19.04.23

1

IntegratedCircuits andSystems Lab

DA RM STA DTUNIVERSITY OFTECHNOLOGY

A Reconfigurable Coprocessor for A Reconfigurable Coprocessor for Finite Field Multiplications in GF(2 )Finite Field Multiplications in GF(2 )nn

Michael Jung, Felix Madlener, Markus Ernst and Sorin A. Huss

Integrated Circuits and Systems LabComputer Science Department

Darmstadt University of Technology, Germany

SummarySummaryThe performance of elliptic curve based public key cryptosystems is mainly appointed by the efficiency of the underlying finite field arithmetic. This work describes a reconfigurable finite field multiplier, which is implemented within the latest family of Field Programmable System Level Integrated Circuits from Atmel, Inc. The architecture of the coprocessor is adapted from Karatsuba‘s divide and conquer algorithm and allows for a reasonable speedup of the top-level public key algorithms. The VHDL hardware models are automatically generated based on an eligible operand size, which permits the optimal utilization of a particular FPSLIC device.

Atmel AT94K FPSLIC architectureAtmel AT94K FPSLIC architecture

ElGamal Cryptosystemis a

is based on Diffie-Hellman Key Exchange

Public Key Cryptosystem

an Abelian Group with some special Property

Diffie-Hellman Key Exchange

is a Public Key Distribution System

is based on

Group of Points on an Elliptic Curve with an Operation

is based on a Field

is an Abelian Groupwith that special Property

(2.1)

(2.3)

(2.2)

(finite) Fieldis a

Galois Field GF(2 )n

ElGamal Cryptosystemis a

is based on Diffie-Hellman Key Exchange

Public Key Cryptosystem

an Abelian Group with some special Property

Diffie-Hellman Key Exchange

is a Public Key Distribution System

is based on

Group of Points on an Elliptic Curve with an Operation

is based on a Field

is an Abelian Groupwith that special Property

(2.1)

(2.3)

(2.2)

(finite) Fieldis a

Galois Field GF(2 )n

Layers of an EC based Layers of an EC based cryptosystemcryptosystem

P

Q

-R

R-6

-4

-2

0

2

4

6

-4 -2 0 2 4

P

Q

-R

R-6

-4

-2

0

2

4

6

-4 -2 0 2 4

Elliptic curve point additionElliptic curve point addition

n/2-1 1 n/2-1 n/2

.A B

B=B x +BA=A x +A1

n/20

1n/2

0

T1

T1

T2

T3

T3

2n-1

0

T =A BT =(A +A )(B +B )T =A B

1

2

3

1 1

1 0 1

0 0

n/2-1 1 n/2-1 n/2

.A B

B=B x +BA=A x +A1

n/20

1n/2

0

T1

T1

T2

T3

T3

2n-1

0

T =A BT =(A +A )(B +B )T =A B

1

2

3

1 1

1 0 1

0 0

Polynomial Karatsuba multiplicationPolynomial Karatsuba multiplication

one bit polynomialkaratsuba multiplier

c0

a 0 b0

a)

c2

a1 a 0 b 1 b0

c 1 c0

karatsuba multiplier (KM2)two bit polynomialb)

a 3 a 2 3b 2b

6c

5c 4c 3c c2

a1 a 0 b1 b0

1 0cc

KM2

KM2

KM2

karatsuba multiplierfour bit polynomialc)

one bit polynomialkaratsuba multiplier

c0

a 0 b0

a)

c2

a1 a 0 b 1 b0

c 1 c0

karatsuba multiplier (KM2)two bit polynomialb)

karatsuba multiplier (KM2)two bit polynomialb)

a 3 a 2 3b 2b

6c

5c 4c 3c c2

a1 a 0 b1 b0

1 0cc

KM2

KM2

KM2

karatsuba multiplierfour bit polynomialc)

karatsuba multiplierfour bit polynomialc)

Recursive construction processRecursive construction process

ENLOADRESET

CLK

mu

ltip

lie

rK

ara

tsu

ba

co

mb

ina

tori

al

IOSEL0

DIN8

GCLK5

IOSEL15

IOSEL4

IOSEL8

RE

8DOUT

WE

EN

RESETCLK

ENRESET

CLK

ENLOADRESET

CLK

mu

ltip

lie

rK

ara

tsu

ba

co

mb

ina

tori

al

IOSEL0

DIN8

GCLK5

IOSEL15

IOSEL4

IOSEL8

RE

8DOUT

WE

EN

RESETCLK

ENRESET

CLK

Generic Coprocessor architectureGeneric Coprocessor architecture

48

1632

64

XOR3

XOR4

AND2

XOR2

SUM

0

500

1000

1500

2000

2500

3000

3500

gate count

bit width

gate type

48

1632

64

XOR3

XOR4

AND2

XOR2

SUM

0

500

1000

1500

2000

2500

3000

3500

gate count

bit width

gate type

Karatsuba Multiplier gate countKaratsuba Multiplier gate count