Presentation is loading. Please wait.

Presentation is loading. Please wait.

Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative.

Published byAleesha Beatrix Owen Modified over 8 years ago

Similar presentations

Presentation on theme: "Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative."— Presentation transcript:

1 Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative Study Kris Gaj, Sashisu Bajracharya, Nghi Nguyen, Deapesh Misra Tarek El-Ghazawi The George Washington University George Mason University

2 Gaj2P230/MAPLD 2004 Interface  P memory  P memory... PP PP I/O Interface FPGA memory FPGA memory... FPGA... I/O Microprocessor system Reconfigurable processor system What is a reconfigurable computer?

3 P230/MAPLD 2004 Why cryptography is a good application for reconfigurable computers? computationally intensive arithmetic operations unconventionally long operand sizes (160-2048 bits) multiple algorithms, parameters, key sizes, and architectures = need for reconfiguration

4 Gaj4P230/MAPLD 2004 SRC Hardware & Software

5 Gaj5P230/MAPLD 2004 SRC-6E from SRC Computers, Inc.

6 Gaj6P230/MAPLD 2004 SRC Hardware Architecture

7 Gaj7P230/MAPLD 2004 SRC Programming HLL (C) HDL (VHDL) SRC  P system FPGA system Application Programmer Library Developer

8 Gaj8P230/MAPLD 2004 SRC Compilation Process

9 Gaj9P230/MAPLD 2004 Elliptic Curve Cryptosystems

10 Gaj10P230/MAPLD 2004 Elliptic Curve Cryptosystems public key (asymmetric) cryptosystems first true alternative for RSA several times shorter keys fast and compact implementations, in particular in hardware a family of cryptosystems, instead of a single cryptosystem

11 Gaj11P230/MAPLD 2004 Three Classes of Elliptic Curves Elliptic curves built over K = GF(p) K = GF(2 m ) Polynomial basis representation Normal basis representation Fast in hardware Arithmetic operations present in many libraries Compact in hardware m=155.. 512 Secure m Our m m=233

12 Gaj12P230/MAPLD 2004 Basic operations of ECC Basic operations in Galois Field GF(2 m ) Basic operations on points of an Elliptic Curve addition and subtraction (xor): x+y, x-y (XOR) addition of points: P + Q doubling a point: 2 P projective to affine coordinate: P2A multiplication, squaring: x  y, x 2 inversion: x -1 Complex operations on points of an Elliptic Curve scalar multiplication: k  P = P + P + …+P k times

13 Gaj13P230/MAPLD 2004 ECC hierarchy of functions kP P+Q2P projective_to_affine (P2A) MUL INV High level Medium level Low level 2 SQR XOR Low level 1 independent of the GF representation specific to the given GF representation

14 Gaj14P230/MAPLD 2004 Investigated Partitioning Schemes

15 Gaj15P230/MAPLD 2004 C function for  P C function for MAP VHDL macro SRC Program Partitioning  P system FPGA system HLL HDL

16 Gaj16P230/MAPLD 2004 kP C function for  P C function for MAP VHDL macro H 0 0 H00 Partitioning (μP Software Only) specific to the given GF representation

17 Gaj17P230/MAPLD 2004 kP 0 0 H 00H Partitioning (VHDL only) C function for  P C function for MAP VHDL macro specific to the given GF representation

18 Gaj18P230/MAPLD 2004 MUL4 C function for MAP VHDL macros ROTSQRXOR C function forµP 0 H L1 V_ ROT POW kP INV P2A P+Q2P kP INV P2A P+Q 2P MUL2 MUL 0HL1 Partitioning independent of the GF representation specific to the given GF representation

19 Gaj19P230/MAPLD 2004 MUL P+Q2P INV P2A kP MUL MUL4 MUL2 MUL POW FPGA Contents (0HL1)

20 Gaj20P230/MAPLD 2004 MUL4 C function for MAP VHDL macros ROTSQRXOR C function forµP 0 H L2 INV kP P2A P+Q2P kP P2AP+Q 2P MUL2 0HL2 Partitioning independent of the GF representation specific to the given GF representation

21 Gaj21P230/MAPLD 2004 0HM Partitioning C function for MAP VHDL macros C function forµP 0 H M P+Q 2P P2A kP independent of the GF representation specific to the given GF representation

22 Gaj22P230/MAPLD 2004 Results

23 Gaj23P230/MAPLD 2004 Timing Measurements MAP Alloc. MAP Free DMA DataOut DMA Data In FPGA Computation.c file.mc file End-to-End time (SW) MAP function MAP function FPGA Configure Configuration time MAP Allocation time MAP Release Time End-to-End time (HW)

24 Gaj24P230/MAPLD 2004 Results for Optimal Normal Basis (Latency)

25 Gaj25P230/MAPLD 2004 Results for Polynomial Basis (Latency)

26 Gaj26P230/MAPLD 2004 Results for Optimal Normal Basis (Area)

27 Gaj27P230/MAPLD 2004 Results for the Polynomial Basis (Area)

28 Gaj28P230/MAPLD 2004 Algorithm Partitioning Scheme VHDL PB VHDL ONB Macro Wrapper MAP CMain C 0HL1N/A1007260371153 0HL27141291230349153 0HMN/A1744160185153 00HN/A19603678153 Number of lines of code

