Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves

  • David Kammler
  • Diandian Zhang
  • Peter Schwabe
  • Hanno Scharwaechter
  • Markus Langenberg
  • Dominik Auras
  • Gerd Ascheid
  • Rudolf Mathar
Conference paper

DOI: 10.1007/978-3-642-04138-9_19

Volume 5747 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Kammler D. et al. (2009) Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves. In: Clavier C., Gaj K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg

Abstract

This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves). Cryptographic pairings are based on elliptic curves over finite fields—in the case of BN curves a field \(\mathbb{F}_p\) of large prime order p. Efficient arithmetic in these fields is crucial for fast computation of pairings. Moreover, computation of cryptographic pairings is much more complex than elliptic-curve cryptography (ECC) in general. Therefore, we facilitate programming of the proposed ASIP by providing a C compiler.

In order to speed up \(\mathbb{F}_p\) arithmetic, a RISC core is extended with additional scalable functional units. Because the resulting speedup can be limited by the memory throughput, utilization of multiple data-memory banks is proposed.

The presented design needs 15.8 ms for the computation of the Optimal-Ate pairing over a 256-bit BN curve at 338 MHz implemented with a 130 nm standard cell library. The processor core consumes 97 kGates making it suitable for the use in embedded systems.

Keywords

Application-specific instruction-set processor (ASIP)design-space explorationpairing-based cryptographyBarreto-Naehrig curveselliptic-curve cryptography (ECC)\(\mathbb{F}_p\) arithmetic
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • David Kammler
    • 1
  • Diandian Zhang
    • 1
  • Peter Schwabe
    • 2
  • Hanno Scharwaechter
    • 1
  • Markus Langenberg
    • 3
  • Dominik Auras
    • 1
  • Gerd Ascheid
    • 1
  • Rudolf Mathar
    • 3
  1. 1.Institute for Integrated Signal Processing Systems (ISS)RWTH Aachen UniversityAachenGermany
  2. 2.Department of Mathematics and Computer ScienceEindhoven University of TechnologyEindhovenNetherlands
  3. 3.Institute for Theoretical Information Technology (TI)RWTH Aachen UniversityAachenGermany