并行结构的椭圆曲线密码算法实现

介绍了椭圆曲线密码算法中的基本运算--点加、点倍算法的选取及用点加点倍并行实现点乘的方法,提出了在一个CPU两个公钥运算核的SoC系统中点加、点倍并行计算完成点乘的思想,并给出了一种在椭圆曲线密码系统(ECC)中的高效点乘运算的具体实现.该设计使得ECC运算比普通算法在效率上提高60%以上.     

基于FPGA的Fm2域椭圆曲线点乘的快速实现

椭圆曲线点乘的实现速度决定了椭圆曲线密码算法（ECC）的实现速度。采用蒙哥马利点乘算法,其中模乘运算、模平方运算采用全并行算法,模逆运算采用费马·小定理并在实现中进行了优化,完成了椭圆曲线点乘的快速运算。采用Xilinx公司的Virtex-5器件族的XCV220T作为目标器件,完成了综合与实现。通过时序后仿真,其时钟频率可以达到40MHz,实现一次点乘运算仅需要14.9μs。     

基于FPGA的Fm2域椭圆曲线点乘的快速实现

椭圆曲线点乘的实现速度决定了椭圆曲线密码算法(ECC)的实现速度.采用蒙哥马利点乘算法,其中模乘运算、模平方运算采用全并行算法,模逆运算采用费马·小定理并在实现中进行了优化,完成了椭圆曲线点乘的快速运算.采用Xilinx公司的Viaex-5器件族的XCV220T作为目标器件,完成了综合与实现.通过时序后仿真,其时钟频率可以达到40 MHz,实现一次点乘运算仅需要14.9μs.     

基于Montgomery模乘的RSA加密处理器

提出一种基4的Montgomery模乘算法及优化的硬件结构,将传统基2模乘运算迭代次数减少近一半。在该模乘模块基础上设计高速RSA加密处理器,采用进位保留形式的全并行模幂运算流程,避免长进位链和中间结果转换的问题。结果表明,该设计同时适应FPGA和ASIC实现,完成一次标准1 024位RSA加密运算仅需9 836个周期,加密速率提高50%以上。     

一种新的余数系统下快速计算素域椭圆曲线点乘的方法

椭圆曲线密码运算主要是椭圆曲线点乘,后者由一系列的模乘构成。利用余数系统下的蒙哥马利模乘算法,素域中对阶取模余的模乘可以转化为对余数系统基底取模余。提出一种新的余数系统下的方法以加速计算椭圆曲线点乘。（1）与传统上取两个几乎对称的余数系统不同,该方法取了两个非对称的余数系统。其中,余数系统Γ包括两个模数{2L, 2 L-1}; 余数系统Ω包括八个模数,它们都具有如2L－2Ki+1的形式。这种选择使其模算术变得简单。（2）在上述非对称的余数系统中,大部分原来需要对椭圆曲线域特征值取模的模乘运算可以在余数系统中直接用乘法代替。此外,计算椭圆曲线点乘时用到了仅计算x坐标的蒙哥马利梯子。在每次并行的倍点和点加结束时,需要四次余数系统下的蒙哥马利模乘,以压缩中间结果的值域。因此,计算一个N位的椭圆曲线点乘,需要的时间约为55.5N·I, 其中,I是一个L/2位的乘法、一次保留进位加法、一个L/2位的加法的总延时。     

基于FPGA椭圆曲线密码体制的研究

对基于FPGA椭圆曲线密码体制的实现进行全面研究,在Xilinx的FPGA上实现了二元有限域和椭圆曲线点运算的所有算法。将模乘算法、模逆算法、曲线点加算法、曲线点减算法、点乘算法、ECElgamal加密/解密方案、总线命令控制等在FPGA上完成仿真、综合和板级验证,并设计出具有PCI局部总线传输功能的加密/解密适配卡。研究中提出了新的基于正规基和正则基的比特串行模乘算法实现方案。     

基于FPGA椭圆曲线密码体制的研究

对基于FPGA椭圆曲线密码体制的实现进行全面研究,在Xilinx的FPGA上实现了二元有限域和椭圆曲线点运算的所有算法。将模乘算法、模逆算法、曲线点加算法、曲线点减算法、点乘算法、EC-Elgamal加密／解密方案、总线命令控制等在FPGA上完成仿真、综合和板级验证,并设计出具有PCI局部总线传输功能的加密／解密适配卡。研究中提出了新的基于正规基和正则基的比特串行模乘算法实现方案。     

