Académique Documents
Professionnel Documents
Culture Documents
I. INTRODUCTION
m 1
m 1
i
i 1
i
m1
(1)
ai E 2
am1E 2
ai E 2
i 0
i 0
i 0
A2
(3)
a0 b1 ai bR (i , j )
i 0
j
1
where , ,
denotes the (i, j)th element of matrix. To obtain
the ith coefficient of C, i.e., ci, one needs to add i mod m to
all indices in (3).
c0
k times
Y 2 XYZ
X 3 Z aX 2 Z 2 bZ 4
(6)
The two group operations for the elliptic curve arithmetic in
projective and affine coordinates are computed as
1) Point doubling Q = 2P, where Q = (X3 : Y3 : Z3) and P =
(X1 : Y1 : Z1) in projective coordinates, can be performed using
4 finite field multiplications such as
X 12 Z12
Z3
Y3
X3
X 14 bZ14
(7)
y2 Z12 Y1
x 2 Z1 X 1
Z1 B
B 2 C aZ12
AC
X 3 X 2 Z3
Y3
E Z 3 F G
Z3
X3
A2 D E
x2 y2 Z
2
3
(8)
C. Koblitz Curves
Koblitz curves, also known as anomalous binary curves, are
elliptic curves defined over GF(2m). The main advantage of
these curves is that the scalar multiplication operation can be
performed without use point doubling operations.
The Koblitz curves are curves defined over GF(2m) by
(9)
Ea y 2 xy x3 ax 1
where a {0,1}, that is, curves E0 and E1
These curves present the following property: If P(x, y) is a
point on the curve Ea, then the point (x2, y2) is also a point on
Ea. Besides, they satisfy (x4, y4) + 2(x, y) = (x2, y2) for each
point (x, y) on Ea, where = (1)1a. In GF(2m), Frobenius
map is an endomorphism that raises every element to its
power of two, this is, : x x2 [10]. In this case, if the scalar
k is represented in NAF, then
l 1
i 0
(10)
kP
l 1
i 0
kiW i ( P)
(11)
1. Compute WU{G
2. Compute , for
3.
4. For i from l1 downto 0 do
4.1
4.2 if then
Let u be such that or
If then
Else
5. Return Q
D F
D E
d
0 >>
>>
>>
Mux
CS
Mux
Mux
Mux
Mult
Mux
Mux
U
Adder
GF(2163)
>>
r >>
(m+1)/2
CS
Mux
Mult
(m+1)/2
U
Mux
Mux
CS
BLOCK I
Mux
Mux
Mux
BLOCK II
BLOCK III
r >>
d-1 >>
d-1 >>
(m+1)/2
CS
Jc
CS
ctrl
Latency y 2 x2
(Clock cycles)
S0:
S1:
X1
Y1
Latency
y
(Clock cycles) 2
x2
S0: 1
Z3
S2:
S3:
S1:
S2:
S3:
X3
Z3
M
X3
S4:
A
B
C
D
E
F
Z1
Y3
Y3
Output Reg
Main
Ctrl
Double
Add
WQ
FSM
REG
FILE 1
REG
FILE 2
BLOCK I
GF(2163)
ROM
BLOCK II
GF(2163)
BLOCK III
GF(2163)
WQ
GF(2163)
kP
w-TNAF(U)
w-TNAF
Input Reg
W
X
Y
Z
Addition
Squaring
Multiplication
Fig. 4. Data dependence graph for point addition and point doubling
ROM
(kbits)
0.31
1.27
20.37
5216
REFERENCES
[1]
(a)
(b)
[2]
[3]
[4]
(c)
(d)
Fig. 5. (a) Area resources. (b) Frequency. (c) Scalar Multiplication kP. (d)
Time-Area product for the cryptoprocessors.
[5]
[6]
Design
[15]
[16]
[17]
[18]
2-NAF
4-NAF
8-NAF
16-WNAF
TABLE II
COMPARISON RESULTS:
FPGA
Area
Frequency
(ALUTs)
(MHz)
Stratix II
57762
152.2
Stratix II
44832
146.7
Stratix II
47160
162.4
Stratix II
37928
192.5
Stratix IV
24223
226.6
Stratix IV
24257
226.7
Stratix IV
24249
211.6
Stratix IV
24270
177.1
kP
(s)
13.38
28.92
9.48
9.85
9.88
7.37
6.17
5.05
Tu
uA
0.70
1.29
0.44
0.37
0.23
0.17
0.14
0.12
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]