Cryptology ePrint Archive: Report 2016/909

Multi-core FPGA Implementation of ECC with Homogeneous Co-Z Coordinate Representation

Bo-Yuan Peng and Yuan-Che Hsu and Yu-Jia Chen and Di-Chia Chueh and Chen-Mou Cheng and Bo-Yin Yang

Abstract: Elliptic Curve Cryptography (ECC) is gaining popularity in recent years. Having short keys and short signatures in particular makes ECC likely to be adopted in numerous internet-of-things (IoT) devices. It is therefore critical to optimize ECC well for both speed and power consumption. Optimization opportunities exist on several different levels: algorithm, architecture, and/or implementation. We combine optimizations at every level in an efficient multi-core FPGA implementation. The core building block for our implementation is a Montgomery multiplier capable of modular additions and multiplications with an arbitrary prime modulus. The size of the prime modulus can also be changed easily, for which we have implemented and tested up to 528-bits used in the NIST P-521 curve. Based on this building block, we have developed a multi-core architecture that supports multiple parallel modular additions, multiplications, and inverses. Efficient ECC group addition and doubling are then built from this foundation. To support a wide variety of curves and at the same time resist timing/power-based side-channel attacks, our scalar multiplication is implemented using the Co-Z ladder due to Hutter, Joye, and Sierra. This approach also allows us to trade off between speed and power consumption by using a different number of Montgomery cores.

Category / Keywords: implementation / ECC, Co-Z, Multi-Core, FPGA, Montgomery Reduction

Original Publication (with major differences): Cryptology and Network Security: CANS 2016

Date: received 18 Sep 2016

Contact author: bypeng at crypto tw

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the submitted CANS 2016 short paper. This full version is also available at http://precision.moscito.org/by-publ/recent/CoZ-long.pdf .

Version: 20160919:130739 (All versions of this report)

Short URL: ia.cr/2016/909

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]