• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.1
• /
• pp.143-152
• /
• 2012

In this paper hardware implementation of GF($2^{191}$) elliptic curve cryptographic coprocessor which supports 7 operations such as scalar multiplication(kP), Menezes-Vanstone(MV) elliptic curve cipher/decipher algorithms, point addition(P+Q), point doubling(2P), finite-field multiplication/division is described. To meet structure resistant against simple power analysis, the ECC processor adopts the Montgomery scalar multiplication scheme which main loop operation consists of the key-independent operations. It has operational characteristics that arithmetic units, such GF_ALU, GF_MUL, and GF_DIV, which have 1, (m/8), and (m-1) fixed operation cycles in GF($2^m$), respectively, can be executed in parallel. The processor has about 68,000 gates and its simulated worst case delay time is about 7.8 ns under 0.35um CMOS technology. Because it has about 320 kbps cipher and 640 kbps rate and supports 7 finite-field operations, it can be efficiently applied to the various cryptographic and communication applications.

• Journal of IKEEE
• /
• v.25 no.1
• /
• pp.174-179
• /
• 2021

An Edwards curve cryptography (EdCC) core supporting point scalar multiplication (PSM) on Edwards curves of Edwards25519 and Edwards448 was designed. For area-efficient implementation, finite field multiplier based on word-based Montgomery multiplication algorithm was designed, and the extended twisted Edwards coordinates system was adopted to implement point operations without division operation. As a result of synthesizing the EdCC core with 100 MHz clock, it was implemented with 24,073 equivalent gates and 11 kbits RAM, and the maximum operating frequency was estimated to be 285 MHz. The evaluation results show that the EdCC core can compute 299 and 66 PSMs per second on Edwards25519 and Edwards448 curves, respectively. Compared to the ECC core with similar structure, the number of clock cycles required for 256-bit PSM was reduced by about 60%, resulting in 7.3 times improvement in computational performance.

• Proceedings of the IEEK Conference
• /
• 2001.06b
• /
• pp.305-308
• /
• 2001

This paper describes the design of elliptic curve cryptographic (ECC) coprocessor over binary fields for the If card. This coprocessor is implemented by the shift-and-add algorithm for the field multiplication algorithm. And the modified almost inverse algorithm(MAIA) is selected for the inverse multiplication algorithm. These two algorithms is merged to minimize the hardware size. Scalar multiplication is performed by the binary Non Adjacent Format(NAF) method. The ECC we have implemented is defined over the field GF(2$^{163}$), which is a SEC-2 recommendation［7］..

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.42 no.1
• /
• pp.57-67
• /
• 2005

Fast scalar multiplication of points on elliptic curve is important for elliptic curve cryptography applications. In order to vary field sizes depending on security situations, the cryptography coprocessors should support variable length finite field arithmetic units. To determine the effective variable length finite field arithmetic architecture, two well-known curve scalar multiplication algorithms were implemented on FPGA. The affine coordinates algorithm must use a hardware division unit, but the projective coordinates algorithm only uses a fast multiplication unit. The former algorithm needs the division hardware. The latter only requires a multiplication hardware, but it need more space to store intermediate results. To make the division unit versatile, we need to add a feedback signal line at every bit position. We proposed a method to mitigate this problem. For multiplication in projective coordinates implementation, we use a widely used digit serial multiplication hardware, which is simpler to be made versatile. We experimented with our implemented ECC coprocessors using variable length finite field arithmetic unit which has the maximum field size 256. On the clock speed 40 MHz, the scalar multiplication time is 6.0 msec for affine implementation while it is 1.15 msec for projective implementation. As a result of the study, we found that the projective coordinates algorithm which does not use the division hardware was faster than the affine coordinate algorithm. In addition, the memory implementation effectiveness relative to logic implementation will have a large influence on the implementation space requirements of the two algorithms.

• JSTS:Journal of Semiconductor Technology and Science
• /
• v.16 no.1
• /
• pp.118-125
• /
• 2016

This paper presents a new high-efficient algorithm and architecture for an elliptic curve cryptographic processor. To reduce the computational complexity, novel modified Lopez-Dahab scalar point multiplication and left-to-right algorithms are proposed for point multiplication operation. Moreover, bit-serial Galois-field multiplication is used in order to decrease hardware complexity. The field multiplication operations are performed in parallel to improve system latency. As a result, our approach can reduce hardware costs, while the total time required for point multiplication is kept to a reasonable amount. The results on a Xilinx Virtex-5, Virtex-7 FPGAs and VLSI implementation show that the proposed architecture has less hardware complexity, number of clock cycles and higher efficiency than the previous works.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.5
• /
• pp.1099-1103
• /
• 2016

The user's secret key can be retrieved by the leakage informations of power consumption occurred during the execution of scalar multiplication for elliptic curve cryptographic algorithm which can be embedded on a security device. Recently, a carry random recoding method is proposed to prevent simple power and differential power analysis attack by recoding the secret key. In this paper, we show that this recoding method is still vulnerable to the differential power analysis attack due to the limitation of the size of carry bits, which is a different from the original claim.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.356-360
• /
• 2006

Recently, many power analysis attacks have been proposed. Since the attacks are powerful, it is very important to implement cryptosystems securely against the attacks. We propose countermeasures against power analysis attacks for elliptic curve cryptosystems based on Koblitz curves (KCs), which are a special class of elliptic curves. That is, we make our countermeasures be secure against SPA, DPA, and new DPA attacks, specially RPA, ZPA, using a random point at each execution of elliptic curve scalar multiplication. And since our countermeasures are designed to use the Frobenius map of KC, those are very fast.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.1
• /
• pp.931-934
• /
• 2005

The scalar point multiplication operations is one of the most time-consuming components in elliptic curve cryptosystems. In this paper, we suggest how to induce the point-quadruple (4Q) operation by improving the double-and-add method, which has been a prevailing computing method for calculating the result of a scalar point multiplication. Induced and drived numerical expressions were evaluated and verified by a real application using C programming language. The induced algorithm can be applied to a various kind of calculations in elliptic curve operations more efficiently and by a faster implementation.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.784-787
• /
• 2004

The most time-consuming back-bone operation in an elliptic curve cryptosystem is scalar multiplication. In this paper, we propose a method of inducing a GF operation named point quadruple operation to be used in the quad-and-add algorithm, whith was achieved by refining the traditional double-and-add algorithm. Induced expression of the algorithm was verified and proven by C program in a real model of calculation. The point quadruple operation can be used in fast and efficient implementation of scalar multiplication operation.

• Journal of Institute of Convergence Technology
• /
• v.8 no.1
• /
• pp.15-20
• /
• 2018

Recently a GPU has acquired programmability to perform general purpose computation fast by running thousands of threads concurrently. This paper presents a parallel GPU computation algorithm for dense matrix-matrix addition and scalar multiplication using OpenGL compute shader. It can play a very important role as a fundamental building block for many high-performance computing applications. Experimental results on NVIDIA Quad 4000 show that the proposed algorithm runs 21 times faster than CPU algorithm and achieves performance of 16 GFLOPS in single precision for dense matrices with size 4,096. Such performance proves that our algorithm is practical for real applications.