簡易檢索 / 詳目顯示
| 研究生: |
王裕翔 Wang, Yu-Shiang |
|---|---|
| 論文名稱: |
適用於FPGA之高效能橢圓曲線密碼架構設計 High-Performance Architecture for Elliptic Curve Cryptography over Prime Fields on FPGAs |
| 指導教授: |
黃稚存
Huang, Chih-Tsun |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 資訊工程學系 Computer Science |
| 論文出版年: | 2010 |
| 畢業學年度: | 98 |
| 語文別: | 英文 |
| 論文頁數: | 64 |
| 中文關鍵詞: | 橢圓曲線密碼學 、素域 、蒙哥馬利乘法器 、場域可程式化閘陣列 、數位訊號處理器 |
| 外文關鍵詞: | Elliptic curve cryptography, prime field, Montgomery multiplier, FPGA, DSP |
| 相關次數: | 點閱:3 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
橢圓曲線加密系統近年來受到學術界以及業界的高度重視,也已經被許多世界工商業國際標準以及國家標準機構所採納,同時也使用在許多重要的應用,像是橢圓曲線數位簽章(ECDSA)。與現今較為普遍的RSA加密系統比較起來,橢圓曲線加密系統使用較短的公鑰以及私鑰長度,卻能提供與RSA相同的加密層級。因此,橢圓曲線加密系統適合用於功率消耗較低的手持裝置和嵌入式系統。
在本論文中,提出了一套適用於元件可程式邏輯閘陣列(FPGA)的高效能橢圓曲線密碼系統硬體架構,並且支援任意的質數有限體以及任意的橢圓曲線參數。我們首先提出了一種新的模乘法器的架構,這是一種使用FPGA內部的數位訊號處理器(DSP)來加速蒙哥馬利演算法的乘法器架構。使用DSP系統的加速下,我們實做出256位元以及四層管線(Pipeline)加速的模乘法器。除此之外,基於此模乘法器的架構,我們提出了一種減少計算週期的指令排程,可以減少18%的總運算時間。在使用Xilinx Virtex-5 FPGA的平台下,一個256位元的橢圓曲線計算總花費的時間為0.86ms。與其他的設計比較的結果可以看出我們所設計的硬體架構在單位面積的使用上比其他的橢圓曲線密碼系統的硬體更有效率。
Elliptic Curve Cryptography (ECC) has gained widespread exposure and increasing acceptance, and has already been adopted in many security standards. Compared with RSA, ECC provides similar level of security with much smaller key. Because of this advantage, ECC has become more important for many new applications, such as Elliptic Curve Digital Signature Algorithm (ECDSA), etc., for those applications in portable devices and embedded systems.
In this thesis, we present a high-performance ECC processor for commercial FPGAs that supports arbitrary fields and curve parameters over prime field. First, a novel architecture for modular multiplier in modern reconfigurable FPGAs is proposed based on the word-based Montgomery multiplication algorithm. Modern FPGAs, e.g., Xilinx Virtex-4 and Virtex-5 as well as Altera Stratix FPGAs, equip with Digital Signal Processing (DSP) slices to speed up computationally expensive arithmetic in hardware design. With dedicated DSP slices, we accelerated the 256-bit modular multiplication by dividing it into four pipeline stages with a few extra LUTs slice. Moreover, we cascaded serial DSP slices and fully used embedded registers in DSP slices to reduce the routing path delay. In our design, it takes only one DSP slice and one LUT slice in the critical path. Second, operation scheduling is explored to reduce the operation cycles further. We perform the reduction part of the Montgomery multiplication with the multiplication part of the next interation. In addition, modular addition/subtraction can also be executed with the multiplication in parallel. With Xilinx Virtex-5 FPGA devices, a 256-bit point scalar multiplication can be performed in 0.86ms at 263MHz with 3657 LUT slices and 10 DSP slices. The comparison of performance among other ECC designs justifies that our processor provides high-throughput with the flexibility of configurable finite fields and elliptic curves.
