An efficient reconfigurable multiplier architecture for Galois field GF(2m)
Introduction
Arithmetic operations over GF(2m) have many applications in coding theory [1] and cryptography [2]. As the multiplication is very costly in terms of area and delay, a lot of research has been performed in designing small area and high-speed multipliers [3], [4], [5].
Previous published multipliers over GF(2m) can be classified into three categories: the bit-serial multipliers [3], with O(m) area requirement, the bit-parallel multipliers [4], with O(m2) area requirement, and the hybrid [5], which are partially bit-serial and partially bit-parallel. Hybrid multipliers are faster than bit-serial ones, while their area is smaller than that of bit-parallel. Another classification can be considered based on the used basis representation, which may be polynomial, normal, dual or digit [6], [7], [8]. The multiplier hardware complexity can be reduced if (i) the irreducible polynomial is an All-One Polynomial (AOP) [9] or a trinomial [10], and (ii) a redundant field representation is used [11].
Many of the previous proposed multipliers have fixed field size, and so, if the irreducible polynomial has to change the multiplier must be redesigned [4], [9], [10]. In the recent years only few fixed field size multipliers were proposed in which the coefficients of the irreducible polynomial can be modified [3]. However, all the above fixed field size multipliers do not work efficiently in applications with variable field size requirements. In these applications the multipliers always performs all the operations, which are needed for the maximum field size calculations. So, in order to improve the system performance in multiplication cases with field size less than the maximum, a proper and flexible design implementation is required. In the past, multipliers with this feature have been proposed in Refs. [5], [12], [13].
Nowadays wireless devices are widely used. Since power consumption determines the time between two successive recharges of such a device and the battery life as well, the reduction of power dissipation is vital in such devices. The main source of power dissipation in a CMOS circuit is the switching activity of its nodes, which may contribute more than 90% of the total power consumption [14]. However, a lot of the performed circuit node transitions are wasteful regarding the functionality of the circuit. Hence, avoiding the unnecessary and wasteful transitions is a major task in the low power design.
In this paper, a small area reconfigurable architecture for the Most Significant Bit (MSB)-first, bit-serial, polynomial basis multiplier over GF(2m) is introduced, where 1<m≤M. m is the degree of the irreducible polynomial and it can be easily changed according to the application requirements. M is the maximum degree of the irreducible polynomial.
Compared with the multipliers in Refs. [3], [5], [12] the advantages of the proposed architecture are: (i) the high order of flexibility, which allows an easy configuration for different field degree m, and (ii) the low hardware complexity, which results in smaller area. By using the gated clock technique, significant reduction of the total multiplier power consumption is achieved. The proposed multiplier is suitable for elliptic curve applications [15], [16], especially in devices with strict area limitations.
The paper is organized as follows: in Section 2 a brief description of the MSB-first, bit-serial, polynomial basis GF(2m) multiplier is given. In Section 3, the multiplier proposed reconfigurable architecture is presented. Measurements and comparisons with other multipliers are shown in the Section 4. Section 5 concludes the paper.
Section snippets
MSB-first bit-serial GF(2m) multiplier
Two elements, A(x) and B(x), over GF(2m) can be expressed as polynomials of degree at most m−1 over GF(2):We define the field according to P(x):a m-order irreducible polynomial over GF(2). This polynomial is also irreducible over GF(2m) [17]. When the coefficients pi, in the polynomial of Eq. (3), are equal to one, the irreducible polynomial is named
Proposed multiplier architecture
The proposed reconfigurable MSB-first multiplier that can be used for variable field degree m is shown in Fig. 3.
The proposed hardware implementation consists of a bit-sliced LFSR and is very similar to the conventional bit-serial multiplier of Fig. 2. It requires M extra demultiplexers and M extra OR gates. Each slice i, consists of two subfield multipliers (AND gates), one subfield adder (XOR gate), one 2-output demultiplexer, one OR gate, and 3 one-bit registers (P(i), A(i) and D(i)). The
Measurements and comparisons
The area hardware resources and the execution time of the proposed multiplier hardware implementation are shown in Table 1. For comparison, measurements from other designs are also presented.
In Table 1 measurements for the Control Unit area resources are not considered. The bit-serial polynomial basis multiplier suggested in Ref. [3], is based on the Programmable Cellular Automata [19]. It requires less area resources than the proposed implementation, and the critical path is shorter. On the
Conclusion
A reconfigurable bit-serial Galois field multiplier architecture is proposed in this paper. The multiplier is reconfigurable because it can perform for variable Galois field degree m. This multiplier can support any arbitrary irreducible polynomial. The multiplication result is computed after m clock cycles. The advantages of the proposed architecture are the high order of flexibility, which allows an easy configuration for variable field size 2m, and the low hardware complexity, which results
References (23)
- et al.
Error Control Coding: Fundamentals and Applications
(1983) - et al.
Handbook of Applied Cryptography
(1997) - et al.
Efficient cellular automata based versatile multiplier for GF(2m)
J Inform. Sci. Engng.
(2002) - et al.
Low-complexity bit-parallel canonical and normal basis multipliers for a class of finite fields
IEEE Trans. Comput.
(1998) - et al.
Fast arithmetic for public-key algorithms in Galois field with composite exponents
IEEE Trans. Comput.
(1999) - et al.
Proceedings of the Third International Symposium of Communication Theory and Its Applications, Lake District, UK
(July 1995) - et al.
Low-energy digit-serial/parallel finite field multipliers
J. VLSI Signal Process. Syst.
(1998) - et al.
Proceedings of the Cryptographic Hardware and Embedded Systems—CHES, LNCS
(2001) - et al.
Modular construction of low complexity parallel multipliers for a class of finite field GF(2m)
IEEE Trans. Comput.
(1992) Proceedings of the cryptographic hardware and embedded systems—CHES, LNCS
(1999)
Proceedings of the Fourth International Workshop on Practice and Theory in Public Key Cryptosystems, PKC, Cheju Island, Korea, February 13–15
Cited by (68)
Low-complexity systolic array structure for field multiplication in resource-constrained IoT nodes
2023, Ain Shams Engineering JournalAsynchronous hardware implementations for crypto primitives
2019, Microprocessors and MicrosystemsFlexible VLSI architectures for Galois field multipliers
2017, Integration, the VLSI JournalComparing design approaches for elliptic curve point multiplication over GF(2<sup>k</sup>) with polynomial basis representation
2015, Microprocessors and MicrosystemsVersatile digit serial multipliers for binary extension fields
2015, Computers and Electrical EngineeringLow-power and high-speed design of a versatile bit-serial multiplier in finite fields GF(2<sup>m</sup>)
2013, Integration, the VLSI JournalCitation Excerpt :In other words, the operands length is not changeable, and thus it does not work efficiently in applications with variable field size requirements. Similar to the proposed architecture in [10], we utilize the MSB-first multiplier, as the framework for our proposed versatile multiplier architecture [14]. We initially present a simple example in order to explain the problem related to turning the conventional multiplier into versatile multiplier and then describe the proposed solution.