Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

A Security SoC embedded with ECDSA Hardware Accelerator

ECDSA 하드웨어 가속기가 내장된 보안 SoC

  • Jeong, Young-Su (Department of Electronic Engineering, Kumoh National Institute of Technology) ;
  • Kim, Min-Ju (Department of Electronic Engineering, Kumoh National Institute of Technology) ;
  • Shin, Kyung-Wook (School of Electronic Engineering, Kumoh National Institute of Technology)
  • Received : 2022.06.02
  • Accepted : 2022.06.20
  • Published : 2022.07.31
Download PDF
⟨ Previous Next ⟩

Abstract

A security SoC that can be used to implement elliptic curve cryptography (ECC) based public-key infrastructures was designed. The security SoC has an architecture in which a hardware accelerator for the elliptic curve digital signature algorithm (ECDSA) is interfaced with the Cortex-A53 CPU using the AXI4-Lite bus. The ECDSA hardware accelerator, which consists of a high-performance ECC processor, a SHA3 hash core, a true random number generator (TRNG), a modular multiplier, BRAM, and control FSM, was designed to perform the high-performance computation of ECDSA signature generation and signature verification with minimal CPU control. The security SoC was implemented in the Zynq UltraScale+ MPSoC device to perform hardware-software co-verification, and it was evaluated that the ECDSA signature generation or signature verification can be achieved about 1,000 times per second at a clock frequency of 150 MHz. The ECDSA hardware accelerator was implemented using hardware resources of 74,630 LUTs, 23,356 flip-flops, 32kb BRAM, and 36 DSP blocks.

타원곡선 암호 (elliptic curve cryptography; ECC) 기반의 공개키 기반구조 구현에 사용될 수 있는 보안 SoC(system-on-chip)를 설계하였다. 보안 SoC는 타원곡선 디지털 서명 알고리듬 (elliptic curve digital signature algorithm; ECDSA)용 하드웨어 가속기가 AXI4-Lite 버스를 통해 Cortex-A53 CPU와 인터페이스된 구조를 갖는다. ECDSA 하드웨어 가속기는 고성능 ECC 프로세서, SHA3 (secure hash algorithm 3) 해시 코어, 난수 생성기, 모듈러 곱셈기, BRAM (block random access memory), 그리고 제어 FSM (finite state machine)으로 구성되며, 최소의 CPU 제어로 ECDSA 서명 생성과 서명 검증을 고성능으로 연산할 수 있도록 설계되었다. 보안 SoC를 Zynq UltraScale+ MPSoC 디바이스에 구현하여 하드웨어-소프트웨어 통합 검증을 하였으며, 150 MHz 클록 주파수로 동작하여 초당 약 1,000번의 ECDSA 서명 생성 또는 서명 검증 연산 성능을 갖는 것으로 평가되었다. ECDSA 하드웨어 가속기는 74,630개의 LUT (look-up table)와 23,356개의 플립플롭, 32kb BRAM 그리고 36개의 DSP (digital signal processing) 블록의 하드웨어 자원이 사용되었다.

Keywords

Acknowledgement

This work was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (No. 2020R1I1A3A04038083) This work was supported by Korea Institute for Advancement of Technology (KIAT) grant funded by the Korea Government (MOTIE) (P0017011, HRD Program for Industrial Innovation) Authors are thankful to IDEC for EDA tool support.

References

  1. IoT Analytics, Market Insights for the Internet of Things [Internet]. Available: https://iot-analytics.com/state-of-the-iot-2020-12-billion-iot-connections-surpassing-non-iot-for-the-first-time/.
  2. M. Ahmad, The Anatomy of Security Microcon-trollers for IoT Applications, Digi-Key Electronics, Jan. 13, 2020 [Internet]. Available: https://www.digikey.com/en/articles/the-anatomy-of-security-microcontrollers-for-iot-applications.
  3. H. -T. Huynh, T. -K. Tran, T. -P. Dang, and T. -T. Bui, "Security Enhancement for loT Systems Based on SoC FPGA Platforms," in 4th International Conference on Recent Advances in Signal Processing Telecommunications Computing (SigTelCom), Hanoi, Vietnam, pp. 35-39, 2020.
  4. S. Sugiyama, H. Awano, and M. Ikeda, "Low- Latency 256-bit Fp ECDSA Signature Generation Crypto Processor," IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. E101-A, no. 12, pp. 2290-2296, Dec. 2018. https://doi.org/10.1587/transfun.E101.A.2290
  5. Ug761 axi reference guide [Internet]. Available: http://www.xilinx.com/support/documentation/ip_documentationlug761_axi_reference_guide.pdf.
  6. H. J. Yang, "A Security SoC embedded with High-Performance ECC Processor," M. S. thesis, Kumoh National Institute of Technology, Gumi, Korea, 2021.
  7. D. S. Kim and K. W. Shin, "An Optimized Hardware Implementation of SHA-3 Hash Functions," Journal of Institute of Korean Electrical and Electronics Engineers, vol. 22, no.4, pp. 886-895, Dec. 2018.
  8. J. B. Choi and K. W. Shin, "True Random Number Generator based on Cellular Automata with Random Transition Rules," Journal of Institute of Korean Electrical and Electronics Engineers, vol. 24, no.1, pp. 52-58, Mar. 2020.
  9. J. B. Choi, "A Scalable ECC Processor Supporting Prime Field Elliptic Curves," M. S. thesis, Kumoh National Institute of Technology, Gumi, Korea, 2020.
  10. NIST, Digital Signature Standard (DSS) Federal Information Processing Standards Publication (FIPS) 186-5, Oct. 2019. [Online] Available: https://doi.org/10.6028/NIST.FIPS.186-5-draft.