This Article 
 Bibliographic References 
 Add to: 
Multicore Curve-Based Cryptoprocessor with Reconfigurable Modular Arithmetic Logic Units over GF(2^n)
September 2007 (vol. 56 no. 9)
pp. 1269-1282
This paper presents a reconfigurable curve-based cryptoprocessor that accelerates scalar multiplication of Elliptic Curve Cryptography (ECC) and HyperElliptic Curve Cryptography (HECC) of genus 2 over GF(2n). By allocating α copies of processing cores that embed reconfigurable Modular Arithmetic Logic Units (MALUs) over GF(2^n), the scalar multiplication of ECC/HECC can be accelerated by exploiting Instruction-Level Parallelism (ILP). The supported field size can be arbitrary up to α(n + 1) - 1. The superscaling feature is facilitated by defining a single instruction that can be used for all field operations and point/divisor operations. In addition, the cryptoprocessor is fully programmable and it can handle various curve parameters and arbitrary irreducible polynomials. The cost, performance, and security trade-offs are thoroughly discussed for different hardware configurations and software programs. The synthesis results with a 0:13-μm CMOS technology show that the proposed reconfigurable cryptoprocessor runs at 292 MHz, whereas the field sizes can be supported up to 587 bits. The compact and fastest configuration of our design is also synthesized with a fixed field size and irreducible polynomial. The results show that the scalar multiplication of ECC over GF(2163) and HECC over GF(283) can be performed in 29 and 63 μs, respectively.

[1] W. Diffie and M.E. Hellman, “New Directions in Cryptography,” IEEE Trans. Information Theory, vol. 22, pp. 644-654, 1976.
[2] R.L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Comm. ACM, vol. 21, no. 2, pp. 120-126, 1978.
[3] N. Koblitz, “Elliptic Curve Cryptosystem,” Math. Computation, vol. 48, pp. 203-209, 1987.
[4] V. Miller, “Uses of Elliptic Curves in Cryptography,” Advances in Cryptology: Proc. Int'l Cryptology Conf. (CRYPTO '85), H.C.Williams, ed., pp. 417-426, 1985.
[5] N. Thériault, “Index Calculus Attack for Hyperelliptic Curves of Small Genus,” Advances in Cryptology—Proc. Ninth Int'l Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT '03), C.S. Laih, ed., pp. 75-92, 2003.
[6] A. Hodjat and I. Verbauwhede, “Area-Throughput Trade-Offs for Fully Pipelined 30 to 70 Gbits/s AES Processors,” IEEE Trans. Computers, vol. 55, no. 4, pp. 366-372, Apr. 2006.
[7] N. Koblitz, “CM-Curves with Good Cryptographic Properties,” Advances in Cryptology: Proc. Int'l Cryptology Conf. (CRYPTO '91), J.Feigenbaum, ed., pp. 279-287, 1991.
[8] P. Montgomery, “Speeding the Pollard and Elliptic Curve Methods of Factorization,” Math. Computation, vol. 48, no. 177, pp. 243-264, 1987.
[9] N.P. Smart, “The Hessian Form of an Elliptic Curve,” Proc. Third Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '01), Ç.K. Koç, D. Naccache, and C. Paar, eds., pp. 121-128, May 2001.
[10] M. Joye and S.-M. Yen, “The Montgomery Powering Ladder,” Proc. Fourth Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '02), B.S. Kaliski Jr., Ç.K. Koç, and C. Paar, eds., pp.291-302, 2002.
[11] T. Izu and T. Takagi, “A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks,” Proc. Fifth Int'l Workshop Practice and Theory in Public Key Cryptosystems (PKC '02), D.Naccache and P. Paillier, eds., pp. 280-296, 2002.
[12] P.K. Mishra and P. Sarkar, “Parallelizing Explicit Formula for Arithmetic in the Jacobian of Hyperelliptic Curves,” Proc. Int'l Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT '03), J. Hartmanis, G. Goos, and J. van Leeuwen, eds., pp. 93-110, 2003.
[13] T. Wollinger, “Software and Hardware Implementation of Hyperelliptic Curve Cryptosystems,” PhD dissertation, Ruhr-Univ. Bochum, Germany, 2004.
[14] A. Hodjat, L. Batina, D. Hwang, and I. Verbauwhede, “HW/SW Co-Design of a Hyperelliptic Curve Cryptosystem Using a Microcode Instruction Set Coprocessor,” Elsevier Integration, the VLSI J., special issue on embedded cryptographic hardware, vol.40, no. 1, pp. 45-51, 2006.
[15] A. Satoh and K. Takano, “A Scalable Dual-Field Elliptic Curve Cryptographic Processor,” IEEE Trans. Computers, special issue on cryptographic hardware and embedded systems, vol. 52, no. 4, pp.449-460, Apr. 2003.
