Four ℚ on FPGA: New Hardware Speed Records for Elliptic Curve Cryptography over Large Prime Characteristic Fields

We present fast and compact implementations of Four\(\mathbb {Q}\) (ASIACRYPT 2015) on field-programmable gate arrays (FPGAs), and demonstrate, for the first time, the high efficiency of this new elliptic curve on reconfigurable hardware. By adapting Four\(\mathbb {Q}\)’s algorithms to hardware, we design FPGA-tailored architectures that are significantly faster than any other ECC alternative over large prime characteristic fields. For example, we show that our single-core and multi-core implementations can compute at a rate of 6389 and 64730 scalar multiplications per second, respectively, on a Xilinx Zynq-7020 FPGA, which represent factor-2.5 and 2 speedups in comparison with the corresponding variants of the fastest Curve25519 implementation on the same device. These results show the potential of deploying Four\(\mathbb {Q}\) on hardware for high-performance and embedded security applications. All the presented implementations exhibit regular, constant-time execution, protecting against timing and simple side-channel attacks.

[1]  Tanja Lange,et al.  Twisted Edwards Curves , 2008, AFRICACRYPT.

[2]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[3]  Reza Azarderakhsh,et al.  Efficient FPGA Implementations of Point Multiplication on Binary Edwards and Generalized Hessian Curves Using Gaussian Normal Basis , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[4]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[5]  M. McLoone,et al.  An FPGA elliptic curve cryptographic accelerator over GF(p) , 2004 .

[6]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[7]  Tim Güneysu,et al.  Efficient Elliptic-Curve Cryptography Using Curve25519 on Reconfigurable Devices , 2014, ARC.

[8]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[9]  M. McLoone,et al.  Hardware Elliptic Curve Cryptographic Processor Over , 2006 .

[10]  Ed Dawson,et al.  Twisted Edwards Curves Revisited , 2008, IACR Cryptol. ePrint Arch..

[11]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[12]  Kimmo Järvinen,et al.  On Parallelization of High-Speed Processors for Elliptic Curve Cryptography , 2008, IEEE Trans. Very Large Scale Integr. Syst..

[13]  Patrick Longa,et al.  Efficient and Secure Algorithms for GLV-Based Scalar Multiplication and Their Implementation on GLV-GLS Curves , 2014, CT-RSA.

[14]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[15]  Reza Azarderakhsh,et al.  Parallel and High-Speed Computations of Elliptic Curve Cryptography Using Hybrid-Double Multipliers , 2015, IEEE Transactions on Parallel and Distributed Systems.

[16]  Jiwu Jing,et al.  A High-Speed Elliptic Curve Cryptographic Processor for Generic Curves over GF(p) , 2014 .

[17]  Sorina Ionica,et al.  Four-Dimensional GLV via the Weil Restriction , 2013, ASIACRYPT.

[18]  Éliane Jaulmes,et al.  Horizontal Collision Correlation Attack on Elliptic Curves , 2013, Selected Areas in Cryptography.

[19]  Nicolas Guillermin A High Speed Coprocessor for Elliptic Curve Scalar Multiplications over \mathbbFp\mathbb{F}_p , 2010, CHES.

[20]  Patrick Longa,et al.  Efficient and secure algorithms for GLV-based scalar multiplication and their implementation on GLV–GLS curves (extended version) , 2014, Journal of Cryptographic Engineering.

[21]  Daniel J. Bernstein,et al.  Curve25519: New Diffie-Hellman Speed Records , 2006, Public Key Cryptography.

[22]  Seok-Bum Ko,et al.  High performance scalable elliptic curve cryptosystem processor for Koblitz curves , 2013, Microprocess. Microsystems.

[23]  Chester Rebeiro,et al.  Pushing the Limits of High-Speed GF(2 m ) Elliptic Curve Scalar Multiplication on FPGAs , 2012, CHES.

[24]  Seok-Bum Ko,et al.  Scalable Elliptic Curve Cryptosystem FPGA Processor for NIST Prime Curves , 2015, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[25]  Craig Costello,et al.  Fourℚ: Four-Dimensional Decompositions on a ℚ-curve over the Mersenne Prime , 2015, ASIACRYPT.

[26]  Faculteit Ingenieurswetenschappen,et al.  Secure and Efficient Coprocessor Design for Cryptographic Applications on FPGAs , 2007 .

[27]  Debdeep Mukhopadhyay,et al.  Tile before multiplication: An efficient strategy to optimize DSP multiplier for accelerating prime field ECC for NIST curves , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[28]  Kimmo Järvinen,et al.  Optimized FPGA-based elliptic curve cryptography processor for high-speed applications , 2011, Integr..

[29]  Tim Güneysu,et al.  Ultra High Performance ECC over NIST Primes on Commercial FPGAs , 2008, CHES.

[30]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[31]  Jean-Pierre Deschamps,et al.  Efficient Elliptic Curve Point Multiplication Using Digit-Serial Binary Field Operations , 2013, IEEE Transactions on Industrial Electronics.

[32]  Scott A. Vanstone,et al.  Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms , 2001, CRYPTO.

[33]  Tim Güneysu,et al.  Implementing Curve25519 for Side-Channel--Protected Elliptic Curve Cryptography , 2015, ACM Trans. Reconfigurable Technol. Syst..

[34]  Yuan Ma,et al.  A High-Speed Elliptic Curve Cryptographic Processor for Generic Curves over \mathrm p , 2013, Selected Areas in Cryptography.

[35]  Pedro C. Diniz,et al.  Program-Invariant Checking for Soft-Error Detection using Reconfigurable Hardware , 2015, ACM Trans. Reconfigurable Technol. Syst..

[36]  Benjamin Smith,et al.  Families of fast elliptic curves from Q-curves , 2013, IACR Cryptol. ePrint Arch..