OCTEON处理器上实现国密SM2算法整体优化方案研究

SM2椭圆曲线公钥密码算法的核心运算是椭圆曲线上点乘算法,因此高效实现SM2算法的关键在于优化点乘算法。对椭圆曲线的点乘算法提出从底层到高层逐层优化的整体方案。上层算法使用带预计算的modified-w NAF算法计算点乘,中间层使用a=-3的Jacobian投影坐标系计算点加和倍点,底层基于OCTEON平台的大数乘加指令使用汇编程序实现模乘算法。最终在OCTEON CN6645处理器上实现该算法,实验结果表明:SM2数字签名速度提高了约540%,验证提高了约72%,加密提高了169%,解密提高了61%。     

基于ECC的身份认证系统的设计与实现

本文从应用系统的安全性和高效性的要求出发,阐述了椭圆曲线密码体制的基本原理及其优点,设计了一个基于大素数域Fp椭圆曲线的身份认证系统,并对该系统进行了安全性分析。在椭圆曲线加密模块的实现中,大素数域中的模逆运算和椭圆曲线上的点乘运算经常是算法实现的瓶颈,本文采用模逆运算和点乘运算的改进算法来提高程序的运行效率。     

一种超椭圆曲线密码处理器并行结构设计

提出了一种超椭圆曲线密码处理器并行结构设计.处理器由多个具有相同结构的核组成,每个核由一个控制器、一个寄存器文件、一个运算单元组成.多个独立的核之间通过寄存器共享进行通信来协作完成复杂运算.每个运算单元执行自定义多操作数指令A(B+C)+D,并在指令产生过程和执行时对指令进行灵活配置.该设计可以实现核之间的指令级并行处理和不同指令执行阶段的流水线处理.在FPGA上的实验结果表明,与以往研究相比,该设计可以实现对超椭圆曲线密码点乘运算更高的加速.     

Fast exponentiation by folding the signed-digit exponent in half

For modern cryptographic systems, the public key cryptosystem such as RSA requires modular exponentiation (M ^E mod?N). The M, E and N are either as large as the 1024-bit integers or even larger, it is not a very good idea to directly compute M ^E mod?N. Recently, there are many techniques have been invented to solve the time-consuming computations of such time-consuming modular exponentiation. Among these useful algorithms, the “binary (square-and-multiply) algorithm” reduces the amount of modulo multiplications. As the “signed-digit representation algorithm” has the property of the nonzero digit occurrence probability equals to 1/3, taking this advantage, this method can more effectively decrease the amount of modular multiplications. Moreover, by using the technique of recording the common parts in the folded substrings, the “folding-exponent algorithm” can improve the efficiency of the binary algorithm, thus can further decrease the computational complexity of modular exponentiation. In this paper, a new modular exponentiation algorithm is proposed which based on the binary algorithm, signed-digit representation, and the folding-exponent technique. By using the parallel processing technique, in our proposed method, the modular multiplications and modular squaring can be executed in parallel, and thus lower down the computational complexity to k?+?3 multiplications. As modular squaring operation over GF(2 ⁿ ) is carried out by a simple cyclic right shift operation, the computational complexity of our proposed method can be further reduced to 29k/36?+?3 multiplications.     

Parallel exponentiation using common-multiplicand-multiplication and signed-digit-folding techniques

An efficient computation of the modular exponentiations C?=?M^E mod N is very useful for public-key cryptosystems. In this paper, an efficient parallel modular exponentiation algorithm is proposed based on both the common-multiplicand-multiplication (CMM) and signed-digit-folding (SDF) techniques. The ‘minimal-signed-digit (SD) recoding algorithm’ has less occurrence probability of the nonzero digit than the binary number representation. Taking this advantage, we can effectively decrease the amount of modular multiplications. By dividing the bit string of the minimal-SD recoding exponent E into three equal-length parts and by using the technique of recording the common parts in the folded substrings, the ‘folding-exponent algorithm’ can improve the efficiency of the binary algorithm, thus it can further decrease the computational complexity of modular exponentiation. As the modular squaring operation in GF(2 ⁿ ) over the normal basis can be done by a simple shift operation, the modular multiplications and the modular squaring operations in our proposed CMM–SDF algorithm can be executed in parallel. By using our proposed parallel CMM–SDF algorithm, we can obtain the optimal overall computational complexity as 0.689k?+?11 multiplications by folding the minimal-SD recoding exponent E exactly one-time in SD radix-2 recoding system, where k denotes the digit-length of the exponent and n denotes the folding time of the exponent.     

