Abstract
Elliptic curve cryptography has generated a lot of research interest due to its ability to provide greater security per bit compared to public key systems such as RSA. The designer of an elliptic curve hardware accelerator is faced with many choices at design time, each of which can impact the performance of the accelerator in different ways. There are many examples in the literature of how these design choices can effect the area and/or speed of an elliptic curve hardware accelerator. The effect of design choices on power and energy consumption in elliptic curve hardware has been less well studied. This article studies the effect of design choices on the power and energy consumption of an FPGA-based reconfigurable elliptic curve hardware accelerator. A reconfigurable processor has been used for different system parameters and the power and energy consumption measured. The power and energy results are presented and compared.
- <scp>Avanzi, R. M., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., and Vercauteren, F.</scp> 2005. Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapman & Hall/CRC.Google Scholar
- <scp>Batina, L., Mentens, N., Sakiyama, K., Preneel, B., and Verbauwhede, I.</scp> 2006. Low-cost elliptic curve cryptography for wireless sensor networks. In Proceedings of the European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS’06). Lecture Notes in Computer Science, vol. 4357. Springer-Verlag, 6--17. Google ScholarDigital Library
- <scp>Berlekamp, E. R.</scp> 1968. Algebraic Coding Theory. McGraw-Hill.Google Scholar
- <scp>Bernstein, D. J., Lange, T., and Farashahi, R. R.</scp> 2008. Binary Edwards curves. In Proceedings of the Conference of Cryptographic Hardware and Embedded Systems (CHES 2008). Lecture Notes in Computer Science, vol. 5154. Springer-Verlag, 244--265. Google ScholarDigital Library
- <scp>Blake, I. F., Seroussi, G., and Smart, N. P.</scp> 1999. Elliptic Curves in Cryptography. London Mathematical Society Lecture Note Series. 265. Cambridge University Press. Google ScholarDigital Library
- <scp>Brier, E. and Joye, M.</scp> 2002. Weierstraβ elliptic curves and side-channel attacks. In Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems, (PKC’02). Lecture Notes in Computer Science, vol. 2274. Springer-Verlag, 335--345. Google ScholarDigital Library
- <scp>Byrne, A., Meloni, N., Tisserand, A., Popovici, E. M., and Marnane, W. P.</scp> 2007. Comparison of simple power analysis attack resistant algorithms for an elliptic curve cryptosystem. J. Comput. 2, 10, 52--62.Google ScholarCross Ref
- <scp>Byrne, A., Popovici, E., and Marnane, W. P.</scp> 2008. Versatile processor for GF(p<sup>m</sup>) arithmetic for use in cryptographic applications. IET Comput. Digit. Tech. 2, 4, 253--264.Google ScholarCross Ref
- <scp>Crowe, F., Daly, A., and Marnane, W.</scp> 2005. Optimised Montgomery domain inversion on FPGA. In Proceedings of the European Conference on Circuit Theory and Design 1, 277--280.Google Scholar
- <scp>Daly, A. and Marnane, W.</scp> 2002. Efficient architectures for implementing Montgomery modular multiplication and RSA modular exponentiation on reconfigurable logic. In Proceedings of the 10th International Symposium on Field Programmable Gate Arrays, 40--49. Google ScholarDigital Library
- <scp>de Dormale, G. M. and Quisquater, J.-J.</scp> 2007. High-speed hardware implementations of elliptic curve cryptography: A survey. J. Syst. Archit. 53, 72--84. Google ScholarDigital Library
- <scp>Edwards, H. M.</scp> 2007. A normal form for elliptic curves. Bull. Am. Math. Soc. 44, 393--422.Google ScholarCross Ref
- <scp>Gordon, D. M.</scp> 1998. A survey of fast exponentiation methods. J. Algor. 27, 129--146. Google ScholarDigital Library
- <scp>IEEE</scp>. 2000. IEEE standard specifications for public-key cryptography. IEEE Std 1363-2000.Google Scholar