29 Gaj29P230/MAPLD 2004 Conclusions Assuming focus on: Timing Resources Ease of programming

30 Gaj30P230/MAPLD 2004 Best implementation approaches Large speedup vs. software Ease of implementation Flexibility Optimal Normal Basis OHL1 scheme Polynomial Basis OHL2 scheme

31 Gaj31P230/MAPLD 2004 Conclusions Elliptic Curve Cryptosystem implementation challenging for reconfigurable computers because of optimization for latency rather than throughput limited amount of parallelism Absolute latency and resource utilization similar for Optimal Normal Basis and Polynomial Basis Number of lines of VHDL code smaller for the polynomial basis representation

32 Gaj32P230/MAPLD 2004 Conclusions – cont. because of polynomial basis operations more efficient in software 27 x greater for Optimal Normal Basis compared to Polynomial Basis Representation From 893 to 1305 times for Optimal Normal Basis From 33 times for Polynomial Basis Speed-up over Intel P3 microprocessor implementation

Download ppt "Gaj1P230/MAPLD 2004 Elliptic Curve Cryptography over GF(2 m ) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative."

Similar presentations

14. Aug. 2013 Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu.

14. Aug Towards Practical Lattice-Based Public-Key Encryption on Reconfigurable Hardware SAC 2013, Burnaby, Canada Thomas Pöppelmann and Tim Güneysu.
Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?

Are standards compliant Elliptic Curve Cryptosystems feasible on RFID?
CryptoBlaze: 8-Bit Security Microcontroller. Quick Start Training Agenda What is CryptoBlaze? KryptoKit GF(2 m ) Multiplier Customize CryptoBlaze Attacks.

CryptoBlaze: 8-Bit Security Microcontroller. Quick Start Training Agenda What is CryptoBlaze? KryptoKit GF(2 m ) Multiplier Customize CryptoBlaze Attacks.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
A reconfigurable system featuring dynamically extensible embedded microprocessor, FPGA, and customizable I/O Borgatti, M. Lertora, F. Foret, B. Cali, L.

A reconfigurable system featuring dynamically extensible embedded microprocessor, FPGA, and customizable I/O Borgatti, M. Lertora, F. Foret, B. Cali, L.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Scott CH Huang COM5336 Cryptography Lecture 14 XTR Cryptosystem Scott CH Huang COM 5336 Cryptography Lecture 10.

Scott CH Huang COM5336 Cryptography Lecture 14 XTR Cryptosystem Scott CH Huang COM 5336 Cryptography Lecture 10.
Advanced Information Security 4 Field Arithmetic

Advanced Information Security 4 Field Arithmetic
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.

Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
1 Efficient Algorithms for Elliptic Curve Cryptosystems Original article by Jorge Guajardo and Christof Paar Of WPI ECE Department Presentation by Curtis.

1 Efficient Algorithms for Elliptic Curve Cryptosystems Original article by Jorge Guajardo and Christof Paar Of WPI ECE Department Presentation by Curtis.
Elliptic Curve Cryptography Shane Almeida Saqib Awan Dan Palacio.

Elliptic Curve Cryptography Shane Almeida Saqib Awan Dan Palacio.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Design of a Reconfigurable Hardware For Efficient Implementation of Secret Key and Public Key Cryptography.

Design of a Reconfigurable Hardware For Efficient Implementation of Secret Key and Public Key Cryptography.
Summary of – “TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks” Presented by: Maulin Patel Nov/17/09 CSE291.

Summary of – “TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks” Presented by: Maulin Patel Nov/17/09 CSE291.
A Dual Field Elliptic Curve Cryptographic Processor Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University.

A Dual Field Elliptic Curve Cryptographic Processor Laboratory for Reliable Computing (LaRC) Electrical Engineering Department National Tsing Hua University.
Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.

Dr. Lo’ai Tawalbeh Fall 2005 Chapter 10 – Key Management; Other Public Key Cryptosystems Dr. Lo’ai Tawalbeh Computer Engineering Department Jordan University.
State Machines Timing Computer Bus Computer Performance Instruction Set Architectures RISC / CISC Machines.

State Machines Timing Computer Bus Computer Performance Instruction Set Architectures RISC / CISC Machines.
Chapter 2: Impact of Machine Architectures What is the Relationship Between Programs, Programming Languages, and Computers.

Chapter 2: Impact of Machine Architectures What is the Relationship Between Programs, Programming Languages, and Computers.
CHES20021 Scalable and Unified Hardware to Compute Montgomery Inverse in GF(p) and GF(2 n ) A. Gutub, A. Tenca, E. Savas, and C. Koc Information Security.

CHES20021 Scalable and Unified Hardware to Compute Montgomery Inverse in GF(p) and GF(2 n ) A. Gutub, A. Tenca, E. Savas, and C. Koc Information Security.

Similar presentations

Ads by Google