橢圓曲線是新定義的數學群(Group)，藉由此新定義的運算結構套用於現今加解密演算法當中，此外橢圓曲線在相同的安全性下所用的金鑰長度遠比RSA還要小，因此在學術界和業界皆投入橢圓曲線的研究，本論文會專注在橢圓曲線的純量乘法，以及其特別應用RFID，並且選用目前最有效率的演算法L pez-Dahab Montgomery scalar multiplication當作本篇論文核心，透過優化電路排程以及降低運算複雜度本論文獲得以下結果：在橢圓曲線純量乘法部分，我們使用TSMC 130nm 在GF(2^163)下，本論文設計之電路完成一次純量乘法所需的時間為6.4μs。在RFID的部分，本論文選用TSMC 180nm在GF(2^163)下，本論文設計之電路需消耗8.1μw。

Elliptic Curve Cryptography has gained much attention in recent years. It has smaller key length than RSA with the same level of security. In this thesis, we propose a high performance, low power elliptic curve cryptography processor over GF(2^163).We adopt Lopez-Dahab Montgomery scalar multiplication algorithm to avoid the inverse operation. By optimizing circuit implementation, we can obtain very competitive results. In regard to Elliptic curve cryptography, our ECC processor can complete one scalar multiplication in 6.4μs with TSMC 130 nm technology. In regard to RFID, our ECC processor consumes 8.1μw with TSMC 180 nm technology.

[1] J. Lopez and R. Dahab, “Fast multiplication on elliptic curves over GF(2m) without precomputation,” Cryptographic Hardware and Embedded Systems (CHES), vol. 1717 of LNCS, pp. 316–327, Aug. 1999.
[2] T. Itoh, S. Tsujii, “A fast algorithm for computing multiplicative inverses in GF(2m) using normal bases,” Information and Computation, vol. 78, pp. 171-177, Sept. 1988.
[3] H. Wu, “Bit-Parallel Finite Field Multiplier and Squarer Using Polynomial Basis,” IEEE Transactions on Computers, vol. 51, no.7, pp.750-758, July 2002.
[4] W. Tang, H. Wu and M. Ahmadi, “VLSI implementation of bit-parallel word-serial multiplier in GF(2233),” IEEE-NEWCAS Conference, pp.399 -402, June 2005.
[5] B. Ansari and M. A. Hasan, “High-Performance architecture of elliptic curve scalar multiplication,” IEEE Transactions on Computers, vol. 57, no. 11, pp. 1443-1453, Nov. 2008.
[6] K. Sakiyama, L. Batina, B. Preneel, and I. Verbauwhede, “High performance public-key crypto processor for wireless mobile applications,” Mobile Networks and Applications, vol. 12, no. 4, pp. 245–258, Aug. 2007.
[7] K. Sakiyama, L. Batina, B. Preneel, and I. Verbauwhede, “ Multicore curve-based cryptoprocessor with reconfigurable modular arithmetic logic units over GF(2n),” IEEE Transactions on Computers, vol. 56, no. 9, pp. 1269–1282, Sept. 2007.
[8] A. Satoh and K. Takano, “A scalable dual-field elliptic curve cryptographic processor,” IEEE Transactions on Computers, vol. 52, no.4, pp. 449–460, Apr. 2003.
[9] F. Sozzani, G. Bertoni, S. Turcato, and L. Breveglieri, “A parallelized design for an elliptic curve cryptosystem coprocessor,” Information Technology: Coding and Computing, vol. 1, pp. 626–630, 2005
[10] Y. Zhang, D. Chen, Y. Choi, L. Chen and S. B. Ko, “A high performance ECC hardware implementation with instruction – level parallelism over GF(2163),” Microprocessors and Microsystem, vol. 34, no. 6, pp. 228–236, Sept. 2010.
[11] J. Y. Lai, T. Y. Hung, K. H. Yang and C. T. Huang, “High-Performance Architecture for Elliptic Curve Cryptography over Binary Field,” IEEE international Symposium on Circuits and System (ISCAS), pp.3933-3936, Jun 2010.
[12] G. Sutter, J. P. Deschamps and J. L. Imaña, Y. Choi, L. Chen and S. B. Ko, “A high performance ECC hardware implementation with instruction – level parallelism over GF(2163).” IEEE Transactions On Industrial Electronics, vol. 60, no.1, pp. 217–225, Sep. 2013.
[13] Y. K. Lee, K. Sakiyama, L. Batina, and I. Verbauwhede, “Elliptic-Curve-Based Security Processor for RFID,” IEEE Transactions on Computers, vol. 57, pp. 1514-1527, Nov. 2008.
[14] L. Leinweber, C. Papachristou and F.G. Wolff, "Efficient architectures for elliptic curve cryptography processors for RFID," IEEE International Conference on Computter Design, pp. 372-377, Oct. 2009.
[15] P. Luo, X. Wang, J. Feng, Y. Xu , “Low-power hardware implementation of ECC processor suitable for low-cost RFID tags.”, Solid-State and Integrated-Circuit Technology(ICSICT), pp. 1681-1684, Oct. 2008.
[16] P. W. Chang, “Low-Cost Design for Elliptic Curve Cryptography over Binary Field.” 國立清華大學資訊工程研究所, 碩士論文, Dec. 2012.
[17] SECG, SEC 2: Recommended Elliptic Curve Domain Parameters, Standards for Efficient Cryptography Group (SECG), Sep. 2000.
[18] S. Okada, N. Torii, K. Itoh, and M. Takenaka, “Implementation of elliptic curve cryptographic coprocessor over GF(2m) on an FPGA,” Cryptographic Hardware and Embedded System, pp. 25-40, 2000
[19] A. Satoh and K. Takano, “A scalable dual-field elliptic curve cryptographic processor,” IEEE Transactions on Computers, vol. 52, no. 4, pp. 449–460, Apr. 2003.
[20] D. Hein, J. Wolkerstorfer, and N. Felber, “ECC is Ready for RFID - A Proof in Silicon,” Selected Areas in Cryptography, vol. 5381, pp. 401-413, 2009.
[21] C. P. Schnorr, “Efficient Identification and Signatures for Smart Cards,” Advances in Cryptology-CRYPTO’89, vol. 435, pp. 239–252 , 1989.