GF(2m)上椭圆曲线密码协处理器的硬件实现

给出了一款GF(2m)上椭圆曲线密码协处理器的描述。对于椭圆曲线密码学中最关键的模乘运算采用蒙格玛利模乘算法，并且对这种算法进行改进，得到一种通用性较强的算法。对于硬件实现中遇到的判断寄存器是否为零，给出了一种快速方法。该协处理器共分为6部分，分别为：主控制单元，椭圆曲线点乘单元，椭圆曲线点加单元，椭圆曲线点倍单元，有限域加法单元，蒙格玛利模乘算法单元。     

Bipartite modular multiplication with twice the bit-length of multipliers

This paper presents a new technique to compute 2ℓ-bit bipartite multiplications with ℓ-bit bipartite multiplication units. Low-end devices such as smartcards are usually equipped with crypto-coprocessors for accelerating the heavy computation of modular multiplications; however, security standards such as NIST and EMV have declared extending the bit length of RSA cryptosystem to resist mathematical attacks, making the multiplier quickly outdated. Therefore, the double-size techniques have been studied this decade to extend the life expectancy of such multipliers. This paper proposes new double-size techniques based on the multipliers implementing either classical or Montgomery modular multiplications, or even both simultaneously (bipartite modular multiplication), in which case one can potentially compute modular multiplications twice faster. Furthermore, in order to get a more realistic estimation than the other works, this paper considers not only the cost of the multiplication, but also the cost of the other arithmetic instructions. In our estimation, the proposal provides comparable results for classical multiplier and Montgomery multiplier, and is the only available method for the bipartite multiplier. A preliminary version of this paper was presented at the 12th Australasian Conference on Information Security and Privacy, ACISP’07.     

The TMS390C602A floating-point coprocessor for Sparc systems

A recent Sparc (scalable processor architecture) processor consists of a two-chip configuration, containing the TMS390C601 integer unit (IU) and the TMS390C602A floating-point unit (FPU). The second device, an innovative coprocessor that lets the processor execute single- or double-precision floating-point instructions concurrently with IU operations is described. Dedicated floating-point hardware in the FPU increases the performance of the system. Running at clock periods as small as 20 ns, the chip should deliver 5.5 million double-precision floating-point operations per second under the Linpack benchmark (50-MHz clock rate). The FPU provides single- and double-precision arithmetic functions: addition, subtraction, multiplication, division, square root, compare, and convert. To minimize its math unit's latency, the FPU uses a highly parallel architecture requiring separate math units to optimize additions and multiplications. Traps stop the execution of a program to jump to software routine for handling data-dependent errors or to execute instructions not implemented in the hardware. Benchmark results are presented     

GF(2~m)上椭圆曲线密码体制的硬件实现

特征为2的有限域GF(2m)较适合椭圆曲线密码算法的硬件实现。该文通过对GF(2m)上模运算的分析,将所有的模运算转化成模乘和模加,并对LSD乘法器的进行了改进,所设计的运算单元能进行GF(2m)上所有的模运算,利用该运算单元所实现的椭圆曲线密码算法具有面积小,速度快的优点,适合用于处理能力和存储空间受限的设备中。     

混合CORDIC在分裂基FFT中的应用

提出了一个基于CORDIC的分裂基FFT/IFFT处理器来计算2048/4096/8192点DFT。蝶形处理器的算术单元和旋转因子产生器采用CORDIC算法实现,所有的控制信号在片内产生。相比于存储旋转因子所需的ROM,CORDIC旋转因子所用ROM尺寸更小。与传统的FFT实现相比功耗减少了25%。     

基于互补电阻开关的忆阻乘法器设计

现有的忆阻算术逻辑多采用单个忆阻器作为存储单元,在忆阻交叉阵列中易受到漏电流以及设计逻辑电路时逻辑综合复杂度高的影响,导致当前乘法器设计中串行化加法操作的延时和面积开销增加。互补电阻开关具有可重构逻辑电路的运算速度和抑制忆阻交叉阵列中漏电流的性能,是实现忆阻算术逻辑的关键器件。提出一种弱进位依赖的忆阻乘法器。为提升忆阻器的逻辑性能,基于互补电阻开关电路结构,设计两种加法器的优化方案,简化操作步骤。在此基础上,通过改进传统的乘法实现方式,并对进位数据进行拆解,降低运算过程中进位数据之间的依赖性,实现并行化的加法运算。将设计的乘法器映射到混合CMOS/crossbar结构中,乘法计算性能得到大幅提高。在Spice仿真环境下验证所提乘法器的可行性。仿真实验结果表明,与现有的乘法器相比,所提乘法器的延时开销从O(n²)降低为线性级别,同时面积开销降低约70%。