Elliptic Curve Group Core Specification. Author: Homer Hsing

Similar documents
Tate Bilinear Pairing Core Specification. Author: Homer Hsing

EECS150 - Digital Design Lecture 17 - Sequential Circuits 3 (Counters)

Laboratory Exercise #8 Introduction to Sequential Logic

EECS150 - Digital Design Lecture 23 - FSMs & Counters

Laboratory Exercise #11 A Simple Digital Combination Lock

Parity Checker Example. EECS150 - Digital Design Lecture 9 - Finite State Machines 1. Formal Design Process. Formal Design Process

EECS150 - Digital Design Lecture 18 - Counters

EECS150 - Digital Design Lecture 18 - Counters

EECS150 - Digital Design Lecture 11 - Shifters & Counters. Register Summary

ECEN 651: Microprogrammed Control of Digital Systems Department of Electrical and Computer Engineering Texas A&M University

or 0101 Machine

6 Synchronous State Machine Design

A Novel Efficient Hardware Implementation of Elliptic Curve Cryptography Scalar Multiplication using Vedic Multiplier

ABHELSINKI UNIVERSITY OF TECHNOLOGY

Hardware Implementation of Elliptic Curve Point Multiplication over GF (2 m ) for ECC protocols

EECS Components and Design Techniques for Digital Systems. FSMs 9/11/2007

Introduction to the Xilinx Spartan-3E

Example: vending machine

Pipelined Viterbi Decoder Using FPGA

EGR224 F 18 Assignment #4

Radiation Induced Multi bit Upsets in Xilinx SRAM Based FPGAs

COVER SHEET: Problem#: Points

Implementation Of Digital Fir Filter Using Improved Table Look Up Scheme For Residue Number System

EECS150 - Digital Design Lecture 23 - FFs revisited, FIFOs, ECCs, LSFRs. Cross-coupled NOR gates

EECS150 - Digital Design Lecture 25 Shifters and Counters. Recap

EECS150 - Digital Design Lecture 21 - Design Blocks

Chapter 6. Synchronous Sequential Circuits

Chapter 7 Sequential Logic

EECS150 - Digital Design Lecture 16 Counters. Announcements

Appendix B. Review of Digital Logic. Baback Izadi Division of Engineering Programs

EECS 579: Logic and Fault Simulation. Simulation

FPGA Resource Utilization Estimates for NI crio LabVIEW FPGA Version: 8.6 NI-RIO Version: 3.0 Date: 8/5/2008

Arithmetic Operators for Pairing-Based Cryptography

Reduced-Area Constant-Coefficient and Multiple-Constant Multipliers for Xilinx FPGAs with 6-Input LUTs

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Department of Electrical Engineering and Computer Sciences

Lab #10: Design of Finite State Machines

FPGA accelerated multipliers over binary composite fields constructed via low hamming weight irreducible polynomials

Design and FPGA Implementation of Radix-10 Algorithm for Division with Limited Precision Primitives

Product Obsolete/Under Obsolescence. Quantization. Author: Latha Pillai

University of Toronto Faculty of Applied Science and Engineering Edward S. Rogers Sr. Department of Electrical and Computer Engineering

CSE 140 Midterm 2 Tajana Simunic Rosing. Spring 2008

High Speed Cryptoprocessor for η T Pairing on 128-bit Secure Supersingular Elliptic Curves over Characteristic Two Fields

High Speed Cryptoprocessor for η T Pairing on 128-bit Secure Supersingular Elliptic Curves over Characteristic Two Fields

UNIVERSITY OF BOLTON SCHOOL OF ENGINEERING BENG (HONS) ELECTRICAL & ELECTRONICS ENGINEERING EXAMINATION SEMESTER /2017

FPGA Resource Utilization Estimates for NI PXI-7854R. LabVIEW FPGA Version: 8.6 NI-RIO Version: 3.0 Date: 8/5/2008

FSM Examples. Young Won Lim 11/6/15

EECS150 - Digital Design Lecture 22 - Arithmetic Blocks, Part 1

EECS150 - Digital Design Lecture 15 SIFT2 + FSM. Recap and Outline

CSC 322: Computer Organization Lab

Review: Designing with FSM. EECS Components and Design Techniques for Digital Systems. Lec 09 Counters Outline.

