Efficient Hardware Architecture of $\eta_{T}$ Pairing Accelerator Over Characteristic Three

To support emerging pairing-based protocols related to cloud computing, an efficient algorithm/hardware codesign methodology of ηT pairing over characteristic three is presented. By mathematical manipulation and hardware scheduling, a single Miller's loop can be executed within 17 clock cycles. Furthermore, we employ torus representation and exploit the Frobenius map to lower the computation cost of final exponentiation. Pipelining and parallelization datapath are also exploited to shorten the critical path delay. Finally, by choosing suitable multiplier architecture and selecting an appropriate number of multipliers, Miller's loop and final exponentiation can be computed in a fully pipelined manner. With these schemes, a test chip for the proposed pairing accelerator has been fabricated in 90-nm CMOS 1P9M technology with a core area of 1.52 × 0.97 mm2. It performs a bilinear pairing computation over F(397) in 4.76 μs under 1.0 V supply and achieves 178% improvement to relative works in terms of area-time (AT) product. To support higher level of security, a 126-bit secure pairing accelerator that can complete a bilinear pairing computation over F(3709) in 36.2 μs is implemented and this result is at least 31% better than relative works in terms of AT product.

[1]  Francisco Rodríguez-Henríquez,et al.  Multi-core Implementation of the Tate Pairing over Supersingular Elliptic Curves , 2009, CANS.

[2]  T. Itoh,et al.  A Fast Algorithm for Computing Multiplicative Inverses in GF(2^m) Using Normal Bases , 1988, Inf. Comput..

[3]  Francisco Rodríguez-Henríquez,et al.  Low Complexity Cubing and Cube Root Computation over $\F_{3^m}$ in Polynomial Basis , 2010, IEEE Transactions on Computers.

[4]  Keshab K. Parhi,et al.  Low-Energy Digit-Serial/Parallel Finite Field Multipliers , 1998 .

[5]  Masaaki Shirase,et al.  FPGA and ASIC implementations of the etaT pairing in characteristic three , 2010, Comput. Electr. Eng..

[6]  Chester Rebeiro,et al.  High Speed Compact Elliptic Curve Cryptoprocessor for FPGA Platforms , 2008, INDOCRYPT.

[7]  Paulo S. L. M. Barreto,et al.  Efficient pairing computation on supersingular Abelian varieties , 2007, IACR Cryptol. ePrint Arch..

[8]  Anatolij A. Karatsuba,et al.  Multiplication of Multidigit Numbers on Automata , 1963 .

[9]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[10]  Frederik Vercauteren,et al.  Faster -Arithmetic for Cryptographic Pairings on Barreto-Naehrig Curves , 2009, CHES.

[11]  Arjen K. Lenstra,et al.  Unbelievable Security. Matching AES Security Using Public Key Systems , 2001, ASIACRYPT.

[12]  Gerd Ascheid,et al.  Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves , 2009, CHES.

[13]  Nicolas Brisebarre,et al.  A Coprocessor for the Final Exponentiation of the eta T Pairing in Characteristic Three , 2007, WAIFI.

[14]  Hsie-Chia Chang,et al.  Processor with side-channel attack resistance , 2013, 2013 IEEE International Solid-State Circuits Conference Digest of Technical Papers.

[15]  Tsuyoshi Takagi,et al.  Key Length Estimation of Pairing-Based Cryptosystems Using η T Pairing , 2012, ISPEC.

[16]  Gerardo Pelosi,et al.  Parallel Hardware Architectures for the Cryptographic Tate Pairing , 2006, Third International Conference on Information Technology: New Generations (ITNG'06).

[17]  Elisa Gorla,et al.  Explicit formulas for efficient multiplication in F_{3^{6m}} , 2007, ArXiv.

[18]  Leonard M. Adleman,et al.  Function Field Sieve Method for Discrete Logarithms over Finite Fields , 1999, Inf. Comput..

[19]  Tsuyoshi Takagi,et al.  Faster Implementation of eta-T Pairing over GF(3m) Using Minimum Number of Logical Instructions for GF(3)-Addition , 2008, Pairing.

[20]  Yang Li,et al.  An 800Mhz cryptographic pairing processor in 65nm CMOS , 2012, 2012 IEEE Asian Solid State Circuits Conference (A-SSCC).

[21]  An-Yeu Wu,et al.  Area-Efficient VLSI Design of Reed–Solomon Decoder for 10GBase-LX4 Optical Communication Systems , 2006, IEEE Transactions on Circuits and Systems II: Express Briefs.

[22]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[23]  Martijn Stam,et al.  On Small Characteristic Algebraic Tori in Pairing-Based Cryptography , 2004, IACR Cryptol. ePrint Arch..

[24]  Elisa Gorla,et al.  Explicit Formulas for Efficient Multiplication in \mathbbF36m , 2007, Selected Areas in Cryptography.

[25]  Tim Kerins,et al.  Hardware Implementation of the ηT Pairing in Characteristic 3 , 2006, IACR Cryptol. ePrint Arch..

[26]  Nigel P. Smart,et al.  Advances in Elliptic Curve Cryptography (London Mathematical Society Lecture Note Series) , 2005 .

[27]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[28]  Cheng-Chi Wong,et al.  High-Efficiency Processing Schedule for Parallel Turbo Decoders Using QPP Interleaver , 2011, IEEE Transactions on Circuits and Systems I: Regular Papers.

[29]  Frederik Vercauteren,et al.  The Eta Pairing Revisited , 2006, IEEE Transactions on Information Theory.

[30]  Elaine B. Barker,et al.  SP 800-57. Recommendation for Key Management, Part 1: General (revised) , 2007 .

[31]  Chih-Tsun Huang,et al.  Elixir: High-Throughput Cost-Effective Dual-Field Processors and the Design Framework for Elliptic Curve Cryptography , 2008, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[32]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .

[33]  Nicolas Brisebarre,et al.  Algorithms and Arithmetic Operators for Computing the ηT Pairing in Characteristic Three , 2008, IEEE Transactions on Computers.

[34]  Steven D. Galbraith,et al.  Implementing the Tate Pairing , 2002, ANTS.

[35]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[36]  Hsie-Chia Chang,et al.  A high-performance elliptic curve cryptographic processor over GF(p) with SPA resistance , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[37]  M. Scott Implementing cryptographic pairings , 2007 .

[38]  Nigel P. Smart,et al.  Software Implementation of Finite Fields of Characteristic Three, for Use in Pairing-based Cryptosystems , 2002 .