Low-Latency Elliptic Curve Scalar Multiplication

This paper presents a low-latency algorithm designed for parallel computer architectures to compute the scalar multiplication of elliptic curve points based on approaches from cryptographic side-channel analysis. A graphics processing unit implementation using a standardized elliptic curve over a 224-bit prime field, complying with the new 112-bit security level, computes the scalar multiplication in 1.9 ms on the NVIDIA GTX 500 architecture family. The presented methods and implementation considerations can be applied to any parallel 32-bit architecture.

[1]  Atsuko Miyaji,et al.  Efficient Elliptic Curve Exponentiation Using Mixed Coordinates , 1998, ASIACRYPT.

[2]  Harvey L. Garner,et al.  RESIDUE NUMBER SYSTEM ENHANCEMENTS FOR PROGRAMMABLE PROCESSORS , 2008 .

[3]  Joseph H. Silverman,et al.  The arithmetic of elliptic curves , 1986, Graduate texts in mathematics.

[4]  Ed Dawson,et al.  Twisted Edwards Curves Revisited , 2008, IACR Cryptol. ePrint Arch..

[5]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[6]  Tanja Lange,et al.  ECC2K-130 on NVIDIA GPUs , 2010, INDOCRYPT.

[7]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Public Key Cryptography.

[8]  J. Xu OpenCL – The Open Standard for Parallel Programming of Heterogeneous Systems , 2009 .

[9]  Roy D. Merrill Improving Digital Computer Performance Using Residue Number Theory , 1964, IEEE Trans. Electron. Comput..

[10]  John Owens,et al.  GPU architecture overview , 2007, SIGGRAPH Courses.

[11]  Emilia Käsper Fast Elliptic Curve Cryptography in OpenSSL , 2011, Financial Cryptography Workshops.

[12]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[13]  Mark Segal,et al.  The OpenGL Graphics System: A Specification , 2004 .

[14]  Erik Lindholm,et al.  NVIDIA Tesla: A Unified Graphics and Computing Architecture , 2008, IEEE Micro.

[15]  Tsuyoshi Takagi,et al.  A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks , 2002, Public Key Cryptography.

[16]  Tanja Lange,et al.  Faster Addition and Doubling on Elliptic Curves , 2007, ASIACRYPT.

[17]  Elaine B. Barker,et al.  Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography , 2007 .

[18]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[19]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[20]  Joppe W. Bos High-Performance Modular Multiplication on the Cell Processor , 2010, WAIFI.

[21]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[22]  Leonel Sousa,et al.  Elliptic Curve point multiplication on GPUs , 2010, ASAP 2010 - 21st IEEE International Conference on Application-specific Systems, Architectures and Processors.

[23]  Jason Yang,et al.  Symmetric Key Cryptography on Modern Graphics Hardware , 2007, ASIACRYPT.

[24]  Jean-Pierre Seifert,et al.  Parallel scalar multiplication on general elliptic curves over Fp hedged against Non-Differential Side-Channel Attacks , 2002, IACR Cryptol. ePrint Arch..

[25]  J. Solinas CORR 99-39 Generalized Mersenne Numbers , 1999 .

[26]  장훈,et al.  [서평]「Computer Organization and Design, The Hardware/Software Interface」 , 1997 .

[27]  Tim Güneysu,et al.  Exploiting the Power of GPUs for Asymmetric Cryptography , 2008, CHES.

[28]  Tanja Lange,et al.  ECM on Graphics Cards , 2009, IACR Cryptol. ePrint Arch..

[29]  John Waldron,et al.  Efficient Acceleration of Asymmetric Cryptography on Graphics Hardware , 2009, AFRICACRYPT.

[30]  Yao Zhang,et al.  Parallel Computing Experiences with CUDA , 2008, IEEE Micro.

[31]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[32]  Nigel P. Smart,et al.  Toward Acceleration of RSA Using 3D Graphics Hardware , 2007, IMACC.

[33]  Chen,et al.  The billion-mulmod-per-second PC , 2009 .

[34]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[35]  David A. Patterson,et al.  Computer Organization And Design: The Hardware/Software Interface , 1993 .

[36]  David Blythe The Direct3D 10 system , 2006, ACM Trans. Graph..

[37]  Marc Joye,et al.  The Montgomery Powering Ladder , 2002, CHES.

[38]  David A. Patterson,et al.  Computer Organization and Design, Fourth Edition, Fourth Edition: The Hardware/Software Interface (The Morgan Kaufmann Series in Computer Architecture and Design) , 2008 .

[39]  OpenSSL OpenSSL : The open source toolkit for SSL/TSL , 2002 .

[40]  John Waldron,et al.  AES Encryption Implementation and Analysis on Commodity Graphics Processing Units , 2007, CHES.

[41]  H. Edwards A normal form for elliptic curves , 2007 .

[42]  John Waldron,et al.  Practical Symmetric Key Cryptography on Modern Graphics Hardware , 2008, USENIX Security Symposium.

[43]  Tanja Lange,et al.  Analysis and optimization of elliptic-curve single-scalar multiplication , 2007, IACR Cryptol. ePrint Arch..

[44]  Deian Stefan,et al.  Fast Software AES Encryption , 2010, FSE.

[45]  Deian Stefan,et al.  Performance Analysis of the SHA-3 Candidates on Exotic Multi-core Architectures , 2010, CHES.

[46]  William J. Dally,et al.  The GPU Computing Era , 2010, IEEE Micro.

[47]  Elaine B. Barker Digital Signature Standard (DSS) [includes Change Notice 1 from 12/30/1996] | NIST , 1994 .

[48]  Arjen K. Lenstra,et al.  On the Security of 1024-bit RSA and 160-bit Elliptic Curve Cryptography , 2009, IACR Cryptol. ePrint Arch..

[49]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[50]  Alfred Menezes,et al.  Software Implementation of the NIST Elliptic Curves Over Prime Fields , 2001, CT-RSA.

[51]  Donald J. Patterson,et al.  Computer organization and design: the hardware-software interface (appendix a , 1993 .

[52]  S.A. Manavski,et al.  CUDA Compatible GPU as an Efficient Hardware Accelerator for AES Cryptography , 2007, 2007 IEEE International Conference on Signal Processing and Communications.