[1] V. S. Miller, “Use of elliptic curve in cryptography”, in Advances in Cryptology—Crypto’85 Proceedings, 1986, pp. 417–426.
[2] N. Koblitz, “Elliptic curve cryptosystems”, in Mathmatics of Computation, 1987, pp. 203–209.
[3] N. Gura, A. Patel, A. Wander, H. Eberle, and S. C. Shantz, “Comparing elliptic curve cryptography and rsa on 8-bit CPUs”, in Cryptographic Hardware and Embedded Systems (CHES) 2004. Aug. 2004, vol. 3156 of LNCS, pp. 119–132, Springer-Verlag.
[4] IEEE, IEEE 1363 Standard Specifications for Public-Key Cryptography, IEEE Standards Department, Piscataway, Jan. 2000.
[5] ANSI, ANSI X9.62-1998: Public Key Cryptography For The Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), American National Standards Institute (ANSI), Washington, DC, Sept. 1998.
[6] SECG, SEC 2: Recommended Elliptic Curve Domain Parameters, Standards for Efficient Cryptography Group, Sept. 2000.
[7] E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid, Recommendation for Key Management - Part 1: General, National Institute of Standards and Technology (NIST), Gaithersburg, Mar. 2007.
[8] W. T. Polk, D. F. Dodson, and W. E. Burr, Cryptographic Algorithms and Key Sizes for Personal Identity Verification, National Institute of Standards and Technology (NIST), Gaithersburg, Aug. 2007.
[9] B. Ansari and M. A. Hasan, “High-performance architecture of elliptic curve scalar multiplication”, IEEE Trans. Computers, vol. 57, no. 11, pp. 1143–1153, Nov. 2008.
[10] K. Jぴarvinen and J. Skyttぴa, “On parallelization of high-speed processors for elliptic curve cryptography”, IEEE Trans. VLSI Systems, vol. 16, no. 9, pp. 1162–1175, Sept. 2008.
[11] C. J. McIvor, M. McLoone, and J. V. McCanny, “Hardware elliptic curve cryptographic processor over GF(p)”, IEEE Trans. on Circuits and Systems I: Fundamental Theory and Applications, vol. 53, no. 9, pp. 1946–1957, Sept. 2006.
[12] M. Hamilton and W. P. Marnane, “FPGA implementation of an elliptic curve processor using the GLV method”, in Proc. IEEE Int’l Conf. Reconfigurable Computing and FPGAs (ReConFig), Cancun, Dec. 2009, pp. 249–254.
[13] T. Gぴuneysu and C. Paar, “Ultra high performance ECC over NIST primes on commercial FPGAs”, in Cryptographic Hardware and Embedded Systems (CHES) 2008. Aug. 2008, vol. 5154 of LNCS, pp. 62–78, Springer-Verlag.
[14] F. Wolff O. Al-Khallel, C. Papachristou and K. Pekmestzi, “An elliptic curve cryptosystem design based on FPGA pipeline folding”, in 13th IEEE International On-Line Testing Symposium (IOLTS), July 2007, pp. 71–78.
[15] A. Mohammad L. A. Tawalbeh and A. A-A. Gutub, “Efficient fpga implementation of a programmable architecture for gf(p) elliptic curve crypto computations”, in Journal of Signal Processing Systems, June 2010, vol. 59, pp. 233–244.
[16] G. Chen, G. Bai, and H. Chen, “A dual-field elliptic curve cryptographic processor based on a systolic arithmetic unit”, in Proc. IEEE Int. Symp. Circuits and Systems (ISCAS), Seattle, May 2008, pp. 3298–3301.
[17] A. Satoh and K. Takano, “A scalable dual-field elliptic curve cryptographic processor”, IEEE Trans. Computers, vol. 52, no. 4, pp. 449–460, Apr. 2003.
