Advertisement

HECC Goes Embedded: An Area-Efficient Implementation of HECC

  • Junfeng Fan
  • Lejla Batina
  • Ingrid Verbauwhede
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5381)

Abstract

In this paper we describe a high performance, area-efficient implementation of Hyperelliptic Curve Cryptosystems over GF(2 m ). A compact Arithmetic Logic Unit (ALU) is proposed to perform multiplication and inversion. With this ALU, we show that divisor multiplication using affine coordinates can be efficiently supported. Besides, the required throughput of memory or Register File (RF) is reduced so that area of memory/RF is reduced. We choose hyperelliptic curves using the parameters h(x) = x and \(f(x)=x^5+f_3x^3+x^2+f_0\). The performance of this coprocessor is substantially better than all previously reported FPGA-based implementations. The coprocessor for HECC over GF(283) uses 2316 slices and 2016 bits of Block RAM on Xilinx Virtex-II FPGA, and finishes one scalar multiplication in 311 μs.

Keywords

Hyperelliptic Curve Cryptosystems Modular multiplication Modular inversion FPGA 

References

  1. 1.
    Asano, Y., Itoh, T., Tsujii, S.: Generalised fast algorithm for computing multiplicative inverses in GF(2m). Electronics Letters 25(10), 664–665 (1989)CrossRefzbMATHGoogle Scholar
  2. 2.
    Avanzi, R.M., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Curve Cryptography. CRC Press, Boca Raton (2005)zbMATHGoogle Scholar
  3. 3.
    Beth, T., Gollman, D.: Algorithm engineering for public key algorithms. IEEE Journal on Selected Areas in Communications 7(4), 458–466 (1989)CrossRefGoogle Scholar
  4. 4.
    Boston, N., Clancy, T., Liow, Y., Webster, J.: Genus two hyperelliptic curve coprocessor. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 400–414. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Brent, R.P., Kung, H.T.: Systolic VLSI Arrays for Polynomial GCD Computation. IEEE Trans. Computers 33(8), 731–736 (1984)CrossRefzbMATHGoogle Scholar
  6. 6.
    Cantor, D.G.: Computing in the Jacobian of a Hyperelliptic curve. Mathematics of Computation 48, 95–101 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Clancy, T.: FPGA-based Hyperelliptic Curve Cryptosystems. invited paper presented at AMS Central Section Meeting (April 2003)Google Scholar
  8. 8.
    Daly, A., Marnane, W., Kerins, T., Popovici, E.: An FPGA implementation of a GF(p) ALU for encryption processors. Elsevier Journal on Microprocessors and Microsystems (Special issue on FPGAs: Applications and Designs) 28(5-6), 253–260 (2004)CrossRefGoogle Scholar
  9. 9.
    Explicit-Formulas Database, http://www.hyperelliptic.org/EFD
  10. 10.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22, 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Elias, G., Miri, A., Yeap, T.H.: On efficient implementation of FPGA-based hyperelliptic curve cryptosystems. Computers and Electrical Engineering 33(5-6), 349–366 (2007)CrossRefzbMATHGoogle Scholar
  12. 12.
    Yeap, T.H., Elias, G., Miri, A.: High-Performance, FPGA-Based Hyperelliptic Curve Cryptosystems. In: The Proceeding of the 22nd Biennial Symposium on Communications (May 2004)Google Scholar
  13. 13.
  14. 14.
    Guo, J.-H., Wang, C.-L.: A novel digit-serial systolic array for modular multiplication. In: ISCAS 1998. Proceedings of the 1998 IEEE International Symposium on Circuits and Systems, ISCAS 1998, 31 May-3 Jun 1998, vol. 2,2, pp. 177–180 (1998)Google Scholar
  15. 15.
    Kim, H.W., Wollinger, T., Choi, Y., Chung, K.-I., Paar, C.: Hyperelliptic curve coprocessors on a FPGA. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 360–374. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Hasan, M.A., Bhargava, V.K.: Bit-serial systolic divider and multiplier for finite fields GF(2m). IEEE Transactions on Computers 41(8), 972–980 (1992)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Preneel, B., Sakiyama, K., Batina, L., Verbauwhede, I.: Superscalar coprocessor for high-speed curve-based cryptography. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 415–429. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Knuth, D.E.: The Art of Computer Programming, vol. 2. Addison-Wesley, Reading (1981)zbMATHGoogle Scholar
  19. 19.
    Koblitz, N.: Elliptic Curve Cryptosystem. Math. Comp. 48, 203–209 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Koblitz, N.: Hyperelliptic Cryptosystems. Journal of Cryptology 1(3), 129–150 (1989)MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Lange, T.: Inversion-free arithmetic on genus 2 hyperelliptic curves. Cryptology ePrint ARchive (2002)Google Scholar
  22. 22.
    Lange, T.: Formulae for Arithmetic on Genus 2 Hyperelliptic Curves. Applicable Algebra in Engineering, Communication and Computing 15(5), 295–328 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  23. 23.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  24. 24.
    Mulder, J.M., Quach, N.T., Flynn, M.J.: An area model for on-chip memories and its application. IEEE Journal of Solid-State Circuits 26(2), 98–106 (1991)CrossRefGoogle Scholar
  25. 25.
    Pelzl, J.: Hyperelliptic Cryptosystems on Embedded Microprocessors. Master’s thesis, Ruhr-Universitat Bochum (September 2002)Google Scholar
  26. 26.
    Rivest, R.L., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM 21(2), 120–126 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Sakai, Y., Sakurai, K.: Design of hyperelliptic cryptosystems in small characteristic and a software implementation over \(F_{2^n}\). In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 80–94. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  28. 28.
    Sakiyama, K.: Secure Design Methodology and Implementation for Embedded Public-key Cryptosystems. PhD thesis, Katholieke Universiteit Leuven, Belgium (2007)Google Scholar
  29. 29.
    Shiue, W.-T.: Memory synthesis for low power ASIC design. In: ASIC 2002: Proceedings of 2002 IEEE Asia-Pacific Conference, pp. 335–342 (2002)Google Scholar
  30. 30.
    Song, L., Parhi, K.K.: Low-energy digit-serial/parallel finite field multipliers. J. VLSI Signal Process. Syst. 19(2), 149–166 (1998)CrossRefGoogle Scholar
  31. 31.
    Wollinger, T.: Software and Hardware Implementation of Hyperelliptic Curve Cryptosystems. PhD thesis, Ruhr-University Bochum, Germany (2004)Google Scholar
  32. 32.
    Wollinger, T.: Computer Architectures for Cryptosystems Based on Hyperelliptic Curves. Master’s thesis, Worcester Polytechnic Institute, Worcester, Massachusetts (May 2001)Google Scholar
  33. 33.
    Wollinger, T., Bertoni, G., Breveglieri, L., Paar, C.: Performance of HECC Coprocessors Using Inversionfree Formulae. In: International Workshop on Information Security and Hiding, Singapore (ISH 2005), May 2005, pp. 1004–1012 (2005)Google Scholar
  34. 34.
    Yan, Z., Sarwate, D.V., Liu, Z.: High-speed systolic architectures for finite field inversion. Integration, VLSI Journal 38(3), 383–398 (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Junfeng Fan
    • 1
  • Lejla Batina
    • 1
  • Ingrid Verbauwhede
    • 1
  1. 1.ESAT/SCD-COSIC and IBBTKatholieke Universiteit LeuvenLeuven-HeverleeBelgium

Personalised recommendations