Paper 2020/481

Using z14 Fused-Multiply-Add Instructions to Accelerate Elliptic Curve Cryptography

James You, Qi Zhang, Curtis D'Alves, Bill O'Farrell, and Christopher K. Anand

Abstract

Due to growing commercial applications like Blockchain, the performance of large-integer arithmetic is the focus of both academic and industrial research. IBM introduced a new integer fused multiply-add instruction in z14, called VMSL, to accelerate such workloads. Unlike their floating-point counterparts, there are a variety of integer fused multiply-add instruction designs. VMSL multiplies two pairs of radix $2^{56}$ inputs, sums the two results together with an additional 128-bit input, and stores the resulting 128-bit value in a vector register. In this paper, we will describe the unique features of VMSL, the ways in which it is inherently more efficient than alternative specifications, in particular by enabling multiple carry strategies. We will then look at the issues we encountered implementing Montgomery Modular Multiplication for Elliptic Curve Cryptography on z14, including radix choice, mixed radices, instruction selection to trade instruction count for latency, and VMSL-specific optimizations for Montgomery-friendly moduli. The best choices resulted in a 20% increase in throughput.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. CASCON '19: 29th Annual International Conference on Computer Science and Software Engineering
DOI
10.5555/3370272.3370302
Keywords
elliptic curve cryptosystemimplementationpublic-key cryptographyvector instructionssingle instruction multiple data
Contact author(s)
james you @ uwaterloo ca
anandc @ mcmaster ca
History
2020-04-28: received
Short URL
https://ia.cr/2020/481
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/481,
      author = {James You and Qi Zhang and Curtis D'Alves and Bill O'Farrell and Christopher K.  Anand},
      title = {Using z14 Fused-Multiply-Add Instructions to Accelerate Elliptic Curve Cryptography},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/481},
      year = {2020},
      doi = {10.5555/3370272.3370302},
      url = {https://eprint.iacr.org/2020/481}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.