King Fahd University of Petroleum and Minerals College of Computer Science and Engineering Computer Engineering Department

Design and Study of Enhanced Parallel FIR Filter Using Various Adders for 16 Bit Length

Digital Control of Electric Drives

10/12/2016. An FSM with No Inputs Moves from State to State. ECE 120: Introduction to Computing. Eventually, the States Form a Loop

FPGA-Based Elliptic Curve Cryptography for RFID Tag Using Verilog

2. Accelerated Computations

SFI Channel SDR Interface with Bus Alignment Author: Greg Burton

International Journal of Advanced Computer Technology (IJACT)

Simulation of Logic Primitives and Dynamic D-latch with Verilog-XL

Fundamentals of Computer Systems

Topic 8: Sequential Circuits

Vidyalankar S.E. Sem. III [EXTC] Digital Electronics Prelim Question Paper Solution ABCD ABCD ABCD ABCD ABCD ABCD ABCD ABCD = B

FPGA-based Niederreiter Cryptosystem using Binary Goppa Codes

Fast FPGA Placement Based on Quantum Model

MAHALAKSHMI ENGINEERING COLLEGE TIRUCHIRAPALLI

Sequential Circuit Analysis

Laboratory Exercise #10 An Introduction to High-Speed Addition

Roger L. Tokheim. Chapter 8 Counters Glencoe/McGraw-Hill

CSE 320: Spartan3 I/O Peripheral Testing

Enumeration of Bent Boolean Functions by Reconfigurable Computer

Different encodings generate different circuits

DM74LS74A Dual Positive-Edge-Triggered D Flip-Flops with Preset, Clear and Complementary Outputs

ECEN 248: INTRODUCTION TO DIGITAL SYSTEMS DESIGN. Week 7 Dr. Srinivas Shakkottai Dept. of Electrical and Computer Engineering

CHW 261: Logic Design

ECE/Comp Sci 352 Digital Systems Fundamentals. Charles R. Kime Section 2 Fall Logic and Computer Design Fundamentals

Design of Datapath Controllers

Digital Circuits ECS 371

Digital Fundamentals

An Optimized Hardware Architecture of Montgomery Multiplication Algorithm

LOGIC CIRCUITS. Basic Experiment and Design of Electronics

Review: Designing with FSM. EECS Components and Design Techniques for Digital Systems. Lec09 Counters Outline.

Problem Set 9 Solutions

Efficient Hardware Calculation of Inverses in GF (2 8 )

Lecture 14: State Tables, Diagrams, Latches, and Flip Flop

Lessons Learned from High-Speed Implementa6on and Benchmarking of Two Post-Quantum Public-Key Cryptosystems

Review Problem 1. should be on. door state, false if light should be on when a door is open. v Describe when the dome/interior light of the car

Digital Design. Sequential Logic

Constrained Clock Shifting for Field Programmable Gate Arrays

Clocked Synchronous State-machine Analysis

Sequential Logic Circuits

Side Channel Analysis and Protection for McEliece Implementations

Design and Implementation of High Speed CRC Generators

Sequential Logic Worksheet

Chapter 14 Sequential logic, Latches and Flip-Flops

Sequential Synchronous Circuit Analysis

ENGG 1203 Tutorial _03 Laboratory 3 Build a ball counter. Lab 3. Lab 3 Gate Timing. Lab 3 Steps in designing a State Machine. Timing diagram of a DFF

Lecture #4: Potpourri

COE 202: Digital Logic Design Sequential Circuits Part 4. Dr. Ahmad Almulhem ahmadsm AT kfupm Phone: Office:

DM7473 Dual Master-Slave J-K Flip-Flops with Clear and Complementary Outputs

Hardware testing and design for testability. EE 3610 Digital Systems

Transcription:

Elliptic Curve Group Core Specification Author: Homer Hsing homer.hsing@gmail.com Rev. 0.1 March 4, 2012

This page has been intentionally left blank. www.opencores.org Rev 0.1 ii

Revision History Rev. Date Author Description 0.1 02/19/2012 Homer Hsing First Draft 02/23/2012 03/04/2012 Homer Hsing Homer Hsing 1. correct test bench name for adding two points 2. detailed explain to the speed of scalar multiplication New email and new English name of the author www.opencores.org Rev 0.1 iii

Contents INTRODUCTION...1 ARCHITECTURE...2 INTERFACE...3 TIMING DIAGRAMS...5 FPGA IMPLEMENTATION...7 TEST BENCH...8 REFERENCES...9 www.opencores.org Rev 0.1 iv

1 Introduction The Elliptic Curve Group core is for computing the addition of two elements in the elliptic curve group, and the addition of identical elements in the elliptic curve group. The elliptic curve is super-singular in affine coordinates defined over a Galois field ( ), whose irreducible polynomial is. The elliptic curve group is the set of solutions ( ) over ( ) to the equation of, together with an additional point at infinity, denoted. An element in the elliptic curve group is also called a point. The elliptic curve group is abelian. The group law is as follows. Suppose ( ) ( ) ( ). Then, ( ) ( ( )) ( ) ( ) ( ) In the following, will be also called the addition of (elliptic curve group element) and. Given a positive integer, let represent the addition of identical (elliptic curve group element), i.e. ( ). Computation of proceeds as follows. 1: 2: while do 3: if is odd then 4: 5: ( ) 6: 7: return For more information about the elliptic curve group, please refer to [1]. www.opencores.org Rev 0.1 1 of 9

