Abstract
This paper presents a low-latency algorithm designed for parallel computer architectures to compute the scalar multiplication of elliptic curve points based on approaches from cryptographic side-channel analysis. A graphics processing unit implementation using a standardized elliptic curve over a 224-bit prime field, complying with the new 112-bit security level, computes the scalar multiplication in 1.9 ms on the NVIDIA GTX 500 architecture family. The presented methods and implementation considerations can be applied to any parallel 32-bit architecture.
Similar content being viewed by others
References
AMD: ATI CTM reference guide. Technical reference manual (2006)
Antao, S., Bajard, J.C., Sousa, L.: Elliptic curve point multiplication on GPUs. In: 21st IEEE International Conference on Application-Specific Systems Architectures and Processors (ASAP), 2010, pp. 192–199 (2010)
Bernstein, D.J., Chen, H.C., Chen, M.S., Cheng, C.M., Hsiao, C.H., Lange, T., Lin, Z.C., Yang, B.Y.: The billion-mulmod-per-second PC. In: Special-Purpose Hardware for Attacking Cryptographic Systems—SHARCS 2009, pp. 131–144 (2009)
Bernstein, D.J., Chen, H.C., Cheng, C.M., Lange, T., Niederhagen, R., Schwabe, P., Yang, B.Y.: ECC2K-130 on NVIDIA GPUs. In: Gong, G., Gupta, K.C. (eds.) Indocrypt 2010, Lecture Notes in Computer Science, vol. 6498, pp. 328–346. Springer, Berlin, Heidelberg (2010)
Bernstein, D.J., Chen, T.R., Cheng, C.M., Lange, T., Yang, B.Y.: ECM on graphics cards. In: Joux, A. (ed.) Eurocrypt 2009, Lecture Notes in Computer Science, vol. 5479, pp. 483–501. Springer, Heidelberg (2009)
Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: Kurosawa, K. (ed.) Asiacrypt, Lecture Notes in Computer Science, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)
Bernstein D.J., Lange T.: Analysis and optimization of elliptic-curve single-scalar multiplication. In: Mullen, G.L., Panario, D., Shparlinski, I.E. (eds.) Finite Fields and Applications, Contemporary Mathematics Series, vol. 461, pp. 1–119. American Mathematical Society, Providence, RI (2008)
Bevand, M.: MD5 Chosen-Prefix Collisions on GPUs. Whitepaper, Black Hat (2009)
Blythe D.: The Direct3D 10 system. ACM Trans. Graph. 25(3), 724–734 (2006)
Bos, J.W.: High-performance modular multiplication on the cell processor. In: Hasan, M.A., Helleseth, T. (eds.) Arithmetic of Finite Fields—WAIFI 2010, Lecture Notes in Computer Science, vol. 6087, pp. 7–24. Springer, Heidelberg (2010)
Bos, J.W., Kaihara, M.E., Kleinjung, T., Lenstra, A.K., Montgomery, P.L.: On the security of 1024-bit RSA and 160-bit elliptic curve cryptography. Cryptology ePrint archive, report 2009/389. http://eprint.iacr.org/ (2009)
Bos, J.W., Stefan, D.: Performance analysis of the SHA-3 candidates on exotic multi-core architectures. In: Mangard, S., Standaert, F.X. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2010, Lecture Notes in Computer Science, vol. 6225, pp. 279–293. Springer, Heidelberg (2010)
Brier, E., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) Public Key Cryptography—PKC 2002, Lecture Notes in Computer Science, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)
Brown, M., Hankerson, D., López, J., Menezes, A.: Software implementation of the NIST elliptic curves over prime fields. In: Naccache, D. (ed.) CT-RSA, Lecture Notes in Computer Science, vol. 2020, pp. 250–265. Springer, Heidelberg (2001)
Cohen, H., Miyaji, A., Ono, T.: Efficient elliptic curve exponentiation using mixed coordinates. In: Ohta, K., Pei, D. (eds.) Asiacrypt 1998, Lecture Notes in Computer Science, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)
Edwards H.M.: A normal form for elliptic curves. Bull. Am. Math. Soc. 44, 393–422 (2007)
Fischer, W., Giraud, C., Knudsen, E.W., Seifert, J.P.: Parallel scalar multiplication on general elliptic curves over \({\mathbb{F}_p}\) hedged against non-differential side-channel attacks. Cryptology ePrint archive, report 2002/007. http://eprint.iacr.org/ (2002)
Garland M., Grand S.L., Nickolls J., Anderson J., Hardwick J., Morton S., Phillips E., Zhang Y., Volkov V.: Parallel computing experiences with CUDA. IEEE Micro 28(4), 13–27 (2008)
Garner H.L.: The residue number system. IRE Trans. Electron. Comput. 8, 140–147 (1959)
Granlund, T.: GMP small operands optimization. In: Software Performance Enhancement for Encryption and Decryption—SPEED 2007 (2007)
Group, K.: OpenCL—the open standard for parallel programming of heterogeneous systems. http://www.khronos.org/opencl/
Harrison, O., Waldron, J.: AES encryption implementation and analysis on commodity graphics processing units. In: Paillier, P., Verbauwhede, I. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2007, Lecture Notes in Computer Science, vol. 4727, pp. 209–226. Springer, Heidelberg (2007)
Harrison, O., Waldron, J.: Practical symmetric key cryptography on modern graphics hardware. In: Proceedings of the 17th Conference on Security Symposium, pp. 195–209. USENIX Association (2008)
Harrison, O., Waldron, J.: Efficient acceleration of asymmetric cryptography on graphics hardware. In: Preneel, B. (ed.) Africacrypt 2009, Lecture Notes in Computer Science, vol. 5580, pp. 350–367. Springer, Heidelberg (2009)
