Elsevier

Microelectronics Journal

Volume 34, Issue 10, October 2003, Pages 975-980
Microelectronics Journal

An efficient reconfigurable multiplier architecture for Galois field GF(2m)

https://doi.org/10.1016/S0026-2692(03)00172-1Get rights and content

Abstract

This paper describes an efficient architecture of a reconfigurable bit-serial polynomial basis multiplier for Galois field GF(2m), where 1<mM. The value m, of the irreducible polynomial degree, can be changed and so, can be configured and programmed. The value of M determines the maximum size that the multiplier can support. The advantages of the proposed architecture are (i) the high order of flexibility, which allows an easy configuration for different field sizes, and (ii) the low hardware complexity, which results in small area. By using the gated clock technique, significant reduction of the total multiplier power consumption is achieved.

Introduction

Arithmetic operations over GF(2m) have many applications in coding theory [1] and cryptography [2]. As the multiplication is very costly in terms of area and delay, a lot of research has been performed in designing small area and high-speed multipliers [3], [4], [5].

Previous published multipliers over GF(2m) can be classified into three categories: the bit-serial multipliers [3], with O(m) area requirement, the bit-parallel multipliers [4], with O(m2) area requirement, and the hybrid [5], which are partially bit-serial and partially bit-parallel. Hybrid multipliers are faster than bit-serial ones, while their area is smaller than that of bit-parallel. Another classification can be considered based on the used basis representation, which may be polynomial, normal, dual or digit [6], [7], [8]. The multiplier hardware complexity can be reduced if (i) the irreducible polynomial is an All-One Polynomial (AOP) [9] or a trinomial [10], and (ii) a redundant field representation is used [11].

Many of the previous proposed multipliers have fixed field size, and so, if the irreducible polynomial has to change the multiplier must be redesigned [4], [9], [10]. In the recent years only few fixed field size multipliers were proposed in which the coefficients of the irreducible polynomial can be modified [3]. However, all the above fixed field size multipliers do not work efficiently in applications with variable field size requirements. In these applications the multipliers always performs all the operations, which are needed for the maximum field size calculations. So, in order to improve the system performance in multiplication cases with field size less than the maximum, a proper and flexible design implementation is required. In the past, multipliers with this feature have been proposed in Refs. [5], [12], [13].

Nowadays wireless devices are widely used. Since power consumption determines the time between two successive recharges of such a device and the battery life as well, the reduction of power dissipation is vital in such devices. The main source of power dissipation in a CMOS circuit is the switching activity of its nodes, which may contribute more than 90% of the total power consumption [14]. However, a lot of the performed circuit node transitions are wasteful regarding the functionality of the circuit. Hence, avoiding the unnecessary and wasteful transitions is a major task in the low power design.

In this paper, a small area reconfigurable architecture for the Most Significant Bit (MSB)-first, bit-serial, polynomial basis multiplier over GF(2m) is introduced, where 1<mM. m is the degree of the irreducible polynomial and it can be easily changed according to the application requirements. M is the maximum degree of the irreducible polynomial.

Compared with the multipliers in Refs. [3], [5], [12] the advantages of the proposed architecture are: (i) the high order of flexibility, which allows an easy configuration for different field degree m, and (ii) the low hardware complexity, which results in smaller area. By using the gated clock technique, significant reduction of the total multiplier power consumption is achieved. The proposed multiplier is suitable for elliptic curve applications [15], [16], especially in devices with strict area limitations.

The paper is organized as follows: in Section 2 a brief description of the MSB-first, bit-serial, polynomial basis GF(2m) multiplier is given. In Section 3, the multiplier proposed reconfigurable architecture is presented. Measurements and comparisons with other multipliers are shown in the Section 4. Section 5 concludes the paper.

