Elliptic curve based hardware architecture using cellular automata

https://doi.org/10.1016/j.matcom.2007.09.006Get rights and content

Abstract

This study presents an efficient division architecture using restricted irreducible polynomial on elliptic curve cryptosystem (ECC), based on cellular automata. The most expensive arithmetic operation in ECC is division, which is performed by multiplying the inverse of a multiplicand. The proposed architecture is highly regular, expandable, and has reduced latency and hardware complexity. The proposed architecture can be efficiently used in the hardware design of crypto-coprocessors.

Introduction

Finite field GF(2n) arithmetic operations have recently been applied to a variety of fields, including cryptography and error-correcting codes [15]. A number of modern public key cryptography systems and schemes, for example, Diffie–Hellman key pre-distribution [2], ElGamal cryptosystem [4], and elliptic curve cryptosystem (ECC) [10], [13], require division and inversion operations [3].

The main operation of ECC is the division operation, which can be regarded as a special case of exponentiation [12]. Since division, however, is quite time consuming, efficient algorithms are required for practical applications. Division operations can generally be classified into two approaches: a fast architecture design or a novel algorithm development. This current study focuses on the former approach.

Cellular automata (CA) have been used in evolutionary computations for over a decade. They have been used in a variety of applications, such as parallel processing and number theory. CA architecture has been used in the design of arithmetic computations that Zhang et al. [19] proposed architecture with programmable cellular automata, Choudhury [1] designed an LSB multiplier based on CA, and Jeon and Yoo [7] proposed simple and efficient architecture based on periodic boundary CA.

This paper proposes an efficient hardware architecture for division based on CA (CA). We focused on the architecture in ECC, which uses restricted irreducible polynomials, i.e., trinomials and pentanomials. The structure has a time complexity of n(n  1)(T2AND + T2XOR + TMUX) and a hardware complexity of (nAND + (n + 2) or (n + 6) XOR + nMUX + 4nREGISTER). In addition, our architecture can easily be expanded for other public key cryptosystems with additional (n  2) or (n  6) XOR gates. Our architecture focuses on both area and time complexities.

The rest of this paper is organized as follows: the theoretical background, including finite fields, ECC, and CA, is described in Section 2. Section 3 presents the proposed division architecture based on CA, and we present our discussion, together with a comparison of the performances between the proposed architecture and previous research, in Section 4. Finally, the conclusion is presented in Section 5.

Section snippets

Preliminary

In this section, we discuss the mathematical background in the finite field, ECC, and the characteristics and properties of CA.

Division architecture based on CA

This section presents an A/B architecture based on CA. Finite field division in GF(2n) can be performed by using multiplication and inverse processes; that is, A/B = AB−1, where A and B are the elements of GF(2n). Here, the multiplicative inverse of the field element B can be obtained by recursive squaring and multiplication, since the field element B can be expressed asB1=B2n2=(B(B(BB(B(B)2)2)2)2)2

Division also can be easily induced by Eq. (1):C=AB1=A(B(B(BB(B(B)2)2)2)2)2

The above

Comparison and analysis

A comparison of the proposed division architecture, with existing structures was performed, focusing on time and hardware complexity issues. As such, Wang's [17] and Kim's [9] division architecture was chosen. Wang proposed parallel-in parallel-out division architecture, which has a latency of n(2n  1.5) and a critical path of (T2AND + 3T2XOR). Kim proposed a serial-in serial-out divider, which has a latency of 2n(n  1) and critical path of a (2T2AND + 3T2XOR + TMUX). However, our serial-in

Conclusion

This paper presented an efficient hardware architecture in order to compute the A/B modulo irreducible polynomials, which are restricted in the Certicom Standard for ECC. We have proposed a simple hardware architecture that is the most expensive arithmetic operation scheme, such as inversion and division in ECC over GF(2n). The proposed architecture includes the characteristics of both CA and restricted irreducible polynomials, and it has minimized both time and hardware complexity. Moreover,

Acknowledgements

The authors would like to thank the anonymous referees for their valuable suggestions on how to improve the quality of the manuscript. This research was supported by the MIC of Korea, under the ITRC support program supervised by the IITA (IITA-2006-C1090-0603-0026).

References (19)

  • N.Y. Kim et al.

    Systolic architecture for inversion/division using AB2 circuits in GF(2m)

    Integr. VLSI J.

    (2003)
  • P.P. Choudhury et al.

    Cellular automata based VLSI architecture for computing multiplication and inverses in GF(2m)

  • W. Diffie et al.

    New directions in cryptography

    IEEE Transaction on Information Theory

    (1976)
  • W. Drescher et al.

    VLSI architecture for non sequential inversion over GF(2m) using the Euclidean algorithm

  • T. ElGamal

    A public key cryptosystem and a signature scheme based on discrete logarithms

    IEEE Trans. Inform. Theory

    (1985)
  • D.D. Gajski

    Principles of Digital Design

    (1997)
  • IEEE P1363, Standard Specifications for Public Key Cryptography,...
  • J.C. Jeon et al.
    (2004)
  • C. Kaufman et al.

    Network Security Private Communication in a Public World

    (2002)
There are more references available in the full text version of this article.

Cited by (0)

View full text
Copyright © 2007 IMACS. Published by Elsevier Ltd. All rights reserved.