Bit-Parallel Word-Serial Multiplier in GF(2 233 ) and Its VLSI Implementation. Dr. M. Ahmadi

Size: px

Start display at page:

Download "Bit-Parallel Word-Serial Multiplier in GF(2 233 ) and Its VLSI Implementation. Dr. M. Ahmadi"

Gerald Flynn
5 years ago
Views:

1 Bt-Parallel Word-Seral Multpler n GF(2 233 ) and Its VLSI Implementaton Supervsors: Student: Dr. Huapeng Wu Dr. M. Ahmad Wenka Tang

2 Contents Introducton to Fnte Feld Research Motvatons Proposed Multplers VLSI Desgn Conclusons References 2

3 Introducton to Fnte Feld Fnte feld A set of fnte number of elements where addton and multplcaton are defned, denoted as GF Eample : GF(2) {,, +, * } * + Multplcaton Addton Eample 2: GF(2 2 ) can be generated by F() 2 ++ where {,} s called a polynomal bass Four elements are: + ( ( ( ( ) ) ) ) 3

4 4 Fnte Feld Multplcaton 2 2 ),...,, ( ),...,, ( m m m m m m b b b b B and a a a a A Let be any two feld elements n GF(2 m ), where }, {, a b 2 ) ( mod ),...,, ( m m j j j m m F b a AB c c c C Then the product Ths s what we want to mplement Eample: GF(2 2 ) s generated by F() 2 ++ Let B A + () () Then () ) ( mod ) ( ) ( ) mod ( ) ( mod ) ( F F F AB C

5 Fnte feld multplers CAB Operand B Bt-parallel fnte feld multpler AND gates: m 2 XOR gates: m 2 - Operand A Product C A, B, C GF(2 5 ) Bt-seral fnte feld multpler Operand B AND gates: m XOR gates: m+ m-bt regsters: 2 Operand A One multplcaton needs m clock cycles A, B, C GF(2 5 ) Product C 5

6 Bt-parallel squarer CA 2 Archtecture Operand A Squarng C Bt-parallel squarer n GF(2 5 ) Gate counts 3 XOR gates 6

Research Motvatons Smart card and applcatons Usually a plastc card that contans a securty processor and has many securty related applcatons E-Commerce Personal fnance Health care Campus

7 Research Motvatons Smart card and applcatons Usually a plastc card that contans a securty processor and has many securty related applcatons E-Commerce Personal fnance Health care Campus badges and access Telecommutng and corporate network securty GSM cell phones Lmtatons Low frequency, lmt memory sze Software mplementaton of securty applcaton s slow and nsecure Area constrant 7

8 Smart card and publc key cryptosystem Publc key cryptosystem key echange, dgtal sgnature and encrypton/decrypton Ellptc Curve (EC) over RSA Shorter key length than RSA wth the same securty strength Very sutable for VLSI mplementaton EC s more sutable for smart card EC operatons Fnte feld multplcaton Fnte feld squarng Fnte feld addton We wll desgn a fnte feld multpler for smart card 8

9 Proposed Multplers Choose a fnte feld Degree Polynomal F( ) F ( ) F( ) F( ) F( ) Fnte felds recommended by NIST for ellptc curve systems 9

10 Bt-Parallel Word-Seral (BPWS) Multpler Let {,, 2,, 232 } be the polynomal bass for GF(2 233 ). Let A and B be any two feld elements and A 232 a, where a GF ( 2 ) B 232 b, where b GF ( 2 ) The product s C AB 232 a mod B F ( ) mod F ( )

11 Bt-Parallel Word-Seral (BPWS) Multpler (Cont d) Algorthm: A ( a A 29 a a a7a6... a A A 28 ) Archtecture: 7 6 Let A a + a + + a, for,,..., 29 j + 8 j+ 7 8 j j j Then A 232 a (...( A29 + A28 ) A ) + A C ABmodF( ) (...(( A29B + A28B) + A27B) A B) + A BmodF( ) Let D j A29 j B, for j,,..., 29 C j C j 8 + D j, for j,,...,29, and C Then C C 29

12 Generatng the Product D j A29 j B, for j,,..., 29 C j C j j 8 + D, for j,,...,29, and C Clock cycle Output of M Output of M4 Output D C D D C 8 C 2 D 2 C 8 C 2 28 D 28 C 27 8 C D 29 C 28 8 C 29 C 2