- <scp>Itoh, T. and Tsujii, S.</scp> 1988. A fast algorithm for computing multiplicative inverses in GF(2<sup>m</sup>) using normal bases. Inform. Comput. 78, 171--177. Google ScholarDigital Library
- <scp>Kaliski, B. S.</scp> 1995. The Montgomery inverse and its applications. IEEE Trans. Comput. 44, 8, 1064--1068. Google ScholarDigital Library
- <scp>Keller, M. and Marnane, W.</scp> 2007. Low power elliptic curve cryptography. In Proceedings of the International Workshop on Power and Timing Modeling, Optimization and Simulation (PATMOS’07). Lecture Notes in Computer Science, vol. 4644. Springer-Verlag, 310--319. Google ScholarDigital Library
- <scp>Kumar, S., Wollinger, T., and Paar, C.</scp> 2006. Optimum digit serial GF(2<sup>m</sup>) multipliers for curve-based cryptography. IEEE Trans. Comput. 55, 10, 1306--1311. Google ScholarDigital Library
- <scp>López, J. and Dahab, R.</scp> 1999. Fast multiplication on elliptic curves over GF(2<sup>m</sup>) without precomputation. In Proceedings of the Cryptographic Hardware and Embedded Systems (CHES’99). Lecture Notes in Computer Science, vol. 1717. Springer-Verlag, 316--327. Google ScholarDigital Library
- <scp>McEliece, R. J.</scp> 1987. Finite Fields for Computer Scientists and Engineers. Kluwer Academic Publishers. Google ScholarDigital Library
- <scp>Montgomery, P. L.</scp> 1985. Modular multiplication without trial division. Math. Comput. 44, 519--521.Google ScholarCross Ref
- <scp>Montgomery, P. L.</scp> 1987. Speeding the pollard and elliptic curve methods of factorisation. Math. Comput. 48, 243--264.Google ScholarCross Ref
- <scp>NIST</scp>. 1999. Recommended elliptic curves for federal government use. National Institute of Standards and Technology. NIST Special Publication.Google Scholar
- <scp>Öztürk, E., Sunar, B., and Savaş, E.</scp> 2004. Low-power elliptic curve cryptography using scaled modular arithmetic. In Proceeding of the Cryptographic Hardware and Embedded Systems (CHES’04). Lecture Notes in Computer Science, vol. 3156. Springer-Verlag, 107--118.Google Scholar
- <scp>Shantz, S. C.</scp> 2001. From Euclid’s GCD to Montgomery multiplication to the great divide. Tech. Rep. TR-2001-95, Sun Microsystems. Google ScholarDigital Library
- <scp>Song, L. and Parhi, K.</scp> 1998. Low energy digit-serial/parallel finite field multipliers. Kluwer J. VLSI Sig. Process. Syst. 19, 2, 149--166.Google ScholarDigital Library
- <scp>Walter, C. D.</scp> 1999. Montgomery exponentiation needs no final subtractions. Electronics Lett. 35, 21, 1831--1832.Google ScholarCross Ref
Index Terms
- Elliptic Curve Cryptography on FPGA for Low-Power Applications
Recommendations
Elliptic Curve Cryptography hardware accelerator for high-performance secure servers
Security threats affecting electronics communications in the current world make necessary the encryption and authentication of every transaction. The increasing levels of security required are leading to an overload of transaction servers due to ...
Optimized System-on-Chip Integration of a Programmable ECC Coprocessor
Most hardware/software (HW/SW) codesigns of Elliptic Curve Cryptography have focused on the computational aspect of the ECC hardware, and not on the system integration into a System-on-Chip (SoC) architecture. We study the impact of the communication ...
Endomorphisms for Faster Elliptic Curve Cryptography on a Large Class of Curves
Proceedings of the 28th Annual International Conference on Advances in Cryptology - EUROCRYPT 2009 - Volume 5479Efficiently computable homomorphisms allow elliptic curve point multiplication to be accelerated using the Gallant-Lambert- Vanstone GLV method. We extend results of Iijima, Matsuo, Chao and Tsujii which give such homomorphisms for a large class of ...
Comments