基于GF（2^n）的ECC协处理器芯片设计

文章讨论了定义在Galois Field(GF)2^n有限域上椭圆曲线密码体制(ECC)协处理器芯片的设计。首先在详细分析基于GF(2^n)ECC算法的基础上提取了最基本和关键的运算，并提出了通过协处理器来完成关键运算步骤，主处理器完成其它运算的ECC加／解密实现方案。其次，进行了加密协处理器体系结构设计，在综合考虑面积、速度、功耗的基础上选择了全串行方案来实现GF(2^n)域上的乘和加运算。然后，讨论了加密协处理器芯片的电路设计和仿真、验证问题。最后讨论了芯片的物理设计并给出了样片的测试结果。     

高速双有限域加密协处理器设计

文章提出了一种能够同时在有限域GF(P)和GF(2^m)中高速实现椭圆曲线密码算法(ECC)的协处理器。该协处理器能够高速完成椭圆曲线密码算法中各种基本的运算。通过调用这些基本的模运算指令，可以实现各种ECC上的加密算法。该协处理器支持512位以下任意长度的模运算。协处理器工作速度很快，整个协处理器综合采用了多种加速结构和算法并采用了流水线结构设计。根据物理综合的结果，协处理器可以工作在300MHz的频率，运算时间比此前的一些同类芯片快4到10倍左右。     

高性能可扩展公钥密码协处理器研究与设计

 本文提出了一种高效的点乘调度策略和改进的双域高基Montgomery模乘算法,在此基础上设计了一种新型高性能可扩展公钥密码协处理器体系结构,并采用0.18μm 1P6M标准CMOS工艺实现了该协处理器,以支持RSA和ECC等公钥密码算法的计算加速.该协处理器通过扩展片上高速存储器和使用以基数为处理字长的方法,具有良好的可扩展性和较强的灵活性,支持2048位以内任意大数模幂运算以及576位以内双域任意椭圆曲线标量乘法运算.芯片测试结果表明其具有很好的加速性能,完成一次1024位模幂运算仅需197μs、GF(p)域192位标量乘法运算仅需225μs、GF(2^m)域163位标量乘法运算仅需200.7μs.     

一种新型硬件可配置公钥制密码协处理器的VLSI实现

提出了一种新型的硬件可配置的密码协处理器，同时适用于GF(p)和GF(2^m)两种域，可以实现RSA和ECC两种目前主流的加密算法。同时又具备硬件可配置的特点，可以完成32—512bit的模乘运算而无需对硬件做任何修改。本文的密码协处理芯片用TSMC0．35μm标准单元库综合，可以工作在100MHz时钟下，等效单元45k等效门，512bit的模乘运算速度可以达到190kbit／s，一次椭圆曲线上的233bit的点加运算只需18μs。     

GF（2^m）域高速椭圆曲线加密处理器设计

针对高速椭圆曲线加密应用的要求,设计了一种多项式基表示的有限域GF(2m)上的高速椭圆加密处理器.为提高运算速度,点加和倍点模块并行运算,且分别采用全并行结构实现;为减少资源,初始化和最后的坐标变换求逆模块通过优化分解成一系列乘和加运算,合并在一个模块中用串行结构实现.Xilinx公司的VirtexEXCV2600 FPGA硬件实现结果表明,完成有限域GF(2163)上任意椭圆曲线上的一次点乘的全部运算时间消耗约为31.6μs,适合高速椭圆曲线加密应用的要求.     

可重构点乘运算的FPGA设计

文章在深入分析ECC点乘运算的FPGA实现的基础上,提出了一种参数可重构的、基于正规基有限域运算的ECC点乘运算结构。该点乘运算结构采用了复用、并行化等措施,在FPGA上实现了GF（2^191）的ECC点乘运算。在Altera FPGA上的仿真结果表明：在50Mhz时钟下,一次点乘运算只需413．28us。     

AES/Rijndael算法协处理器设计与实现

AES／Rijndael算法是高性能的加密算法，具有极佳的抗攻击性能。文章提出了AES／Rijndael算法协处理器的半定制ASIC硬件实现方案，设计兼顾了处理速度与硬件资源耗费。其较高的加密强度，对于保护关键信息的安全具有很强的实用价值。方案在Cyclone系列FPGA芯片上实现，占用逻辑单元1400余个，综合仿真和实测的结果验证了本设计的正确性。     

