Low-Cost Hardware Implementation of Elliptic Curve Cryptography for General Prime Fields

  • Yuan MaEmail author
  • Qinglong Zhang
  • Zongbin Liu
  • Chenyang Tu
  • Jingqiang Lin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9977)


In resource-constrained applications, elliptic curve cryptography (ECC) is preferable for the property of shorter key size with comparable security. Binary extension fields are usually used for area-optimized implementations, since the complex carry-propagation logics are avoided over these fields. However, efficient ECC implementations over (general) prime fields are still challenging for low-area constraint. As a popular implementation platform for cryptographic algorithms, Field Programmable Gate Array (FPGA) attracts more and more attentions for these applications due to its nice properties of flexibility and short development cycle. In this paper, we propose a compact and efficient arithmetic logical unit (ALU) by highly integrating the functions of Montgomery modular multiplications, additions and subtractions over general prime fields. Then we design a low-cost hardware architecture for generic elliptic curve point multiplications for FPGA platforms. Experimental results indicate that the implementation only occupies 105 Slices, 2 DSP blocks and 2 BRAMs in Spartan-6 FPGA. To the best of our knowledge, our implementation is the smallest for general prime fields in FPGAs.


Elliptic curve cryptography Low-cost FPGA Implementation 



We thank the anonymous reviewers of SAC 2016 and ICICS 2016 for their invaluable suggestions and comments. This work was partially supported by National Basic Research Program of China (973 Program No. 2013CB338001), National Natural Science Foundation of China (No. 61602476, No. 61402470) and Strategy Pilot Project of Chinese Academy of Sciences (No. XDA06010702).


  1. 1.
    Bosmans, J., Roy, S.S., Järvinen, K., Verbauwhede, I.: A tiny coprocessor for elliptic curve cryptography over the 256-bit NIST prime field. In: 29th International Conference on VLSI Design and 15th International Conference on Embedded Systems, VLSID 2016, Kolkata, India, 4–8 January 2016, pp. 523–528 (2016)Google Scholar
  2. 2.
    Brier, É., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002). doi: 10.1007/3-540-45664-3_24 CrossRefGoogle Scholar
  3. 3.
    McIvor, C., McLoone, M., McCanny, J.: An FPGA elliptic curve cryptographic accelerator over GF(p). In: Irish Signals and Systems Conference (ISSC), pp. 589–594 (2004)Google Scholar
  4. 4.
    Cericom Research: Standards for Efficient Cryptography - SEC-1: Elliptic curve cryptography (2000).
  5. 5.
    Cericom Research: Standards for Efficient Cryptography - SEC-2: Recommended Elliptic Curve Domain Parameters (2000).
  6. 6.
    Furbass, F., Wolkerstorfer, J.: ECC processor with low die size for rfid applications. In: International Symposium on Circuits and Systems (ISCAS) 2007, pp. 1835–1838. IEEE (2007)Google Scholar
  7. 7.
    Güneysu, T., Paar, C.: Ultra high performance ECC over NIST primes on commercial FPGAs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 62–78. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-85053-3_5 CrossRefGoogle Scholar
  8. 8.
    Hutter, M., Feldhofer, M., Plos, T.: An ECDSA processor for RFID authentication. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 189–202. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-16822-2_16 CrossRefGoogle Scholar
  9. 9.
    Izu, T., Möller, B., Takagi, T.: Improved elliptic curve multiplication methods resistant against side channel attacks. In: Menezes, A., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, pp. 296–313. Springer, Heidelberg (2002). doi: 10.1007/3-540-36231-2_24 CrossRefGoogle Scholar
  10. 10.
    Izu, T., Takagi, T.: A fast parallel elliptic curve multiplication resistant against side channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 280–296. Springer, Heidelberg (2002). doi: 10.1007/3-540-45664-3_20 CrossRefGoogle Scholar
  11. 11.
    Kern, T., Feldhofer, M.: Low-resource ECDSA implementation for passive RFID tags. In: 17th IEEE International Conference on Electronics, Circuits, and Systems, ICECS 2010, Athens, Greece, 12–15. pp. 1236–1239, December 2010Google Scholar
  12. 12.
    Tawalbeh, L., Mohammad, A., Gutub, A.: Efficient FPGA implementation of a programmable architecture for GF(p) elliptic curve crypto computations. J. Sig. Process. Syst. 59(3), 233–244 (2010)CrossRefGoogle Scholar
  13. 13.
    Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243–264 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Guillermin, N.: A high speed coprocessor for elliptic curvescalar multiplications over Fp. Cryptographic Hardw. Embed. Syst. (CHES) 2010, 48–64 (2010)zbMATHGoogle Scholar
  16. 16.
    Office of State Commercial Cryptography Administration: Public Key Cryptographic Algorithm SM2 Based on Elliptic Curves (2012, in Chinese).
  17. 17.
    Orup, H.: Simplifying quotient determination in high-radix modular multiplication. In: IEEE Symposium on Computer Arithmetic, pp. 193–199 (1995)Google Scholar
  18. 18.
    Pessl, P., Hutter, M.: Curved tags - a low-resource ECDSA implementation tailored for RFID. Radio Freq. Ident.: Secur. Priv. Issues (RFIDSec) 2014, 156–172 (2014)Google Scholar
  19. 19.
    Roy, D.B., Das, P., Mukhopadhyay, D.: ECC on Your fingertips: a single instruction approach for lightweight ECC design in GF(p). In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 161–177. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-31301-6_9 CrossRefGoogle Scholar
  20. 20.
    Ghosh, S., Alam, M., Chowdhury, D.R., Gupta, I.S.: Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks. In: Comput. Electr. Eng. pp. 329–338 (2009)Google Scholar
  21. 21.
    Varchola, M., Guneysu, T., Mischke, O.: Microecc: a lightweight reconfigurable elliptic curve crypto-processor. In: International Conference on Reconfigurable Computing and FPGAs (ReConFig) 2011, pp. 204–210. IEEE (2011)Google Scholar
  22. 22.
    Vliegen, J., Mentens, N., Genoe, J., Braeken, A., Kubera, S., Touhafi, A., Verbauwhede, I.: A compact fpga-based architecture for elliptic curve cryptography over prime fields. In: International Conference on Application-Specific Systems Architectures and Processors (ASAP) 2010, pp. 313–316. IEEE (2010)Google Scholar
  23. 23.
    Wenger, E., Feldhofer, M., Felber, N.: Low-resource hardware design of an elliptic curve processor for contactless devices. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 92–106. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-17955-6_7 CrossRefGoogle Scholar
  24. 24.
    Ma, Y., Liu, Z., Pan, W., Jing, J.: A high-speed elliptic curve cryptographic processor for generic curves over Fp. Sel. Areas Crypt. (SAC) 2013, 421–437 (2014)zbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Yuan Ma
    • 1
    • 2
    Email author
  • Qinglong Zhang
    • 3
  • Zongbin Liu
    • 1
    • 2
  • Chenyang Tu
    • 1
    • 2
  • Jingqiang Lin
    • 1
    • 2
  1. 1.Data Assurance and Communication Security Research Center, Chinese Academy of SciencesBeijingChina
  2. 2.State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of SciencesBeijingChina
  3. 3.Huawei TechnologiesZhejiangChina

Personalised recommendations