Hisil, H., Wong, K.K.H., Carter, G., Dawson, E.: Twisted Edwards curves revisited. In: Pieprzyk, J. (ed.) Asiacrypt 2008, Lecture Notes in Computer Science, vol. 5350, pp. 326–343. Springer, Heidelberg (2008)
Izu, T., Takagi, T.: A fast parallel elliptic curve multiplication resistant against side channel attacks. In: Naccache, D., Paillier, P. (eds.) Public Key Cryptography—PKC 2002, Lecture Notes in Computer Science, vol. 2274, pp. 371–374. Springer, Heidelberg (2002)
Joye, M., Yen, S.M.: The Montgomery powering ladder. In: Kaliski, B.S. Jr., Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2002, Lecture Notes in Computer Science, vol. 2523, pp. 1–11. Springer, Heidelberg (2003)
Karatsuba, A.A., Ofman, Y.: Multiplication of many-digital numbers by automatic computers. In: Proceedings of the USSR Academy of Science, vol. 145, pp. 293–294 (1962)
Käsper, E.: Fast elliptic curve cryptography in OpenSSL. In: Danezis, G., Dietrich, S., Sako, K. (eds.) The 2nd Workshop on Real-Life Cryptographic Protocols and Standardization, Lecture Notes in Computer Science, vol. 7126. Springer. http://research.google.com/pubs/archive/37376.pdf (2012, to appear)
Koblitz N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Kocher, P.C.: Timing attacks on implementations of Diffie–Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) Crypto 1996, Lecture Notes in Computer Science, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Lenstra A.K., Verheul E.R.: Selecting cryptographic key sizes. J. Cryptol. 14(4), 255–293 (2001)
Lenstra H.W. Jr: Factoring integers with elliptic curves. Ann. Math. 126(3), 649–673 (1987)
Lindholm E., Nickolls J., Oberman S., Montrym J.: NVIDIA tesla: a unified graphics and computing architecture. IEEE Micro 28(2), 39–55 (2008)
Manavski, S.: CUDA compatible GPU as an efficient hardware accelerator for AES cryptography. In: IEEE International Conference on Signal Processing and Communications, 2007. ICSPC 2007, pp. 65–68 (2007)
Merrill R.D.: Improving digital computer performance using residue number theory. IEEE Trans. Electron. Comput. EC-13(2), 93–101 (1964)
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) Crypto 1985, Lecture Notes in Computer Science, vol. 218, pp. 417–426. Springer, Heidelberg (1986)
Montgomery P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243–264 (1987)
Moss, A., Page, D., Smart, N.P.: Toward acceleration of RSA using 3D graphics hardware. In: Galbraith, S.D. (ed.) Proceedings of the 11th IMA International Conference on Cryptography and Coding, Cryptography and Coding 2007, pp. 364–383. Springer (2007)
National Security Agency: Fact sheet NSA suite B cryptography. http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml (2009)
Nickolls J., Dally W.J.: The GPU computing era. IEEE Micro 30(2), 56–69 (2010)
NVIDIA: NVIDIA’s next generation CUDA compute architecture: Fermi (2009)
NVIDIA: NVIDIA CUDA programming guide 3.2 (2010)
OpenSSL: The open source toolkit for SSL/TLS. http://www.openssl.org/ (2012)
Osvik, D.A., Bos, J.W., Stefan, D., Canright, D.: Fast software AES encryption. In: Hong, S., Iwata, T. (eds.) Fast software encryption—FSE 2010, Lecture Notes in Computer Science, vol. 6147, pp. 75–93. Springer, Heidelberg (2010)
Owens, J.: GPU architecture overview. In: Special Interest Group on Computer Graphics and Interactive Techniques—SIGGRAPH 2007, p. 2. ACM (2007)
Patterson D.A., Hennessy J.L.: Computer Organization and Design: The Hardware/Software Interface, 4th edn. Morgan Kaufmann, San Francisco, CA (2009)
Rivest R.L., Shamir A., Adleman L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)
Segal M., Akeley K.: The OpenGL Graphics System: A Specification (Version 2.0). Silicon Graphics, Mountain View, CA (2004)
Silverman J.H.: The Arithmetic of Elliptic Curves, Gradute Texts in Mathematics, vol. 106. Springer, Berlin (1986)
Solinas, J.A.: Generalized Mersenne numbers. Technical report CORR 99-39, Centre for Applied Cryptographic Research, University of Waterloo (1999)
National Institute of Standards and Technology: Special publication 800-57: recommendation for key management part 1: general (revised). http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf
Szerwinski, R., Güneysu, T.: Exploiting the power of GPUs for asymmetric cryptography. In: Oswald, E., Rohatgi, P. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2008, Lecture Notes in Computer Science, vol. 5154, pp. 79–99. Springer, Heidelberg (2008)
US Department of Commerce and National Institute of Standards and Technology: Recommendation for pair-wise key establishment schemes using discrete logarithm cryptography. See http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision_Mar08-2007.pdf (2007)
US Department of Commerce/National Institute of Standards and Technology: Digital signature standard (DSS). FIPS-186-3. http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf (2009)
Yang, J., Goodman, J.: Symmetric key cryptography on modern graphics hardware. In: Kurosawa, K. (ed.) Asiacrypt, Lecture Notes in Computer Science, vol. 4833, pp. 249–264. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bos, J.W. Low-Latency Elliptic Curve Scalar Multiplication. Int J Parallel Prog 40, 532–550 (2012). https://doi.org/10.1007/s10766-012-0198-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10766-012-0198-5