전기전자학회논문지 (Journal of IKEEE)

  • 제23권1호
  • /
  • Pages.58-67
  • /
  • 2019
  • /
  • 1226-7244(pISSN)
  • /
  • 2288-243X(eISSN)
한국전기전자학회 (Institute of Korean Electrical and Electronics Engineers)
권호 표지
DOI QR코드

DOI QR Code

GF(2m) 상의 NIST 타원곡선을 지원하는 ECC 프로세서의 경량 하드웨어 구현

A Lightweight Hardware Implementation of ECC Processor Supporting NIST Elliptic Curves over GF(2m)

  • Lee, Sang-Hyun (School of Electronic Engineering, Kumoh National Institute of Technology) ;
  • Shin, Kyung-Wook (School of Electronic Engineering, Kumoh National Institute of Technology)
  • 투고 : 2019.02.28
  • 심사 : 2019.03.22
  • 발행 : 2019.03.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

NIST 표준으로 정의된 $GF(2^m)$ 상의 슈도 랜덤 곡선과 Koblitz 곡선을 지원하는 타원곡선 암호(ECC) 프로세서 설계에 대해 기술한다. 고정된 크기의 데이터 패스를 사용하여 5가지 키 길이를 지원함과 아울러 경량 하드웨어 구현을 위해 워드 기반 몽고메리 곱셈기를 기반으로 유한체 연산회로를 설계하였다. 또한, Lopez-Dahab 좌표계를 사용함으로써 유한체 나눗셈을 제거하였다. 설계된 ECC 프로세서를 FPGA 검증 플랫폼에 구현하고, ECDH(Elliptic Curve Diffie-Hellman) 키 교환 프로토콜 동작을 통해 하드웨어 동작을 검증하였다. 180-nm CMOS 표준 셀 라이브러리로 합성한 결과 10,674 등가 게이트와 9 kbit의 dual-port RAM으로 구현되었으며, 최대 동작 주파수는 154 MHz로 평가되었다. 223-비트 슈도 랜덤 타원곡선 상의 스칼라 곱셈 연산에 1,112,221 클록 사이클이 소요되며, 32.3 kbps의 처리량을 갖는다.

A design of an elliptic curve cryptography (ECC) processor that supports both pseudo-random curves and Koblitz curves over $GF(2^m)$ defined by the NIST standard is described in this paper. A finite field arithmetic circuit based on a word-based Montgomery multiplier was designed to support five key lengths using a datapath of fixed size, as well as to achieve a lightweight hardware implementation. In addition, Lopez-Dahab's coordinate system was adopted to remove the finite field division operation. The ECC processor was implemented in the FPGA verification platform and the hardware operation was verified by Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol operation. The ECC processor that was synthesized with a 180-nm CMOS cell library occupied 10,674 gate equivalents (GEs) and a dual-port RAM of 9 kbits, and the maximum clock frequency was estimated at 154 MHz. The scalar multiplication operation over the 223-bit pseudo-random elliptic curve takes 1,112,221 clock cycles and has a throughput of 32.3 kbps.

키워드

JGGJB@_2019_v23n1_58_f0001.png 이미지

Fig. 1. Architecture of ECC processor in GF(2m). 그림 1. GF(2m) 상의 ECC 프로세서 구조

JGGJB@_2019_v23n1_58_f0002.png 이미지

Fig. 2. Pseudo-code for word-based Montgomery multiplication algorithm. 그림 2. 워드 기반 몽고메리 곱셈 알고리듬의 슈도코드

JGGJB@_2019_v23n1_58_f0003.png 이미지

Fig. 3. Word-based Montgomery multiplier. 그림 3. 워드 기반 몽고메리 곱셈기

JGGJB@_2019_v23n1_58_f0004.png 이미지

Fig. 4. State transition diagram of control FSM. 그림 4. 제어 FSM의 상태 천이도

JGGJB@_2019_v23n1_58_f0005.png 이미지

Fig. 5. Pseudo code for point operations using Lopez- Dahab’s coordinate, (a) point addition, (b) point doubling. 그림 5. Lopez-Dahab 좌표계를 사용하는 점 연산 슈도코드, (a) 점 덧셈, (b) 점 두 배

JGGJB@_2019_v23n1_58_f0006.png 이미지

Fig. 6. RTL simulation results for scalar multiplication of ECC processor, (a) 233-bit pseduo-random curve, (b) 233-bit Koblitz curve. 그림 6. ECC 프로세서의 스칼라 곱셈 연산에 대한 RTL 시뮬레이션 결과 (a) 233-비트 슈도 랜덤 커브, (b) 233-비트 Koblitz 커브

JGGJB@_2019_v23n1_58_f0007.png 이미지

Fig. 7. FPGA verification platform for ECC processor. 그림 7. ECC 프로세서의 FPGA 검증 플랫폼

JGGJB@_2019_v23n1_58_f0008.png 이미지

Fig. 8. Screenshots of FPGA verification results of the ECC processor, (a) ECDH using 571-bit pseudo-random curve, (b) ECDH using 571-bit Koblitz curve. 그림 8. ECC 프로세서의 FPGA 검증결과 화면, (a) 571-비트 슈도 랜덤 커브를 이용한 ECDH, (b) 571-비트 Koblitz 커브를 이용한 ECDH

