Abstract
We present a high-speed public-key cryptoprocessor that exploits three-level parallelism in Elliptic Curve Cryptography (ECC) over GF(2n). The proposed cryptoprocessor employs a Parallelized Modular Arithmetic Logic Unit (P-MALU) that exploits two types of different parallelism for accelerating modular operations. The sequence of scalar multiplications is also accelerated by exploiting Instruction-Level Parallelism (ILP) and processing multiple P-MALU instructions in parallel. The system is programmable and hence independent of the type of the elliptic curves and scalar multiplication algorithms. The synthesis results show that scalar multiplication of ECC over GF(2163) on a generic curve can be computed in 20 and 16 μs respectively for the binary NAF (Non-Adjacent Form) and the Montgomery method. The performance can be accelerated furthermore on a Koblitz curve and reach scalar multiplication of 12 μs with the TNAF (τ-adic NAF) method. This fast performance allows us to perform over 80,000 scalar multiplications per second and to enhance security in wireless mobile applications.
Similar content being viewed by others
References
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theor 22:644–654
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126
Koblitz N (1987) Elliptic curve cryptosystem. Math Comput 48:203–209
Miller V (1985) Uses of elliptic curves in cryptography. In: Williams HC (ed) Advances in cryptology: Proceedings of CRYPTO’85, number 218 in lecture notes in computer science. Springer, pp 417–426
Blake I, Seroussi G, Smart NP (1999) Elliptic curves in cryptography. London mathematical society lecture note series. Cambridge Univ. Press
Hodjat A, Verbauwhede I (2006) Area-throughput trade-offs for fully pipelined 30 to 70 Gbits/s AES processors. IEEE Trans Comput 55(4):366–372, April
Wolkerstorfer J (2005) Scaling ECC hardware to a minimum. In: ECRYPT workshop—cryptographic advances in secure hardware—CRASH 2005, September 6–7 2005 (invited talk)
Kumar S, Paar C (2006) Are standards compliant elliptic curve cryptosystems feasible on RFID? In: Proceedings of Workshop on RFID Security
Batina L, Mentens N, Sakiyama K, Preneel B, Verbauwhede I (2006) Low-cost elliptic curve cryptography for wireless sensor networks. In: Proceedings of Third European Workshop on Security and Privacy in Ad Hoc and Sensor Networks, number 4357 in lecture notes in computer science. Springer, pp 415–429
Juels A (2006) RFID security and privacy: a research survey. IEEE J Sel Areas Commun 24(2):381–394, February
Abe M (1998) Universally verifiable mix-net with verification work independent of the number of mix-servers. In: Nyberg N (ed) Advances in cryptology: proceedings of EUROCRYPT’98, number 1403 in lecture notes in computer science. Springer, pp 437–447
Neff CA (2001) A verifiable secret shuffle and its application to e-voting. In: Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS 2001), pp 116–125, November
Ostrovsky R, WE Skeith III (2005) Private searching on streaming data. In: Shoup V (ed) Advances in cryptology: proceedings of CRYPTO’05, number 3621 in lecture notes in computer science. Springer, pp 223–240
Smart NP (2001) The Hessian form of an elliptic curve. In: Koç ÇK, Naccache D, Paar C (eds) Proceedings of 3rd International Workshop on Cryptograpic Hardware and Embedded Systems (CHES), number 2162 in lecture notes in computer science. Springer, Paris, France, pp 121–128, May 14–16
IEEE P1363 / D13 (Draft Version 13) (1999) Standard specifications for public key cryptography, November
US Department of Commerce and National Institute of Standards and Technology (2000) Digital signature standard (DSS), FIPS PUB 186-2, January
Montgomery P (1987) Speeding the Pollard and elliptic curve methods of factorization. Math Comput 48(177):243–264
Solinas J (2000) Efficient arithmetic on koblitz curves. Designs Codes Cryptogr 19:195–249
