P230/MAPLD%202004 - PowerPoint PPT Presentation

About This Presentation
Title:

P230/MAPLD%202004

Description:

Elliptic Curve Cryptography over GF(2m) on a Reconfigurable Computer: Polynomial Basis vs. Optimal Normal Basis Representation Comparative Study – PowerPoint PPT presentation

Number of Views:49
Avg rating:3.0/5.0
Slides: 33
Provided by: st23
Learn more at: http://klabs.org
Category:
Tags: mapld | algorithm | p230

less

Transcript and Presenter's Notes

Title: P230/MAPLD%202004


1
Elliptic Curve Cryptography over GF(2m) on a
Reconfigurable Computer Polynomial Basis vs.
Optimal Normal Basis Representation Comparative
Study
Kris Gaj, Sashisu Bajracharya, Nghi Nguyen,
Deapesh Misra Tarek El-Ghazawi
George Mason University
The George Washington University
2
What is a reconfigurable computer?
Reconfigurable processor system
Microprocessor system
. . .
?P
?P
. . .
FPGA
FPGA
?P memory
?P memory
FPGA memory
FPGA memory
. . .
. . .
Interface
Interface
I/O
I/O
3
Why cryptography is a good application for
reconfigurable computers?
  • computationally intensive
  • arithmetic operations
  • unconventionally long operand sizes
  • (160-2048 bits)
  • multiple algorithms, parameters,
  • key sizes, and architectures
  • need for reconfiguration

4
SRC Hardware Software
5
SRC-6E from SRC Computers, Inc.
6
SRC Hardware Architecture
7
SRC Programming
HLL (C)
HDL (VHDL)
?P system
SRC
FPGA system
Application Programmer
Library Developer
8
SRC Compilation Process
9
Elliptic Curve Cryptosystems
10
Elliptic Curve Cryptosystems
  • public key (asymmetric) cryptosystems
  • first true alternative for RSA
  • several times shorter keys
  • fast and compact implementations,
  • in particular in hardware
  • a family of cryptosystems, instead of a single
  • cryptosystem

11
Three Classes of Elliptic Curves
Elliptic curves built over
Secure m
m155 .. 512
K GF(p)
K GF(2m)
Our m
m233
Arithmetic operations present in many libraries
Normal basis representation
Polynomial basis representation
Fast in hardware
Compact in hardware
12
Basic operations of ECC
Basic operations in Galois Field GF(2m)
  • addition and subtraction (xor) xy, x-y (XOR)
  • multiplication, squaring x ? y, x2
  • inversion x-1

Basic operations on points of an Elliptic Curve
  • addition of points P Q
  • doubling a point
    2 P
  • projective to affine coordinate P2A

Complex operations on points of an Elliptic Curve
  • scalar multiplication k ? P P P
    P

k times
13
ECC hierarchy of functions
High level
kP
projective_to_affine (P2A)
Medium level
PQ
2P
Low level 2
INV
Low level 1
XOR
SQR
MUL
independent of the GF representation
specific to the given GF representation
14
Investigated Partitioning Schemes
15
SRC Program Partitioning
C function for ?P
?P system
HLL
C function for MAP
FPGA system
VHDL macro
HDL
16
H00 Partitioning (µP Software Only)
C function for ?P
H
kP
C function for MAP
0
VHDL macro
0
specific to the given GF representation
17
00H Partitioning (VHDL only)
C function for ?P
0
C function for MAP
0
VHDL macro
H
kP
specific to the given GF representation
18
0HL1 Partitioning
independent of the GF representation
specific to the given GF representation
19
FPGA Contents (0HL1)
kP
MUL4
PQ
2P
MUL2
MUL
POW
INV
P2A
20
0HL2 Partitioning
C function
0
for
µ
P
kP
kP
C function
H
for MAP
P2A
P2A
PQ
PQ
2P
2P
VHDL
L2
MUL4
ROT
SQR
XOR
INV
INV
macros
independent of the GF representation
specific to the given GF representation
21
0HM Partitioning
0
C function
for
µ
P
C function
H
for MAP
VHDL
PQ
PQ
P2A
2P
2P
M
P2A
macros
independent of the GF representation
specific to the given GF representation
22
Results
23
Timing Measurements
.c file
.mc file
MAP function
MAP function
MAP Alloc.
MAP Free
FPGA Configure
DMA DataOut
DMA Data In
FPGA Computation
End-to-End time (HW)
End-to-End time (SW)
MAP Allocation time
MAP Release Time
Configuration time
24
Results for Optimal Normal Basis (Latency)
25
Results for Polynomial Basis (Latency)
26
Results for Optimal Normal Basis (Area)
27
Results for the Polynomial Basis (Area)
28
Number of lines of code
Algorithm Partitioning Scheme VHDL PB VHDL ONB Macro Wrapper MAP C Main C
0HL1 N/A 1007 260 371 153
0HL2 714 1291 230 349 153
0HM N/A 1744 160 185 153
00H N/A 1960 36 78 153
29
Conclusions
Assuming focus on
Timing
Resources
Ease of programming
30
Best implementation approaches
Optimal Normal Basis OHL1 scheme
Polynomial Basis OHL2 scheme
Large speedup vs. software Ease of
implementation Flexibility
31
Conclusions
  • Elliptic Curve Cryptosystem implementation
  • challenging for reconfigurable computers
    because of
  • optimization for latency rather than throughput
  • limited amount of parallelism
  • Absolute latency and resource utilization
    similar for
  • Optimal Normal Basis
  • and
  • Polynomial Basis
  • Number of lines of VHDL code smaller
  • for the polynomial basis representation

32
Conclusions cont.
Speed-up over Intel P3 microprocessor
implementation
From 893 to 1305 times for Optimal Normal
Basis From 33 times for
Polynomial Basis
27 x greater for Optimal Normal
Basis compared to
Polynomial Basis Representation
because of polynomial basis operations more
efficient in software
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "P230/MAPLD%202004" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!