IEEE802.15.4中AES-CCM协议的扩展指令集实现

该文在高级加密标准(AES)快速算法的基础上,设计了一组基于可配置处理器NiosⅡ上的扩展指令,用于IEEE802.15.4标准媒体访问控制层中基于AES算法的计数器模式和密码分组链接消息验证码(AES-CCM)协议的硬件加速.该文首先推导出快速算法中用于轮变换的查找表与S盒的逻辑关系,然后通过复合域变换方法用硬件电路实现S盒的计算,从而消除了支撑扩展指令集的硬件逻辑对片上存储空间的消耗.同时给出该协议基于查表法的扩展指令集和协处理器的设计方案,并在EP2C35芯片上进行实现和对比.该方案仅消耗223个逻辑单元(LE),吞吐量为668.7 kbps,时钟周期数比软件算法加速174.6倍,芯片面积仅为协处理器方案的9.5％,显著降低了无线传感网节点设备的成本和功耗.     

基于滑动窗口技术的有限域GF(2n)乘法算法

在分析现有有限域GF(2n)乘法算法的基础上,将滑动窗口技术应用到有限域GF(2n)的乘法运算中,提出了一个基于滑动窗口技术的有限域GF(2n)乘法算法,分析和仿真结果表明,与被认为目前最快的有限域GF(2n)乘法算法一固定窗口算法相比,该算法有更好的实现效率.     

一种网络安全协处理器的椭圆曲线密码模块设计

提出了一种网络安全协处理器的椭圆曲线密码(ECC)模块设计方法,可以两个核共同完成多种椭圆曲线数字签名算法,而且支持多倍点、点加和点验证运算.在0.18μmCMOS工艺下,综合后关键路径为3.42ns、面积为3.58mm2.时钟频率为250MHz时,每秒完成770多次参数长度为192位椭圆曲线数字签名算法(ECDSA)的签名或者验证.     

AN IMPLEMENTATION OF FAST ALGORITHM FOR ELLIPTIC CURVE CRYPTOSYSTEM OVER GF（p）

The design and implementation of fast algorithms related to Elliptic Curve Cryptography (ECC) over the field GF(p), such as modular addition, modular subtraction, point addition, point production, choice of embedding plaintext to a point, etc. are given. A practical software library has been produced which supports variable length implementation of the ECCbased ElGamal cryptosystem. More importantly, this scalable architecture of the design enables the ECC being used in restricted platforms as well as high-end servers based on Intel Pentium CPU. Applications such as electronic commerce security, data encryption communication, etc.are thus made possible for real time and effective ECC.     

An implementation of fast algorithm for elliptic curve cryptosystem over GF( p )

The design and implementation of fast algorithms related to Elliptic Curve Cryptography (ECC) over the field GF(p), such as modular addition, modular subtraction, point addition, point production, choice of embedding plaintext to a point, etc. are given. A practical software library has been produced which supports variable length implementation of the ECC-based ElGamal cryptosystem. More importantly, this scalable architecture of the design enables the ECC being used in restricted platforms as well as high-end servers based on Intel Pentium CPU. Applications such as electronic commerce security, data encryption communication, etc. are thus made possible for real time and effective ECC. Supported by the National Natural Science Foundation of China (No.60271025)     

基于有限域GF上圆锥曲线的公钥密码算法

圆锥曲线密码学是一种新型的公钥密码学,迄今对圆锥曲线密码学的研究成果都是以有限域GF(p)上的圆锥曲线为基础的.本文将有限域GF(p)上的圆锥曲线C(GF(p))推广为有限域GF(2ⁿ)上的圆锥曲线C(GF(2ⁿ)),证明了圆锥曲线C(GF(2ⁿ))上的点和加法运算构成有限交换群(C(GF(2ⁿ)),),并给出了圆锥曲线群(C(GF(2ⁿ)),)的阶的计算.此外,提出了使用有限域GF(2ⁿ)上的圆锥曲线群构造公钥密码系统,并给出了ElGamal加密方案和数字签名算法(DSA)在圆锥曲线C(GF(2ⁿ))上模拟的算法,最后分析其安全性.     

