An area-efficient bit-serial integer and GF(2) multiplier

This paper presents the design of a new multiplier architecture for normal integer multiplication of positive and negative numbers as well as for multiplication in finite fields of order 2ⁿ. It has been developed to increase the performance of algorithms for cryptographic and signal processing applications on implementations of the Instruction Systolic Array (ISA) parallel computer model [M. Kunde, H.W. Lang, M. Schimmler, H. Schmeck, H. Schröder, Parallel Computing 7 (1988) 25-39, H.W. Lang, Integration, the VLSI Journal 4 (1986) 65-74]. The multiplier operates least significant bit (LSB)-first for integer multiplication and most significant bit ( )-first for finite field multiplication. It is a modular bit-serial design, which on the one hand can be efficiently implemented in hardware and on the other hand has the advantage that it can handle operands of arbitrary length.     

Improved throughput bit-serial multiplier for GF(2) fields

High throughput is a crucial factor in bit-serial GF(2^m) fields multiplication for a variety of different applications including cryptography, error coding detection and computer algebra. The throughput of a multiplier is dependent on the required number of clock cycles to reach a result and its critical path delay. However, most bit-serial GF(2^m) multipliers do not manage to reduce the required number of clock cycles below the threshold of m clock cycles without increasing dramatically their critical path delay. This increase is more evident if a multiplier is designed to be versatile. In this article, a new versatile bit-serial MSB multiplier for GF(2^m) fields is proposed that achieves a 50% increase on average in throughput when compared to other designs, with a very small increase in its critical path delay. This is achieved by an average 33.4% reduction in the required number of clock cycles below m. The proposed design can handle arbitrary bit-lengths upper bounded by m and is suitable for applications where the field order may vary.     

A Scalable Structure for a Multiplier and an Inversion Unit in GF(2m)

Elliptic curve cryptography (ECC) offers the highest security per bit among the known public key cryptosystems. The operation of ECC is based on the arithmetic of the finite field. This paper presents the design of a 193‐bit finite field multiplier and an inversion unit based on a normal basis representation in which the inversion and the square operation units are easy to implement. This scalable multiplier can be constructed in a variable structure depending on the performance area trade‐off. We implement it using Verilog HDL and a 0.35 µm CMOS cell library and verify the operation by simulation.     

New Bit-Parallel Systolic Architectures for Computing Multiplication,Multiplicative Inversion and Division in GF(2<Superscript>m</Superscript>) Under Polynomial Basis and Normal Basis Representations

A new bit-parallel systolic multiplier over GF(2^m) under the polynomial basis and normal basis is proposed. This new circuit is constructed by m ² identical cells, each of which consists of one two-input AND gate, one three-input XOR gate and five 1-bit latches. Especially, the proposed architecture is without the basis conversion as compared to the well-known multipliers with the redundant representation. With this proposed multiplier, a parallel-in parallel-out systolic array has also been developed for computing inversion and division over GF(2^m). The proposed architectures are well suited to VLSI systems due to their regular interconnection pattern and modular structure.

An Efficient DPA Countermeasure for the EtaT Pairing Algorithm over GF(2n) Based on Random Value Addition

This paper presents an efficient differential power analysis (DPA) countermeasure for the Eta_T pairing algorithm over GF(2ⁿ). The proposed algorithm is based on a random value addition (RVA) mechanism. An RVA‐based DPA countermeasure for the Eta_T pairing computation over GF(3ⁿ) was proposed in 2008. This paper examines the security of this RVA‐based DPA countermeasure and defines the design principles for making the countermeasure more secure. Finally, the paper proposes an efficient RVA‐based DPA countermeasure for the secure computation of the Eta_T pairing over GF(2ⁿ). The proposed countermeasure not only overcomes the security flaws in the previous RVA‐based method but also exhibits the enhanced performance. Actually, on the 8‐bit ATmega128L and 16‐bit MSP430 processors, the proposed method can achieve almost 39% and 43% of performance improvements, respectively, compared with the best‐known countermeasure.