We present a new hardware architecture to compute scalar multiplications in the group of rational points of elliptic curves defined over a prime field. We have made an implementation on Altera FPGA family for some elliptic curves defined over randomly chosen ground fields offering classic cryptographic security level. Our implementations show that our architecture is the fastest among the public designs to compute scalar multiplication for elliptic curves defined over a general prime ground field. Our design is based upon the Residue Number System, guaranteeing carry-free arithmetic and easy parallelism. It is SPA resistant and DPA capable.

/pdf/a-high-speed-coprocessor-for-elliptic-curve-scalar-2d4pzo7mxj.pdf

A high speed coprocessor for elliptic curve scalar multiplications over F p

Residue Number System (RNS) is a non-weighted number system which was proposed by Garner back in 1959 to achieve fast implementation of addition, subtraction and multiplication operations in special-purpose computations. Unfortunately, RNS did not turn out as a popular alternative to two?s complement number system in those days. The rigidity of instruction set architectures of the market-dominant computers and microprocessors then has been the main barrier to sustain the development of RNS-based applications. In recent years, technological advancement in semiconductor technology has revived the interests to reconsider RNS for application-specific computing. There are at least two unique motivations which make RNS computations more attractive and applicable in modern digital signal processing applications. Firstly, the modular and distributive properties of RNS are used to achieve performance improvements especially in the emerging distributed and ubiquitous computing platforms such as cloud, wireless ad hoc networks, and applications which require tolerance against soft error. Secondly, energy efficiency becomes a key driver in the continual densification of complementary metal oxide semiconductor (CMOS) digital integrated circuits. The high degree of computational parallelism in RNS offers new degree of freedom to optimize energy performance, particularly for very long word length arithmetic such as those involved in the hardware implementation of cryptographic algorithms. Our aim in this paper is to show this revolution by discussing interesting development in RNS and foster the innovative use of RNS for more applications. Different applications of RNS are investigated to demonstrate how this unconventional number system can be leveraged to benefit their implementation.

Residue Number Systems: A New Paradigm to Datapath Optimization for Low-Power and High-Performance Digital Signal Processing Applications

Elliptic curve point multiplication (ECPM) is one of the most critical operations in elliptic curve cryptography. In this brief, a new hardware architecture for ECPM over GF(p) is presented, based on the residue number system (RNS). The proposed architecture encompasses RNS bases with various word-lengths in order to efficiently implement RNS Montgomery multiplication. Two architectures with four and six pipeline stages are presented, targeted on area-efficient and fast RNS Montgomery multiplication designs, respectively. The fast version of the proposed ECPM architecture achieves higher speeds and the area-efficient version achieves better area-delay tradeoffs compared to state-of-the-art implementations.

Efficient RNS Implementation of Elliptic Curve Point Multiplication Over ${\rm GF}(p)$

Field Programmable Gate Array (FPGA) is a general purpose programmable logic device that can be configured by a customer after manufacturing to perform from a simple logic gate operations to complex systems on chip or even artificial intelligence systems. Scientific publications related to FPGA started in 1992 and, up to now, we found more than 70,000 documents in the two leading scientific databases (Scopus and Clarivative Web of Science). These publications show the vast range of applications based on FPGAs, from the new mechanism that enables the magnetic suspension system for the kilogram redefinition, to the Mars rovers’ navigation systems. This paper reviews the top FPGAs’ applications by a scientometric analysis in ScientoPy, covering publications related to FPGAs from 1992 to 2018. Here we found the top 150 applications that we divided into the following categories: digital control, communication interfaces, networking, computer security, cryptography techniques, machine learning, digital signal processing, image and video processing, big data, computer algorithms and other applications. Also, we present an evolution and trend analysis of the related applications.

Field Programmable Gate Array Applications—A Scientometric Review

This paper proposes a programmable GF(p) arithmetic unit for elliptic curve cryptography. The proposed unit can perform modular addition, subtraction, multiplication, inversion, and division. A suitable countermeasure against differential power analysis attack and doubling attack is proposed. An elliptic curve scalar multiplication hardware is subsequently designed for the curves defined over GF(p) using two cores of programmable GF(p) arithmetic unit. It performs point doubling and point addition in each iteration concurrently on two cores. The proposed scalar multiplication hardware is implemented on the Xilinx Virtex-2 Pro FPGA platform. The proposed parallel architecture is inherently programmable, memoryless, and resistant against timing and power attacks. It efficiently optimizes area × time per bit value for elliptic curve scalar multiplication.