Software Implementation of Elliptic Curve Encryption over Binary Field

The mathematical theory for elliptic curve encryption based on optimal normal basis(ONB) over F_2~m is introduced.Then an elliptic curve cryptography(ECC) based encryption scheme isanalyzed and designed.The mechanism for key exchange based on Diffie-Hellman is described in detailsfor further applications.Based on these theoretic foundations,the software based on ECC is developedand an application is provided.The software is characterized by excellent security as well as highefficiency.     

Elixir: High-Throughput Cost-Effective Dual-Field Processors and the Design Framework for Elliptic Curve Cryptography

We present a design framework that consists of a high-throughput, parallel, and scalable elliptic curve cryptographic (ECC) processor, and its cost-effectiveness methodology for the design exploration. A two-phase scheduling methodology is proposed to optimize the ECC arithmetic over both ${rm GF}(p)$ and ${rm GF}(2^m)$. Based on the methodology, a parallel and scalable ECC architecture is also proposed. Our dual-field ECC architecture supports arbitrary elliptic curves and arbitrary finite fields with different field sizes. The optimization to a variety of applications with different area/throughput requirements can be achieved rapidly and efficiently. Using 0.13-$mu$m CMOS technology, a 160-bit ECC processor core is implemented, which can perform elliptic-curve scalar multiplication in 340 $mu$s over ${rm GF}(p)$ and 155 $mu$s over ${rm GF}(2^m)$, respectively. The comparison of speed and area overhead among different ECC designs justifies the cost-effectiveness of the proposed ECC architecture with its design methodology.      

A Compact Implementation of AES S-Box Using Evolutionary Algorithm

S-Box based on Composite field arithmetic (CFA) technology is optimized by Genetic algorithm (GA) and Cartesian genetic programming (CGP) model for re-ducing the hardware complexity. After using the CFA tech-nique to map Multiplicative inverse (MI) over GF(28) into composite field GF((24)2), the compact MI circuit over GF(24) is selected from 100 evolved circuits, and same design method is applied to the compact multipli-cation circuit over GF(22). Compared with the direct im-plementations, the areas of optimized circuits of MI over GF(24) and multiplication over GF((22)2) are reduced by 66% and 57.69%, respectively. The area reductions for MI over GF(28) and the whole of S-Box are up to 59.23%and 56.14%, separately. In 180nm 1.8V COMS technology, compared to previous works, the S-Box proposed in this paper has the minimum area and minimum power, which are 11.27% and 6.65% smaller than that of the smallest area S-Box, respectively.     

Low-power and area-optimized VLSI implementation of AES coprocessor for Zigbee system

A low-power and low-cost advanced encryption standard (AES) coprocessor is proposed for Zigbee system-on-a-chip (SoC) design. The cost and power consumption of the proposed AES coprocessor are reduced considerably by optimizing the architectures of SubBytes/InvSubBytes and MixColumns/InvMixColumns, integrating the encryption and deeryption procedures together by the method of resource sharing, and using the hierarchical power management strategy based on finite state machine (FSM) and clock gating (CG) technologies. Based on SMIC 0.18 μm complementary metal oxide semiconductor (CMOS) technology, the scale of the AES coprocessor is only about 10.5 kgate, the corresponding power consumption is 69.1 μW/MHz,and the throughput is 32 Mb/s, which is reasonable and sufficient for Zigbee system. Compared with other designs, the proposed architecture consumes less power and fewer hardware resources, which is conducive to the Zigbee system and other portable devices.     

High-performance Public-key Cryptoprocessor for Wireless Mobile Applications

We present a high-speed public-key cryptoprocessor that exploits three-level parallelism in Elliptic Curve Cryptography (ECC) over GF(2 ⁿ ). The proposed cryptoprocessor employs a Parallelized Modular Arithmetic Logic Unit (P-MALU) that exploits two types of different parallelism for accelerating modular operations. The sequence of scalar multiplications is also accelerated by exploiting Instruction-Level Parallelism (ILP) and processing multiple P-MALU instructions in parallel. The system is programmable and hence independent of the type of the elliptic curves and scalar multiplication algorithms. The synthesis results show that scalar multiplication of ECC over GF(2¹⁶³) on a generic curve can be computed in 20 and 16 μs respectively for the binary NAF (Non-Adjacent Form) and the Montgomery method. The performance can be accelerated furthermore on a Koblitz curve and reach scalar multiplication of 12 μs with the TNAF (τ-adic NAF) method. This fast performance allows us to perform over 80,000 scalar multiplications per second and to enhance security in wireless mobile applications.