[18] S.-H. Chen J.-Y. Lai and C.-T. Huang, “Methodology of design space exploration for high-performance elliptic curve cryptographic processors”, IEEE Trans. on VLSI Systems, 2010 (submitted).
[19] K. Sakiyama, E. De Mulder, B. Preneel, and I. Verbauwhede, “A parallel processing hardware architecture for elliptic curve cryptosystems”, in Proc. IEEE Int’l Conf. Acoustics, Speech and Signal Processing (ICASSP), Toulouse, May 2006, vol. 3, pp. 904–907.
[20] G. Chen, G. Bai, and H. Chen, “A high-performance elliptic curve cryptographic processor for general curves over GF(p) based on a systolic arithmetic unit”, IEEE Trans. on Circuits and Systems II: Express Briefs, vol. 54, no. 5, pp. 412–416, May 2007.
[21] J. Beuchat and J. Muller, “Automatic generation of modular multipliers for fpga applications”, IEEE Trans. on Computers, vol. 57, pp. 1600–1613, Dec. 2008.
[22] N. Pinckney P. Amberg and D. M. Harris, “Parallel high-radix montgomery multipliers”, in 2008 42nd Asilomar Conference on Signals, Systems and Computers, Oct. 08, pp. 772–776.
[23] K. Sakiyama, B. Preneel, and I. Verbauwhede, “A fast dual-field modular arithmetic logic unit and its hardware implementation”, in Proc. IEEE Int’l Symp. on Circuits and Systems (ISCAS), Island of Kos, Sept. 2006, pp. 787–790.
[24] Robert P. Gallant, Robert J. Lambert, and Scott A. Vanstone, “Faster point multiplication on elliptic curves with efficient endomorphisms”, CRYPTO 2001, vol. 2139, no. 11, pp. 190–200, Nov. 2001.
[25] ANSI, ANSI X9.30-1997, Part 2: Public Key Cryptography using Irreversible Algorithms for the Financial Services Industry: The Secure Hash Algorithm 1 (SHA-1) (Revised), American National Standards Institute (ANSI), Washington, DC, 1997.
[26] Xilinx, Inc, Virtex-5 FPGA XtremeDSP Design Considerations, Jan. 2009, Xilinx Virtex-5 User Guide.
[27] P. L. Montgomery, “Modular multiplication without trial division”, Mathematics of Computation, vol. 44, no. 170, pp. 519–521, Apr.
[28] C□ etin Kaya Ko□c and Burton S. Kaliski, Jr., “Analyzing and comparing Montgomery multiplication algorithms”, IEEE Micro, vol. 16, no. 3, pp. 26–33, June 1996.
[29] Burton S. Kaliski, Jr., “The montgomery inverse and its applications”, IEEE Trans. Computers, vol. 44, no. 8, pp. 1064–1065, Aug. 1995.
[30] E. Sava□s, M. Naseer, A. A-A. Gutub, and C□ . K. Ko□c, “Efficient unified montgomery inversion with multibit shifting”, IEE Proceedings - Computers and Digital Techniques, vol. 152, no. 4, pp. 489–498, July 2005.
[31] National Institute of Standards and Technology (NIST), “Recommend elliptic curves for federal government use”, July 1999.
[32] J. Lopez M. Brown, D. Hankerson and A. Menezes, “Software implementation of the NIST elliptic curves over prime fields”, Tech. Rep., CACR, 2000.
[33] M. Lochter and J. Merkle, “Elliptic curve cryptography (ECC) Brainpool standard curves and curve generation”, RFC5639, Mar. 2010.
[34] A. Hiasat, “New memoryless, mod (2n+or-1) residue multiplier”, Electronics Letters, vol. 28, pp. 314–315, Jan. 1992.
全文公開日期 本全文未授權公開 (校內網路)全文公開日期 本全文未授權公開 (校外網路)