Superscalar Coprocessor for High-Speed Curve-Based Cryptography

  • K. Sakiyama
  • L. Batina
  • B. Preneel
  • I. Verbauwhede
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4249)


We propose a superscalar coprocessor for high-speed curve-based cryptography. It accelerates scalar multiplication by exploiting instruction-level parallelism (ILP) dynamically and processing multiple instructions in parallel. The system-level architecture is designed so that the coprocessor can fully utilize the superscalar feature. The implementation results show that scalar multiplication of Elliptic Curve Cryptography (ECC) over GF(2163), Hyperelliptic Curve Cryptography (HECC) of genus 2 over GF(283) and ECC over a composite field, GF((283)2) can be improved by a factor of 1.8, 2.7 and 2.5 respectively compared to the case of a basic single-scalar architecture. This speed-up is achieved by exploiting parallelism in curve-based cryptography. The coprocessor deals with a single instruction that can be used for all field operations such as multiplications and additions. In addition, this instruction only allows one to compute point/divisor operations. Furthermore, we provide also a fair comparison between the three curve-based cryptosystems.


Superscalar instruction-level parallelism coprocessor curve-based cryptography scalar multiplication HECC ECC 


  1. 1.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22, 644–654 (1976)zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Koblitz, N.: Elliptic curve cryptosystem. Math. Comp. 48, 203–209 (1987)zbMATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Miller, V.: Uses of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  5. 5.
    Thériault, N.: Index calculus attack for hyperelliptic curves of small genus. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 75–92. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Montgomery, P.: Speeding the pollard and elliptic curve methods of factorizationGoogle Scholar
  7. 7.
    Smart, N.P.: The Hessian form of an elliptic curve. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 118–128. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Joye, M., Yen, S.-M.: The Montgomery powering ladder. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Izu, T., Takagi, T.: A fast parallel elliptic curve multiplication resistant against side channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 280–296. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Mishra, P.K., Sarkar, P.: Parallelizing explicit formula for arithmetic in the jacobian of hyperelliptic curves. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 93–110. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Wollinger, T.: Software and Hardware Implementation of Hyperelliptic Curve Cryptosystems. PhD thesis, Ruhr-University Bochum (2004)Google Scholar
  12. 12.
    Hodjat, A., Batina, L., Hwang, D., Verbauwhede, I.: A hyperelliptic curve crypto coprocessor for an 8051 microcontroller. In: Proceedings of The IEEE 2005 Workshop on Signal Processing Systems (SIPS 2005), pp. 93–98 (2005)Google Scholar
  13. 13.
    Orlando, G., Paar, C.: A high-performance reconfigurable elliptic curve processor for GF(2m). In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 41–56. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Gura, N., Shantz, S.C., Eberle, H., Finchelstein, D., Gupta, S., Gupta, V., Stebila, D.: An end-to-end systems approach to elliptic curve cryptography. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 349–365. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Lange, T.: Formulae for arithmetic on genus 2 hyperelliptic curves. Applicable Algebra in Engineering, Communication and Computing 15(5), 295–328 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Byramjee, B., Duquesne, S.: Classification of genus 2 curves over \(F_{2^n}\) and optimization of their arithmetic. Cryptology ePrint Archive: Report 2004/107 (2004)Google Scholar
  17. 17.
    Lange, T., Stevens, M.: Efficient doubling on genus two curves over binary fields. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 170–181. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  18. 18.
    Elias, G., Miri, A., Yeap, T.H.: High-performance, FPGA based hyperelliptic curve cryptosystem. In: Proceedings of the 22nd Biennial Symposium on Communications (2004)Google Scholar
  19. 19.
    Pelzl, J., Wollinger, T., Guajardo, J., Paar, C.: Hyperelliptic curve cryptosystems: Closing the performance gap to elliptic curves. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 351–365. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Agnew, G.B., Mullin, R.C., Vanstone, S.A.: A fast elliptic curve cryptosystem. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 706–708. Springer, Heidelberg (1990)Google Scholar
  21. 21.
    Boston, N., Clancy, T., Liow, Y., Webster, J.: Genus two hyperelliptic curve coprocessor. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 400–414. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Koblitz, N.: Algebraic Aspects of Cryptography, 1st edn. Springer, Heidelberg (1998)zbMATHGoogle Scholar
  23. 23.
    Blake, I., Seroussi, G., Smart, N.P.: Elliptic Curves in Cryptography. London Mathematical Society Lecture Note Series. Cambridge University Press, Cambridge (1999)zbMATHGoogle Scholar
  24. 24.
    Menezes, A., Wu, Y.-H., Zuccherato, R.: An Elementary Introduction to Hyperelliptic Curves - Appendix. In: Koblitz, N. (ed.) Algebraic Aspects of Cryptography, pp. 155–178. Springer, Heidelberg (1998)Google Scholar
  25. 25.
    Itoh, T., Tsujii, S.: Effective recursive algorithm for computing multiplicative inverses in GF(2m). Electronics Letters 24(6), 334–335 (1988)zbMATHCrossRefGoogle Scholar
  26. 26.
    Lidl, R., Niederreiter, H.: Finite fields. In: Encyclopedia of Mathematics and its Applications, 2nd edn., vol. 20. Cambridge University Press, Cambridge (2000)Google Scholar
  27. 27.
    Sakiyama, K., Preneel, B., Verbauwhede, I.: A fast dual-field modular arithmetic logic unit and its hardware imlementation. In: Proceedings of IEEE International Symposium on Circuits and Systems (ISCAS 2006), pp. 787–790 (2006)Google Scholar
  28. 28.
    Schaumont, P.: Gezel version 2,
  29. 29.
    Saqib, N.A., Rodríguez-Henriquez, F., Díaz-Pérez, A.: A reconfigurable processor for high speed point multiplication in elliptic curves. International Journal of Embedded Systems 2005 1(3/4), 237–249 (2005)CrossRefGoogle Scholar
  30. 30.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • K. Sakiyama
    • 1
  • L. Batina
    • 1
  • B. Preneel
    • 1
  • I. Verbauwhede
    • 1
  1. 1.Department Electrical Engineering – ESAT/SCD-COSICKatholieke Universiteit Leuven / IBBTLeuven-HeverleeBelgium

Personalised recommendations