Accelerating SM2 Digital Signature Algorithm Using Modern Processor Features

The public key cryptographic algorithm SM2 is now widely used in electronic authentication systems, key management systems, and e-commercial applications systems. As an asymmetric cryptographic algorithm is based on elliptic curves cryptographic (ECC), the SM2 algorithm involves many complex calculations and is expected to be sufficiently optimized. However, we found existing SM2 implementations are less efficient due to the lack of proper optimization. In this paper, we propose Yog-SM2, an optimized implementation of SM2 digital signature algorithm, that uses features of modern desktop processors such as extended arithmetic instructions and the large cache. Yog-SM2 utilizes new features provided by modern processors to re-implement functions of big number arithmetic, prime field modular, elliptic curve point calculation, and random number generation. The use of these new hardware features significantly improves the performance of both SM2 signing and verifying. Our experiments demonstrated that the execution speed of Yog-SM2 exceeds four mainstream SM2 implementations in state-of-the-art cryptographic libraries such as OpenSSL and Intel ippcp. In addition, Yog-SM2 also achieves a better performance (97,475 sign/s and 18,870 verify/s) against the OpenSSL’s optimized implementation of ECDSA-256 (46,753 sign/s and 16,032 verify/s, OpenSSL-1.1.1b x64) on a mainstream desktop processor (Intel i7 6700, 3.4 GHz). It indicates that SM2 digital signature is promising in a widespread application scenarios.

[1]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[2]  Li Man-gui Study on Public Key Infrastructure in Support of Public Key Cryptographic Algorithm SM2 based on Elliptic Curves , 2011 .

[3]  Guoqiang Bai,et al.  Ultra High-Speed SM2 ASIC Implementation , 2014, 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications.

[4]  Jizeng Wei,et al.  An Efficient Scheme for Implementation of SM2 Digital Signature over GF(p) , 2012 .

[5]  Dawu Gu,et al.  Efficient and Constant Time Modular Inversions Over Prime Fields , 2017, 2017 13th International Conference on Computational Intelligence and Security (CIS).

[6]  Guoqiang Bai,et al.  Ultra high-performance ASIC implementation of SM2 with power-analysis resistance , 2015, 2015 IEEE International Conference on Electron Devices and Solid-State Circuits (EDSSC).

[7]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[8]  Alfred Menezes,et al.  Software Implementation of the NIST Elliptic Curves Over Prime Fields , 2001, CT-RSA.

[9]  Xianghong Hu,et al.  A High-Performance Elliptic Curve Cryptographic Processor of SM2 over GF(p) , 2019 .

[10]  Erkay Savas,et al.  The Montgomery Modular Inverse-Revisited , 2000, IEEE Trans. Computers.

[11]  Guoqiang Bai,et al.  High-performance implementation of SM2 based on FPGA , 2016, 2016 8th IEEE International Conference on Communication Software and Networks (ICCSN).

[12]  Shay Gueron,et al.  Fast prime field elliptic-curve cryptography with 256-bit primes , 2014, Journal of Cryptographic Engineering.

[13]  Burton S. Kaliski,et al.  The Montgomery Inverse and Its Applications , 1995, IEEE Trans. Computers.