Issue No.10 - October (2006 vol.55)
Christof Paar , IEEE
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2006.165
Digit Serial Multipliers are used extensively in hardware implementations of elliptic and hyperelliptic curve cryptography. This contribution shows different architectural enhancements in Least Significant Digit (LSD) multiplier for binary fields GF(2^m). We propose two different architectures, the Double Accumulator Multiplier (DAM) and N-Accumulator Multiplier (NAM), which are both faster compared to traditional LSD multipliers. Our evaluation of the multipliers for different digit sizes gives optimum choices and shows that currently used digit sizes are the worst possible choices. Hence, one of the most important results of this contribution is that digit sizes of the form 2^l-1, where l is an integer, are preferable for the digit multipliers. Furthermore, one should always use the NAM architecture to get the best timings. Considering the time area product DAM or NAM gives the best performance depending on the digit size.
Bit serial multiplier, digit serial multiplier, least significant digit multiplier, elliptic/hyperelliptic curve cryptography, public key cryptography.
Sandeep Kumar, Thomas Wollinger, Christof Paar, "Optimum Digit Serial GF(2^m) Multipliers for Curve-Based Cryptography", IEEE Transactions on Computers, vol.55, no. 10, pp. 1306-1311, October 2006, doi:10.1109/TC.2006.165