13 M3: Constant multpler γ 8 α Logc equaton Crcut γ α α α α α 5 +,, ,9, ,75,... 82,83, Gate count 8 XOR gates 3

14 M: Partal product generator A j B Functon 7 A j B ( a + a a7 ) B 7 a B + a B a B Components Seven constant multplers Eght AND networks A XOR network 7 4

15 M: Partal product generator (Cont d) Archtecture 5

16 M: Partal product generator (Cont d) Constant multplers j α, j,2,,7. Smlar archtecture as M3 ( 8 α) 6

17 M: Partal product generator (Cont d) AND network 7

18 M: Partal product generator (Cont d) XOR network 7 XOR sub networks M: Sub XOR network 8

19 Alternatve BPWS fnte feld multpler Least sgnfcant word (LSW) frst archtecture One addtonal m-bt regster needed One multplcaton stll needs 3 clock cycles Archtecture: 9

20 General BPWS fnte feld multpler Fnte feld: GF(2 m ) Word sze: p Components: -One p m partal product generator -One adder (m XOR gates) -One constant FFM -One m-bt regster 2

21 Comparsons Multpler Fnte feld Speed (Clock cycle) Crcut complety Parallel GF(2 233 ) AND gates XOR gates Seral 233 two 233-bt regsters 233 AND gates 234 XOR gates Proposed 3 8*233 AND gates BPWS 8* XOR gates one 233-bt regster Alternatve 3 8*233 AND gates BPWS 8* XOR gates Two 233-bt regsters General BPWS Trnomal GF(2 m ) Celng functon of (m/p) p*m AND gates p*m+(p+)p/2 XOR gates (<k<m/2 One m-bt regster p word wdth) 2

22 Target VLSI Desgn ASIC chp whch can perform multplcaton and squarng n GF(2 233 ) Specfcatons Frequency: 5MHz Gate counts: 4 Desgn flow CMC dgtal desgn flow Technology TSMC.8 µm CMOS technology 22

23 Hardware schematc 23

24 Fnal results and comparsons Multpler Frequency (MHz) Feld sze # of cells Gate counts Area (µm 2 ) VLSI technology BPWS (ma. 3) TSMC.8µm CMOS Squarer Classcal [] LUTs FFs N/A Xln FPGA XC2V6- ff57-4 Hans et al MSD [2] LUTs 2948 FFs 3664 N/A Xln FPGA Vrte-II XCV2E-7 Souch et al 8288 [3] *8*288 ANDs 2*8*288 XORs 3*(8+288) FFs 4544 N/A ALTERA FPGA EPFK25AG C

25 Chp Layout 25

26 Conclusons Bt-parallel word-seral multpler archtectures are proposed. The proposed archtectures are not only useful for smart card but also benefcal to other securty processors. An ASIC chp whch has the proposed BPWS multpler and bt parallel squarer s mplemented. A novel 8233 partal product generator s desgned. Future work epected s to use ths multpler n securty processor for smart card. 26

27 References [] Grabbe C.,Bednara M., Tech J.,Von Zur Gathen J., Shokrollah J, FPGA desgns of parallel hgh performance GF(2^233) multplers, Crcuts and Systems, 23. ISCAS '3. Proceedngs of the 23 Internatonal Symposum on, Volume: 2, May 23 [2] Hans Eberle, Sheuelng Chang, Nls Gura, Sumt Gupta, Dnel Fnchelsten, Edouard Goupy, Douglas Stebla, An End-to-End Systems Approach to Ellptc Curve Cryptography Sun Mcrosytems Laboratores [3] Souch Okada, Naoya Tor, Kouch Itoh, Masahko Takenaka, Implementaton of Ellptc Curve Cryptographc Coprocessor over GF(2^m) on an FPGA ', C.K. Koc and C. Paar (Eds.): CHES 2, LNCS 965, pp. 25-4, 2. Sprnger-Verlag Berln Hedelberg 2 27

28 Queston? 28

29 THANK YOU! 29

A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n )

A Reconfigurable System on Chip Implementation for Elliptic Curve Cryptography over GF(2 n ) Reconfgurable System on Chp Implementaton for Ellptc Curve Cryptography over GF( n ) Mchael Jung, M. Ernst, F. Madlener, S. Huss, R. lümel Integrated Crcuts and Systems Lab Computer Scence Department Darmstadt