2 Architecture The Elliptic Curve Group core consists of two modules, one computing the addition of two elliptic curve group elements ( ) and the other computing the addition of many identical elliptic curve group elements ( ). The first module is called point_add. The second module is called point_scalar_mult. The second module builds around the first module. The module computing c P The module computing the addition of two elliptic curve group elements www.opencores.org Rev 0.1 2 of 9

3 Interface The Elliptic Curve Group core implements the signals shown in the tables below. Two modules are separately listed. Input signals are synchronous and sampled at the rising edge of the clock. Output signals are driven by flip-flops, and not directly connected to input signals by combinational logic. For signals wider than 1 bit, the range is most significant bit down to least significant bit. Signal name Table 1: Interface signals of point_add Width In/Out Description clk 1 In clock reset 1 In active high synchronous reset x1 194 In one of input data y1 194 In one of input data zero1 1 In asserted if ( ) is the point at infinity x2 194 In one of input data y2 194 In one of input data zero2 1 In asserted if ( ) is the point at infinity done 1 Out The termination signal. It is inactive low after the reset signal asserted, and is active high only if the computation is done. When the computation is done ( ) ( ) ( ). x3 194 Out Output data. Its value is valid when the done signal is asserted. y3 194 Out Output data. Its value is valid when the done signal is asserted. zero3 1 Out Output data. It is active high only if ( ) is the point at infinity. www.opencores.org Rev 0.1 3 of 9

Signal name Table 2: Interface signals of point_scalar_mult Width In/Out Description clk 1 In clock reset 1 In active high synchronous reset x1 194 In one of input data y1 194 In one of input data zero1 1 In asserted if ( ) is the point at infinity c 151 In one of input data done 1 Out The termination signal. It is inactive low after the reset signal asserted, and is active high only if the computation is done. When the computation is done ( ) ( ). x3 194 Out Output data. Its value is valid when the done signal is asserted. y3 194 Out Output data. Its value is valid when the done signal is asserted. zero3 1 Out Output data. It is active high only if ( ) is the point at infinity. www.opencores.org Rev 0.1 4 of 9

4 Timing diagrams Input timing pattern Please follow the rule when using any module of the core: When the reset signal is asserted, valid input data should be on the input signals and keep valid until the computation termination. The input data is captured at the moment when the rising edge of the clk signal meets the high value of the reset signal as shown by the blue arrow in Figure 1. r clk x y z ro x y z ro Valid input data Valid input data Valid input data Valid input data Valid input data Valid input data Figure 1: Input timing pattern of the module point_add www.opencores.org Rev 0.1 5 of 9

Output timing pattern clk do x y z ro Valid output data Valid output data Valid output data Figure 2: Output timing pattern of the module point_add www.opencores.org Rev 0.1 6 of 9

5 FPGA Implementation The core has only been verified on a Xilinx Virtex 4 XC4VLX200-11FF1513 FPGA, synthesized with Xilinx ISE 13.4. For this setup related configuration files is in the directory synthesis/xilinx. The code is vendor independent in Verilog 2001. Synthesis results of the module point_add: - Number of occupied slices: 6,694 (7%) - Number of 4 input LUTs: 12,099 (6%) - Number of flip-flops: 6,141 (3%) - Minimal period: 5.204 ns - Max achievable frequency: 192 MHz The module computes in 2.7 microseconds if with a 100MHz clock. Synthesis results of the module point_scalar_mult: - Number of occupied slices: 7,272 (8%) - Number of 4 input LUTs: 13,780 (7%) - Number of flip-flops: 7,451 (4%) - Minimal period: 6.740 ns - Max achievable frequency: 148 MHz The module computes in 0.552 milliseconds if with a 100MHz clock. Here is the order of the generator of the elliptic curve group. www.opencores.org Rev 0.1 7 of 9

6 Test bench The file testbench/simulation.do is a batch file for ModelSim to compile the HDL files, setup the wave file, and begin function simulation. In order to make it work properly, the working directory of ModelSim must be the directory of testbench. The file testbench/test_point_scalar_mult.v is the main test bench for the Elliptic Curve Group core. The test bench is self-checked. It feeds input data to the core and compares the correct result with the output of the core. If the output is wrong, the test bench will display an error message. Passing the test bench means both point_add and point_scalar_mult modules work. The file testbench/test_point_add.v is for testing point_add module alone. www.opencores.org Rev 0.1 8 of 9

7 References [1] Paulo S.L.M. Barreto, H.Y. Kim, Ben Lynn, and Michael Scott. Efficient Algorithms for Pairing-Based Cryptosystems. www.opencores.org Rev 0.1 9 of 9

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback