Fast Reconfigurable Elliptic Curve Cryptography Acceleration for GF(2 m ) on 32 bit Processors
- 254 Downloads
This paper focuses on the design and implementation of a fast reconfigurable method for elliptic curve cryptography acceleration in GF(2 m ). The main contribution of this paper is comparing different reconfigurable modular multiplication methods and modular reduction methods for software implementation on Intel IA-32 processors, optimizing point arithmetic to reduce the number of expensive reduction operations through a novel reduction sharing technique, and measuring performance for scalar point multiplication in GF(2 m ) on Intel IA-32 processors. This paper determined that systematic reduction is best for fields defined with trinomials or pentanomials; however, for fields defined with reduction polynomials with large Hamming weight Barrett reduction is best. In GF(2571) for Intel P4 2.8 GHz processor, long multiplication with systematic reduction was 2.18 and 2.26 times faster than long multiplication with Barrett or Montgomery reduction. This paper determined that Montgomery Invariant scalar point multiplication with Systematic reduction in Projective coordinates was the fastest method for single scalar point multiplication for the NIST fields from GF(2163) to GF(2571). For single scalar point multiplication on a reconfigurable elliptic curve cryptography accelerator, we were able to achieve ∼6.1 times speedup using reconfigurable reduction methods with long multiplication, Montgomery’s MSB Invariant method in projective coordinates, and systematic reduction. Further extensions were made to implement fast reconfigurable elliptic curve cryptography for repeated scalar point multiplication on the same base point. We also show that for L > 20 the LSB invariant method combined with affine doubling precomputation outperforms the LSB invariant method combined with López-Dahab doubling precomputation for all reconfigurable reduction polynomial techniques in GF(2571) for Intel IA-32 processors. For L = 1000, the LSB invariant scalar point multiplication method was 13.78 to 34.32% faster than using the fastest Montgomery Invariant scalar point multiplication method on Intel IA-32 processors.
KeywordsElliptic curve Cryptography Security Finite field Embedded
- 1.Miller, V. S. (1986). Use of elliptic curves in cryptography. In Proceedings of the Advances in Cryptology (CRYPTO’85), LNCS (Vol. 218, pp. 417–426). http://www.springerlink.com.
- 5.National Institute of Standards and Technology (2000). Digital signature standard. FIPS Publication 186-2. http://csrc.csrc.nist.gov/publications/PubsFIPS.html.
- 6.IEEE Standard (2000). Specifications for public key cryptography IEEE P1363. http://ieeexplore.ieee.org.
- 7.Eberle, H., Gura, N., & Chang-Shantz, S. (2003). A cryptographic processor for arbitrary elliptic curves over GF(2m). In Proceedings of the IEEE international conference on application-specific systems, architectures, and processors - ASAP 2003 (pp. 444–454). http://ieeexplore.ieee.org.
- 8.Wolkerstorfer, J., & Bauer, W. (2002). A PCI-card for accelerating elliptic curve cryptography. In Proceedings of austrochip 2002. Austria: Graz. http://www.iaik.tugraz.at/research/publications/2002/ACHIP2002-ECC.htm.Google Scholar
- 11.Grabbe, C., Bednara, M., Teich, J., von zur Gathen, J., & Shokrollahi, J. (2003). FPGA designs of parallel high performance GF(2233) multipliers. In Proceedings of the 2003 international symposium on circuits and systems—ISCAS 2003 (Vol. 2, pp. 268–271). http://ieeexplore.ieee.org.
- 12.Koç, Ç. K., & Halbutogullari, A. (1998). A reduction method for multiplication in finite fields. Tech. rep., Electrical and Computer Engineering. Oregon State University. http://islab.oregonstate.edu/publications.html.
- 13.López, J., & Dahab, R. (1999). Fast multiplication on elliptic curves over GF(2m) without precomputation. In The 1st international workshop on cryptographic hardware and embedded systems (CHES’99). LNCS 1717 (pp. 316–327). http://www.springerlink.com.
- 14.Cohen, A. E., & Parhi, K. K. (2006). A new side channel resistant scalar point multiplication mehod for binary elliptic curves. In Fortieth annual asilomar conference on signals, systems, and computers (pp. 1205–1209). http://ieeexplore.ieee.org.
- 15.Bernstein, D. J., & Lange, T. (2007). Faster addition and doubling on elliptic curves. In Proceedings of the 13th international conference on the theory and application of cryptology and information security - asiacrypt 2007. LNCS (Vol. 4833, pp. 29–50). http://www.springerlink.com.
- 16.López, J., & Dahab, R. (1998). Improved algorithms for elliptic curve arithmetic in GF(2n). In Selected areas in cryptography (pp. 201–212).Google Scholar
- 19.Wollinger, T., Guajardo, J., & Paar, C. (2003). Cryptography in embedded systems: An overview. In Proceedings of the embedded world 2003 exhibition and conference (pp. 18–20).Google Scholar
- 20.Hankerson, D., Hernandez, J. L., & Menezes, A. (2000). Software implementation of elliptic curve cryptography over binary fields. In Proceedings of the second international workshop on cryptographic hardware and embedded systems CHES 2000 (Vol. 1965, pp. 243–2670). http://www.springerlink.com.
- 21.Brickell, E. F., Gordon, D. M., McCurley, K. S., & Wilson, D. B. (1992). Fast exponentiation with precomputation. In Proceedings of the workshop on the theory and application of cryptographic techniques advances in cryptology EUROCRYPT’ 92. LNCS (Vol. 658, pp. 200–207). http://www.springerlink.com.
- 22.Song, L., & Parhi, K. K. (1996). Efficient finite field serial/parallel multiplication. In Proceedings of international conference on application specific systems, architectures and processors, ASAP (pp. 72–82). http://ieeexplore.ieee.org.
- 24.Barrett, P. (1987). Implementing the rivest shamir and adleman public key encryption algorithm on a standard digital signal processor. In Proceedings of the advances in cryptology (CRYPTO’86). LNCS (Vol. 263, pp. 311–323). http://www.springerlink.com.
- 26.Dhem, J. F. (2003). Efficient modular reduction algorithm in IFq[x] and its application to “Left to Right” modular multiplication in IF2[x]. In Cryptographic hardware and embedded systems - CHES 2003. LNCS (Vol. 2779, pp. 203–213). http://www.springerlink.com.
- 27.Intel (2004). Datasheet. Intel pentium 4 processor with 512-kb l2 cache on 0.13 micron process and intel pentium 4 processor extreme edition supporting hyper-threading technology. http://download.intel.com/design/Pentium4/datashts/29864312.pdf.
- 28.Cohen, A. E., & Parhi, K. K. (2004). Implementation of scalable elliptic curve cryptosystem crypto-accelerators for GF(2m). In Thirty-eigth annual asilomar conference on signals, systems, and computers (pp. 471–477). http://ieeexplore.ieee.org.
- 29.Joye, M. (2007). Highly regular right-to-left algorithms for scalar multiplication. In Proceedings or the 9th international workshop on cryptography hardware and embedded systems - CHES 2007. LNCS, 4727 (pp. 135–147). http://www.springerlink.com.
- 30.López, J., & Dahab, R. (2000). An overview of elliptic curve cryptography. Tech. rep., Institute of Computing. Brazil: State University of Campinas.Google Scholar