Section snippets

MSB-first bit-serial GF(2m) multiplier

Two elements, A(x) and B(x), over GF(2m) can be expressed as polynomials of degree at most m−1 over GF(2):A(x)=am−1xm−1+am−2xm−2+⋯+a1x+a0,withaiGF(2)0≤i≤m−1B(x)=bm−1xm−1+bm−2xm−2+⋯+b1x+b0,withbiGF(2)0≤i≤m−1We define the field according to P(x):P(x)=xm+pm−1xm−1+⋯+p1x+p0,withpiGF(2)0≤i≤m−1a m-order irreducible polynomial over GF(2). This polynomial is also irreducible over GF(2m) [17]. When the coefficients pi, in the polynomial of Eq. (3), are equal to one, the irreducible polynomial is named

Proposed multiplier architecture

The proposed reconfigurable MSB-first multiplier that can be used for variable field degree m is shown in Fig. 3.

The proposed hardware implementation consists of a bit-sliced LFSR and is very similar to the conventional bit-serial multiplier of Fig. 2. It requires M extra demultiplexers and M extra OR gates. Each slice i, consists of two subfield multipliers (AND gates), one subfield adder (XOR gate), one 2-output demultiplexer, one OR gate, and 3 one-bit registers (P(i), A(i) and D(i)). The

Measurements and comparisons

The area hardware resources and the execution time of the proposed multiplier hardware implementation are shown in Table 1. For comparison, measurements from other designs are also presented.

In Table 1 measurements for the Control Unit area resources are not considered. The bit-serial polynomial basis multiplier suggested in Ref. [3], is based on the Programmable Cellular Automata [19]. It requires less area resources than the proposed implementation, and the critical path is shorter. On the

Conclusion

A reconfigurable bit-serial Galois field multiplier architecture is proposed in this paper. The multiplier is reconfigurable because it can perform for variable Galois field degree m. This multiplier can support any arbitrary irreducible polynomial. The multiplication result is computed after m clock cycles. The advantages of the proposed architecture are the high order of flexibility, which allows an easy configuration for variable field size 2m, and the low hardware complexity, which results

References (23)

  • S. Lin et al.

    Error Control Coding: Fundamentals and Applications

    (1983)
  • A.J. Menezes et al.

    Handbook of Applied Cryptography

    (1997)
  • H. Li et al.

    Efficient cellular automata based versatile multiplier for GF(2m)

    J Inform. Sci. Engng.

    (2002)
  • Ç.K. Koç et al.

    Low-complexity bit-parallel canonical and normal basis multipliers for a class of finite fields

    IEEE Trans. Comput.

    (1998)
  • C. Paar et al.

    Fast arithmetic for public-key algorithms in Galois field with composite exponents

    IEEE Trans. Comput.

    (1999)
  • C. Paar et al.

    Proceedings of the Third International Symposium of Communication Theory and Its Applications, Lake District, UK

    (July 1995)
  • L. Song et al.

    Low-energy digit-serial/parallel finite field multipliers

    J. VLSI Signal Process. Syst.

    (1998)
  • G. Orlando et al.

    Proceedings of the Cryptographic Hardware and Embedded Systems—CHES, LNCS

    (2001)
  • M.A. Hasan et al.

    Modular construction of low complexity parallel multipliers for a class of finite field GF(2m)

    IEEE Trans. Comput.

    (1992)
  • H. Wu

    Proceedings of the cryptographic hardware and embedded systems—CHES, LNCS

    (1999)
  • W. Geiselmann et al.

    Proceedings of the Fourth International Workshop on Practice and Theory in Public Key Cryptosystems, PKC, Cheju Island, Korea, February 13–15

    (2001)
  • Cited by (68)

    • Versatile digit serial multipliers for binary extension fields

      2015, Computers and Electrical Engineering
    • Low-power and high-speed design of a versatile bit-serial multiplier in finite fields GF(2<sup>m</sup>)

      2013, Integration, the VLSI Journal
      Citation Excerpt :

      In other words, the operands length is not changeable, and thus it does not work efficiently in applications with variable field size requirements. Similar to the proposed architecture in [10], we utilize the MSB-first multiplier, as the framework for our proposed versatile multiplier architecture [14]. We initially present a simple example in order to explain the problem related to turning the conventional multiplier into versatile multiplier and then describe the proposed solution.

    View all citing articles on Scopus
    View full text