Agnew GB, Mullin RC, Vanstone SA (1989) A fast elliptic curve cryptosystem. In: Quisquater J-J, Vandewalle J (eds) Advances in cryptology: proceedings of EUROCRYPT’89, number 434 in lecture notes in computer science. Springer, pp 706–708
Gao L, Shrivastava S, Lee H, Sobelman GE (1999) A compact fast variable key size elliptic curve cryptosystem coprocessor. In: Proceedings of the seventh annual IEEE symposium on field-programmable custom computing machines (FCCM), pp 304–305
Orlando G, Paar C (2000) A high-performance reconfigurable elliptic curve processor for GF(2m). In: Koç ÇK, Paar C (eds) Proceedings of 2nd International Workshop on Cryptograpic Hardware and Embedded Systems (CHES), number 1965 in lecture notes in computer science. Springer-Verlag, pp 41–56
Eberle H, Gura N, Shantz SC (2003) Cryptographic processor for arbitrary elliptic curves over GF(2m). In: Schulte M, Bhattacharyya S, Burgess N, Schreiber R (eds) Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, and Processors (ASAP), pp 444–454, June 24–26
Satoh A, Takano K (2003) A scalable dual-field elliptic curve cryptographic processor. IEEE Transactions on Computers, special issue on cryptographic hardware and embedded systems 52(4):449–460, April
Tenca AF, Koç ÇK (2003) A scalable architecture for modular multiplication based on Montgomerys algorithm. IEEE Trans Comput 52(9):1215–1221, September
Harris D, Krishnamurthy R, Andres M, Mathew S, Hsu S (2005) An improved unified scalable radix-2 montgomery multiplier. In: Proceedings of 14th IEEE Symposium on Computer Arithmetic (ARITH-17), pp 172–178
Saqib NA, Rodríguez-Henruez F, Díaz-Prez, A (2005) A reconfigurable processor for high speed point multiplication in elliptic curves. Int J of Embed Syst 2005 1(3/4):237–249
Sozzani F, Bertoni G, Turcato S, Breveglieri L (2005) A parallelized design for an elliptic curve cryptosystem coprocessor. In: International symposium on information technology: Coding and computing (ITCC 2005), pp 626–630
Sakiyama K, Batina L, Preneel B, Verbauwhede I (2006) Superscalar coprocessor for high-speed curve-based cryptography. In: Goublin L, Matsui M (eds) Proceedings of 8th International Workshop on Cryptographic Hardware and Embedded Systems (CHES), number 4249 in lecture notes in computer science. Springer, pp 415–429
Koblitz N (1998) Algebraic aspects of cryptography, 1st edn. Springer
Menezes A, Wu Y-H, Zuccherato R (1998) An elementary introduction to hyperelliptic curves—appendix. In: Koblitz N (ed) Algebraic aspects of cryptography. Springer, pp 155–178
Hankerson D, Menezes A, Vanstone S (2004) Guide to elliptic curves cryptography. Springer
López J, Dahab R (1999) Fast multiplication on elliptic curves over GF(2m). In: Koç ÇK, Paar C (eds) Proceedings of 1st International Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol 1717 of lecture notes in computer science. Springer, pp 316–327
Itoh T, Tsujii S (1988) Effective recursive algorithm for computing multiplicative inverses in GF(2m). Electron Lett 24(6):334–335
Batina L, Mentens N, Preneel B, Örs SB (2004) Serial multiplier architectures over GF(2n) for elliptic curve cryptosystems. In: The 12th IEEE Mediterranean Electrotechnical Conference (MELECON 2004), pp 779–782
Sakiyama K, Preneel B, Verbauwhede I (2006) A fast dual-field modular arithmetic logic unit and its hardware imlementation. In: Proceedings of IEEE International Symposium On Circuits and Systems (ISCAS’06), pp 787–790
Smyth N, McLoone M, McCanny JV (2006) An adaptable and scalable asymmetric cryptographic processor. In: Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, And Processors (ASAP). IEEE Computer Society, pp 341–346
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Sakiyama, K., Batina, L., Preneel, B. et al. High-performance Public-key Cryptoprocessor for Wireless Mobile Applications. Mobile Netw Appl 12, 245–258 (2007). https://doi.org/10.1007/s11036-007-0020-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-007-0020-6