Conference Paper

Finding Optimum Parallel Coprocessor Design for Genus 2 Hyperelliptic Curve Cryptosystems.

Politecnico di Milano, Italy
DOI: 10.1109/ITCC.2004.1286710 Conference: International Conference on Information Technology: Coding and Computing (ITCC'04), Volume 2, April 5-7, 2004, Las Vegas, Nevada, USA
Source: DBLP


Hardware accelerators are often used in cryptographic applications for speeding up the highly arithmetic-intensive public-key primitives, e.g. in high-end smart cards. One of these emerging and very promising public-key schemes is based on hyperelliptic curve cryptosystems (HECC). In the open literature only a few considerations deal with hardware implementation issues of HECC. Our contribution appears to be the first one to propose architectures for the latest findings in efficient group arithmetic on HEC. The group operation of HECC allows parallelization at different levels: bit-level parallelization (via different digit-sizes in multipliers) and arithmetic operation-level parallelization (via replicated multipliers). We investigate the trade-offs between both parallelization options and identify speed and time-area optimized configurations. We found that a coprocessor using a single multiplier (D=8) instead of two or more is best suited. This coprocessor is able to compute group addition and doubling in 479 and 334 clock cycles, respectively. Providing more resources it is possible to achieve 288 and 248 clock cycles, respectively.


Available from: G.M. Bertoni, Aug 01, 2014
  • Source
    • "They used Cantor's algorithm [8] to implement HECC on the VirtexII FPGA. Wollinger et al. investigated HECC implementation on a VLSI coprocessor [12] [13]. In [14] three different architectures on a FPGA have been examined for a vast area of applications. "
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents a microcode instruction set coprocessor which is designed to work with an 8-bit 8051 microcontroller and implements a hyperelliptic curve cryptosystem (HECC). The microcode coprocessor is capable of performing a range of Galois field operations using a dual-multiplier/dual-adder datapath and storing the intermediate results in the local storage unit of the coprocessor (RAM). This coprocessor is programmed using the software routines from the 8051 microcontroller which implements the HECC divisor's doubling and addition operations. The Jacobian scalar multiplication was computed in a 656 msec (7.87 M cycles) at 12 MHz clock frequency.
    Signal Processing Systems Design and Implementation, 2005. IEEE Workshop on; 12/2005
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Parallelization of operations is of utmost importance for efficient implementation of Public Key Cryptography algorithms. Starting with a classification of parallelization methods at different abstraction levels of public key algorithms, we propose a novel memory architecture for elliptic curve implementations with multiple modular multiplier units. This architecture is well-suited for different point addition and doubling algorithms over $ \mathbb{G}\mathbb{F}{\left( p \right)} $ to be implemented on FPGAs. It allows the execution time to scale with the number of modular multipliers and exhibits nearly no overhead compared to the mere runtime of the multipliers. The advantages of this distributed memory architecture are demonstrated by means of two different point addition and doubling algorithms.
    Journal of Signal Processing Systems 04/2008; 51(1). DOI:10.1007/s11265-007-0135-9 · 0.60 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Cryptographic algorithms are used in a large variety of dif- ferent applications to ensure security services. It is, thus, very interest- ing to investigate various implementation platforms. Hyperelliptic curve schemes are cryptographic primitives to which a lot of attention was recently given due to the short operand size compared to other algo- rithms. They are speciflcally interesting for special-purpose hardware. This paper provides a comprehensive investigation of high-e-cient HEC architectures. We propose a genus-2 hyperelliptic curve cryptographic coprocessor using a-ne coordinates. We implemented a special class of hyperelliptic curves, namely using the parameter h(x) = x and f = x5 + f1x + f0 and the base fleld GF(289). In addition, we only consider the most frequent case in our implementation and assume that the other cases are handled, e.g. by the protocol. We provide three difierent implementations ranging from high speed to moderate area. Hence, we provide a solution for a variety of applications. Our high performance HECC coprocessor is 78:5% faster than the best previous implementation and our low area implementation utilizes only 22:7% of the area that the smallest published design uses. Taking into account both area and latency, our coprocessor is an order of magnitude more e-cient than previous implementations. We hope that the work at hand provides a step towards introducing HEC systems in practical applications.
    Information Security Applications, 5th International Workshop, WISA 2004, Jeju Island, Korea, August 23-25, 2004, Revised Selected Papers; 01/2004
Show more