A versatile Montgomery multiplier architecture with characteristic three support

We present a novel unified core design which is extended to realize Montgomery multiplication in the fields GF(2^n), GF(3^m), and GF(p). Our unified design supports RSA and elliptic curve schemes, as well as the identity-based encryption which requires a pairing computation on an elliptic curve. The architecture is pipelined and is highly scalable. The unified core utilizes the redundant signed digit representation to reduce the critical path delay. While the carry-save representation used in classical unified architectures is only good for addition and multiplication operations, the redundant signed digit representation also facilitates efficient computation of comparison and subtraction operations besides addition and multiplication. Thus, there is no need for a transformation between the redundant and the non-redundant representations of field elements, which would be required in the classical unified architectures to realize the subtraction and comparison operations. We also quantify the benefits of the unified architectures in terms of area and critical path delay. We provide detailed implementation results. The metric shows that the new unified architecture provides an improvement over a hypothetical non-unified architecture of at least 24.88%, while the improvement over a classical unified architecture is at least 32.07%.

[1]  David Samyde,et al.  Data dependent power use in multipliers , 2005, 17th IEEE Symposium on Computer Arithmetic (ARITH'05).

[2]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[3]  Yusuf Leblebici,et al.  Low-power current mode logic for improved DPA-resistance in embedded systems , 2005, 2005 IEEE International Symposium on Circuits and Systems.

[4]  Erkay Savas,et al.  A Scalable and Unified Multiplier Architecture for Finite Fields GF(p) and GF(2m) , 2000, CHES.

[5]  Stéphane Badel,et al.  A Simulation-Based Methodology for Evaluating the DPA-Resistance of Cryptographic Functional Units with Application to CMOS and MCML Technologies , 2007, 2007 International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation.

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Akashi Satoh,et al.  A Scalable Dual-Field Elliptic Curve Cryptographic Processor , 2003, IEEE Trans. Computers.

[8]  Tim Kerins,et al.  Algorithms and Architectures for Use in FPGA Implementations of Identity Based Encryption Schemes , 2004, FPL.

[9]  Çetin Kaya Koç,et al.  A Scalable Architecture for Montgomery Multiplication , 1999, CHES.

[10]  I. Verbauwhede,et al.  A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards , 2002, Proceedings of the 28th European Solid-State Circuits Conference.

[11]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[12]  Johann Großschädl,et al.  A Bit-Serial Unified Multiplier Architecture for Finite Fields GF(p) and GF(2m) , 2001, CHES.

[13]  Stefan Mangard,et al.  Secure and Efficient Masking of AES - A Mission Impossible? , 2004, IACR Cryptol. ePrint Arch..

[14]  Paulo S. L. M. Barreto,et al.  Efficient Hardware for the Tate Pairing Calculation in Characteristic Three , 2005, CHES.

[15]  ÇETIN K. KOÇ,et al.  Montgomery Multiplication in GF(2k) , 1998, Des. Codes Cryptogr..

[16]  Thomas Plantard,et al.  Efficient multiplication in GF(p/sup k/) for elliptic curve cryptography , 2003, Proceedings 2003 16th IEEE Symposium on Computer Arithmetic.

[17]  ÇETIN K. KOÇ,et al.  A Design Framework for Scalable and Unified Multipliers in Gf(p) and Gf(2 M ) X.1. Introduction , 2004 .

[18]  Neil Burgess,et al.  Unified radix-4 multiplier for GF(p) and GF(2^n) , 2003, Proceedings IEEE International Conference on Application-Specific Systems, Architectures, and Processors. ASAP 2003.

[19]  Johannes Wolkerstorfer,et al.  Dual-Field Arithmetic Unit for GF(p) and GF(2m) , 2002, CHES.

[20]  A. Avizeinis,et al.  Signed Digit Number Representations for Fast Parallel Arithmetic , 1961 .

[21]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[22]  A. Shamm Identity-based cryptosystems and signature schemes , 1985 .

[23]  Algirdas Avizienis,et al.  Signed-Digit Numbe Representations for Fast Parallel Arithmetic , 1961, IRE Trans. Electron. Comput..

[24]  L. Imbert,et al.  Efficient Multiplication in GF(pk) for Elliptic Curve Cryptography , 2003 .

[25]  Nigel P. Smart,et al.  Hardware Implementation of Finite Fields of Characteristic Three , 2002, CHES.

[26]  Guido Bertoni,et al.  Efficient GF(pm) Arithmetic Architectures for Cryptographic Applications , 2003, CT-RSA.

[27]  Iwan M. Duursma,et al.  Tate Pairing Implementation for Hyperelliptic Curves y2 = xp-x + d , 2003, ASIACRYPT.

[28]  Erkay Savas,et al.  Multiplier architectures for GF(p) and GF(2n) , 2004 .