[16] I. Blake, G. Seroussi, and N.P. Smart, Elliptic Curves in Cryptography. Cambridge Univ. Press, 1999.
[17] N. Koblitz, Algebraic Aspects of Cryptography, first ed. Springer, 1998.
[18] A. Menezes, Y.-H. Wu, and R. Zuccherato, An Elementary Introduction to Hyperelliptic Curves—Appendix, pp. 155-178. Springer, 1998.
[19] T. Itoh and S. Tsujii, “Effective Recursive Algorithm for Computing Multiplicative Inverses in ${\rm GF}(2^{m})$ ,” Electronics Letters, vol. 24, no. 6, pp. 334-335, 1988.
[20] IEEE P1363/D13 (Draft Version 13), Standard Specifications for Public Key Cryptography, Nov. 1999.
[21] J. López and R. Dahab, “Fast Multiplication on Elliptic Curves over ${\rm GF}(2^{m})$ ,” Proc. First Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '99), Ç.K. Koç and C. Paar, eds., pp. 316-327, 1999.
[22] B. Byramjee and S. Duquesne, Classification of Genus 2 Curves over $F_{2}^{n}$ and Optimization of Their Arithmetic, Cryptology ePrint Archive: Report 2004/107, 2004.
[23] D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curves Cryptography. Springer, 2004.
[24] N.A. Saqib, F. Rodríguez-Henruez, and A. Díaz-Pérez, “A Reconfigurable Processor for High Speed Point Multiplication in Elliptic Curves,” Int'l J. Embedded Systems, vol. 1, nos. 3/4, pp. 237-249, 2005.
[25] K. Sakiyama, B. Preneel, and I. Verbauwhede, “A Fast Dual-Field Modular Arithmetic Logic Unit and Its Hardware Implementation,” Proc. IEEE Int'l Symp. Circuits and Systems (ISCAS '06), pp.787-790, 2006.
[26] K. Sakiyama, L. Batina, B. Preneel, and I. Verbauwhede, “Superscalar Coprocessor for High-speed Curve-Based Cryptography,” Proc. Eighth Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '06), L. Goublin and M. Matsui, eds., pp. 415-429, 2006.
[27] P. Schaumont and I. Verbauwhede, “Interactive Cosimulation with Partial Evaluation,” Proc. Design, Automation and Test in Europe Conf. (DATE '04), pp. 642-647, 2004.
[28] US Dept. of Commerce and Nat'l Inst. of Standards and Technology, Digital Signature Standard (DSS) FIPS PUB 186-2, Jan. 2000.
[29] F. Sozzani, G. Bertoni, S. Turcato, and L. Breveglieri, “A Parallelized Design for an Elliptic Curve Cryptosystem Coprocessor,” Proc. Int'l Symp. Information Technology: Coding and Computing (ITCC '05), pp. 626-630, 2005.
[30] H. Eberle, N. Gura, and S.C. Shantz, “Cryptographic Processor for Arbitrary Elliptic Curves over ${\rm GF}(2^{m})$ ,” Proc. IEEE Int'l Conf. Application-Specific Systems, Architectures, and Processors (ASAP '03), M. Schulte, S. Bhattacharyya, N. Burgess, and R. Schreiber, eds., pp. 444-454, June 2003.
[31] R.C.C. Cheung, N.J. Telle, W. Luk, and P.Y.K. Cheung, “Customizable Elliptic Curve Cryptosystems,” IEEE Trans. Very Large Scale Integration Systems, vol. 13, no. 9, pp. 1048-1059, 2005.
[32] J. Lutz and A. Hasan, “High Performance FPGA Based Elliptic Curve Cryptographic Co-Processor,” Proc. Int'l Conf. Information Technology: Coding and Computing, vol. 02, p. 486, 2004.
[33] G. Orlando and C. Paar, “A High-Performance Reconfigurable Elliptic Curve Processor for ${\rm GF}(2^{m})$ ,” Proc. Second Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '00), Ç.K. Koç and C. Paar, eds., pp. 41-56, 2000.

Index Terms:
Multiprocessor systems, processor architectures, reconfigurable hardware, arithmetic and logic units, public key cryptosystems.
Kazuo Sakiyama, Lejla Batina, Bart Preneel, Ingrid Verbauwhede, "Multicore Curve-Based Cryptoprocessor with Reconfigurable Modular Arithmetic Logic Units over GF(2^n)," IEEE Transactions on Computers, vol. 56, no. 9, pp. 1269-1282, Sept. 2007, doi:10.1109/TC.2007.1071
Usage of this product signifies your acceptance of the Terms of Use.