a reconfigurable system on chip implementation for elliptic curve cryptography over gf 2 n n.
Skip this Video
Loading SlideShow in 5 Seconds..
A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n ) PowerPoint Presentation
Download Presentation
A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n )

Loading in 2 Seconds...

  share
play fullscreen
1 / 34
Download Presentation

A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n ) - PowerPoint PPT Presentation

ham
167 Views
Download Presentation

A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n )

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2n) Michael Jung1, M. Ernst1, F. Madlener1, S. Huss1, R. Blümel2 1 Integrated Circuits and Systems LabComputer Science DepartmentDarmstadt University of TechnologyGermany 2 cv cryptovision GmbHGelsenkirchenGermany

  2. ECC over GF(2n) • GF(2n) operations implemented in HW • Square, Multiply, Add • Inversion with Fermat‘s little Theorem • Polynomial Base • Multiplier based on a novel, generalized version of the Karatsuba Ofman Algorithm1 • EC level algorithms implemented in SW • 2P Algorithm2for EC point multiplication • Projective Point Coordinates • Algorithmic flexibility combined with performance [1] Karatsuba and Ofman, Multiplication of multidigit numbers on automata, 1963[2] Lopez/Dahab, Fast multiplication on elliptic curves over GF(2m) without precomputations, 1999

  3. 8-Bit RISC Microcontroller • 20+ MIPS @ 25 MHz Atmel FPSLIC Reconfigurable System on Chip

  4. FPGA • 40k Gate Equivalents • Distributed FreeRAMTM Cells Atmel FPSLIC Reconfigurable System on Chip • 8-Bit RISC Microcontroller

  5. Dual Ported • Simultaneously accessible by MCU and FPGA Atmel FPSLIC Reconfigurable System on Chip • 8-Bit RISC Microcontroller • FPGA • 36 kByte RAM

  6. Peripherals • UARTs • Timers • etc. Atmel FPSLIC Reconfigurable System on Chip • 8-Bit RISC Microcontroller • FPGA • 36 kByte RAM

  7. Atmel FPSLIC Reconfigurable System on Chip • 8-Bit RISC Microcontroller • FPGA • 36 kByte RAM • Peripherals • Low cost, low complexity device

  8. with 1 1 01 0 0 A*B Polynomial Karatsuba Multiplication

  9. with , and Multi-Segment Karatsuba (MSK) • Generalization of the Karatsuba Multiplication Algorithm • Polynomials are split into an arbitrary number of segments

  10. 2 12 2 1 012 12 01 01 1 0 0 A*B MSKk for k=3 with

  11. 2 12 2 1 012 12 01 01 1 0 0 A*B Reordering of Partial Products • Pattern Grouping • Reorder pattern by decreasing xn • Minimize differences in the set of indices of adjacent pattern

  12. 2 2 2 Pattern Grouping 1.) Grouping the partial products to one of three possible pattern 2 12 2 1 012 12 01 01 1 0 0 A*B

  13. 2 12 12 12 Pattern Grouping 1.) Grouping the partial products to one of three possible pattern 12 1 012 12 01 01 1 0 0 A*B

  14. 2 12 1 1 1 Pattern Grouping 1.) Grouping the partial products to one of three possible pattern 1 012 01 01 1 0 0 A*B

  15. 2 12 012 012 Pattern Grouping 1.) Grouping the partial products to one of three possible pattern 1 012 01 01 0 0 A*B

  16. 2 01 12 01 01 Pattern Grouping 1.) Grouping the partial products to one of three possible pattern 1 012 01 01 0 0 A*B

  17. 2 0 01 12 0 0 Pattern Grouping 1.) Grouping the partial products to one of three possible pattern 1 012 0 0 A*B

  18. 2 0 01 12 Reordering of Partial Products • Pattern Grouping • Reorder pattern by decreasing xn • Minimize differences in the set of indices of adjacent pattern 1 012 A*B

  19. 2 0 01 12 012 Reordering of Partial Products 2.) Ordering of the pattern in a top-left to bottom-right fashion 1 012 A*B

  20. 2 0 01 12 Reordering of Partial Products 2.) Ordering of the pattern in a top-left to bottom-right fashion 012 1 A*B

  21. 2 0 01 12 Reordering of Partial Products • Pattern Grouping • Reorder pattern by decreasing xn • Minimize differences in the set of indices of adjacent pattern 012 1 A*B

  22. 2 0 01 12 01 Reordering of Partial Products 3.) Ensuring that the set of added up segments in the partial products differs only by one element between two adjacent patterns 012 1 A*B

  23. 2 0 01 12 Reordering of Partial Products 3.) Ensuring that the set of added up segments in the partial products differs only by one element between two adjacent patterns 012 1 A*B

  24. A2 A1 A0 Multiplication Sequence B2 B1 B0 Mult

  25. A2 A1 A0 Multiplication Sequence B2 B1 B0 Mult Clock Cycle: 1

  26. A2 A1 A0 Multiplication Sequence B2 B1 B0 2 2 Mult Clock Cycle: 2

  27. 2 A2 A1 A0 Multiplication Sequence B2 B1 B0 12 12 Mult Clock Cycle: 3

  28. 2 12 A2 A1 A0 Multiplication Sequence B2 B1 B0 012 012 Mult Clock Cycle: 4

  29. 2 12 A2 A1 A0 Multiplication Sequence B2 B1 B0 01 01 Mult 012 Clock Cycle: 5

  30. 2 01 12 A2 A1 A0 Multiplication Sequence B2 B1 B0 1 1 Mult 012 Clock Cycle: 6

  31. 2 01 12 A2 A1 A0 Multiplication Sequence B2 B1 B0 0 0 Mult 012 1 Clock Cycle: 7

  32. 2 0 01 12 A2 A1 A0 Multiplication Sequence B2 B1 B0 Mult 012 1 Clock Cycle: 8

  33. Op. A Op. B FF-ALU Coprocessor Interface AVR EC level Algorithms FPGA Finite Field Arithmetic MULT ADD SQUARE RAM Controller ...

  34. Results • Prototype Implementation: • 5-Segment Karatsuba (MSK5) • 23-Bit combinational Multiplier • GF(2113) • One EC point multiplication takes 10.9 ms @ 12 MHz • Speed-up factor of about 40 compared to an assembler optimized software implementation