 192bit 0.18um CMOS ASIC 384MHz3.1 ms dual field multiplier and inversion: logic size: gates Satoh(03)GF(p) 192bit 0.13um CMOS ASIC 137.7MHz2.66 ms 64*64bit dual field multiplier logic size: gates Orlando (00) GF( ) Xilinx xcv1000E-8 40MHz3ms192 * 8 bit multiplier

Laboratory for Reliable Computing (LaRC), ConclusionConclusion  Support Dual Field Arithmetic  Merge Different Arithmetic Operation to One Unit  Smallest Product of Area × EC Mult. Time  Power Efficiency Design

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.