Petrel: Power and Timing Attack Resistant Elliptic Curve Scalar Multiplier Based on Programmable ${\rm GF}(p)$ Arithmetic Unit

Elliptic curve point multiplication is considered to be the most significant operation in all elliptic curve cryptography systems, as it forms the basis of the elliptic curve discrete logarithm problem. Designs for elliptic curve cryptography point multiplication are area demanding and time consuming. Thus, the efficient realization of point multiplication is of fundamental importance for the performance of an elliptic curve system. In this paper, a hardware architecture of an elliptic curve point multiplier is proposed that exploits the intrinsic parallelism of the residue number system (RNS), in order to speed up the elliptic curve point calculations and minimize the area complexity of the elliptic curve point multiplier. The architecture proves to be the fastest among all known design approaches, while complexity is less than half of that of previous efforts. This architecture also supports the required input (binary-to-RNS) and output (RNS-to-binary) conversions. Through a graph-oriented approach, the area of the elliptic curve point multiplier is minimized, by optimizing the point addition and doubling algorithms. Also, through this approach, the number of execution steps for point addition is matched to the number of execution steps for point doubling. Additionally, the impact of various RNS bases, in terms of number of moduli and their bit lengths, on the area and speed of the proposed implementation is analyzed, in an effort to define the potential for using RNS in elliptic curve cryptography.

An RNS Implementation of an $F_{p}$ Elliptic Curve Point Multiplier

Hash functions are special cryptographic algorithms, which are applied wherever message integrity and authentication are critical. Implementations of these functions are cryptographic primitives widely used in common cryptographic schemes and security protocols such as Internet Protocol Security (IPSec) and Virtual Private Network (VPN). In this paper, a novel FPGA implementation of the Secure Hash Algorithm 1 (SHA-1) is proposed. The proposed architecture exploits the benefits of pipeline and re-timing of execution through pre-computation of intermediate temporal values. Pipeline allows division of the calculation of the hash value in four discreet stages, corresponding to the four required rounds of the algorithm. Re-timing is based on the decomposition of the SHA-1 expression to separate information dependencies and independencies. This allows pre-computation of intermediate temporal values in parallel to the calculation of other independent values. Exploiting the information dependencies, the fundamental operational block of SHA-1 is modified so that maximum operation frequency is increased by 30% approximately with negligible area penalty compared to other academic and commercial implementations. The proposed SHA-1 hash function was prototyped and verified using a XILINX FPGA device. The implementation's characteristics are compared to alternative implementations proposed by the academia and the industry, which are available in the international IP market. The proposed implementation achieved a throughput that exceeded 2,5 Gbps, which is the highest among all similar IP cores for the targeted XILINX technology.

High-Speed FPGA Implementation of Secure Hash Algorithm for IPSec and VPN Applications

A design approach to create small-sized high-speed implementation of the new version of secure hash algorithm is proposed. The resulted design can be easily embedded to operate in HMAC IP cores, providing a high degree of security. The proposed implementation does not introduce significant area penalty, compared to other competitive designs. However the achieved throughput presents an increase compared to commercially available IP cores that range from 48%-1912%.

A novel high-throughput implementation of a partially unrolled SHA-512

Hash functions, form a special family of cryptographic algorithms that satisfy current requirements for security, confidentiality and validity for several applications in technology. Many applications like PKI, IPSec, DSA, MACpsilas need the requirements mentioned before. All the previous applications incorporate hash functions and address, as the time passes, to more and more users-clients and thus the increase of their throughput is quite necessary. In this paper we propose an implementation that increases throughput and frequency significantly and at the same time keeps the area small enough for the hash function RIPEMD-160, which is emanated from the necessity for existence of very strong algorithms in cryptanalysis. This technique involves the application of spatial and temporal pre-computation. The proposed technique leads to an implementation with more than 35% higher throughput.

Application of novel technique in RIPEMD-160 aiming at high-throughput

In this paper an efficient implementation, in terms of performance, of the keyed-hash message authentication code (HMAC) using the SHA-256 hash function is presented. This mechanism is used for message authentication in combination with a shared secret key. The proposed hardware implementation, invokes a partially unrolled implementation for the underlying hash function leading to a high-throughput and low-power implementation for the whole HMAC construction. Special care has been taken so that the proposed implementation doesn't introduce extra design complexity; while in parallel functionality was kept to the required levels.

http://www.wseas.us/e-library/conferences/2005corfu/c1/papers/498-498.pdf

H. E. Michail

Papers

An RNS Implementation of an $F_{p}$ Elliptic Curve Point Multiplier

High-Speed FPGA Implementation of Secure Hash Algorithm for IPSec and VPN Applications

A novel high-throughput implementation of a partially unrolled SHA-512

Application of novel technique in RIPEMD-160 aiming at high-throughput

High-speed and low-power implementation of hash message authentication code through partially unrolled techniques