Table. 1. Point addition and point doubling operations of elliptic curves over GF(2m). 표 1. GF(2m) 상의 타원곡선 점 덧셈과 점 두 배 연산

JGGJB@_2019_v23n1_58_t0001.png 이미지

Table. 2. Data n*0 according to elliptic curves. 표 2. 타원곡선에 따른 데이터 n*0

JGGJB@_2019_v23n1_58_t0002.png 이미지

Table. 3. Clock cycles required for scalar multiplication. 표 3. ECC 스칼라 곱셈의 소요 클록 사이클 수

JGGJB@_2019_v23n1_58_t0003.png 이미지

Table 4. Comparison of ECC processors. 표 4. ECC 프로세서의 비교

JGGJB@_2019_v23n1_58_t0004.png 이미지

참고문헌

  1. A. Firestone, "Information Security Overview," Security Industry Association, pp. 1-25, 2018.
  2. R. Rivest, A. Shamir and L. Adleman, "A method for obtaining Digital Signatures and Public-Key Crypto-systems," Communications of Association for Computing Machinery (ACM), vol. 21, no. 2, pp. 120-126, 1978. DOI: 10.1145/359340.359342
  3. NIST Std. FIPS PUB 186-2, Digital Signature Standard (DSS), National Institute of Standard and Technology (NIST), 2000.
  4. N. Koblitz, "Elliptic Curve Cryptosystems," Mathematics of Computation, vol. 48, no. 177, pp. 203-309, 1987. DOI: 10.1090/S0025-5718-1987-0866109-5
  5. V. S. Miller, "Uses of Elliptic Curves in Cryptography," Advances in cryptography-CRYPTO'85, LNCS 218, Springer-Verlag, pp. 417-426, 1986. DOI: 10.1007/3-540-39799-X_31
  6. H. Marzouqi, M. Al-Qutayri and K. Salah, "Review of Elliptic Curve Cryptography processor designs," Microprocessors and Microsystems, vol. 39, pp. 97-112, 2015. DOI: 10.1016/j.micpro.2015.02.003
  7. B. G. Park and K. W. Shin, "A Lightweight ECC Processor Supporting Elliptic Curves over NIST Prime Fields," Journal of The Institute of Electronics and Information Engineers, vol. 55, no. 9, pp. 35-43, 2018. DOI: 10.5573/ieie.2018.55.9.35
  8. P. M. Matutino, J. Araújo, L. Sousa and R. Chaves, "Pipelined FPGA coprocessor for elliptic curve cryptography based on residue number system," 2017 International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation(SAMOS), Pythagorion, pp. 261-268, 2017. DOI: 10.1109/SAMOS.2017.8344638
  9. Z. He and X. Chen, "Design and implementation of high-speed configurable ECC co-processor," 2017 IEEE 12th International Conference on ASIC (ASICON), Guiyang, pp. 734-737, 2017. DOI: 10.1109/ASICON.2017.8252580
  10. K. M. John and S. Sabi, "A novel high performance ECC processor architecture with two staged multiplier," 2017 IEEE International Conference on Electrical, Instrumentation and Communication Engineering (ICEICE), Karur, pp. 1-5, 2017. DOI: 10.1109/ICEICE.2017.8191885
  11. K. C. Cinnati Loi, Sen An and Seok-Bum Ko, "FPGA Implementation of Low Latency Scalable Elliptic Curve Cryptosystem Processor in $GF(2^m)$" Proceedings of 2014 IEEE International Symposium on Circuits and Systems (ISCAS'14), Melbourne, pp. 822-825, 2014. DOI: 10.1109/ISCAS.2014.6865262
  12. M. S. Hossain, E. Saeedi, and Y. Kong. "High-Speed, Area-Efficient, FPGA-Based Elliptic Curve Cryptographic Processor over NIST Binary Fields," Data Science and Data Intensive Systems (DSDIS), 2015 IEEE International Conference on. IEEE, 2015. pp. 175-181. DOI: 10.1109/DSDIS.2015.44
  13. B. G. Park, and K. W. Shin, "A small-area implementation of cryptographic processor for 233-bit elliptic curves over binary field," Journal of the Korea Institute of Information and Communication Engineering, vol. 21, no. 7, pp. 1267-1275, 2017. https://doi.org/10.6109/JKIICE.2017.21.7.1267
  14. L. Li and S. Li, "High-Performance Pipelined Architecture of Point Multiplication on Koblitz Curves," in IEEE Transactions on Circuits and Systems II: Express Briefs, vol. 65, no. 11, pp. 1723-1727, 2018. DOI: 10.1109/TCSII.2017.2785382
  15. C. K. koc, T. Acar, and B. S. Kaliski, "Analyzing and comparing Montgomery multiplication algorithms," IEEE Micro, vol. 16, no. 3, pp. 26-33, 1996. DOI: 10.1109/40.502403
  16. P. L. Montgomery, "Speeding the Pollard and elliptic curve methods of factorization," Mathematics of computation, vol. 48, no. 177 pp. 243-264, 1987. DOI: 10.1090/S0025-5718-1987-0866113-7
  17. TTA Std. TTAK.KO-12.0015/R1, Digital Signature Mechanism with Appendix (Part 3) Korean Certificate-based Digital Signature Algorithm using Elliptic Curves, Telecommunications Technology Association (TTA), 2012.