Beruflich Dokumente
Kultur Dokumente
net/publication/332174707
CITATIONS READS
0 63
2 authors:
Some of the authors of this publication are also working on these related projects:
Simulation and design of Supercapacitor assisted low dropout regulator technique View project
FPGA Implementation of an RNS based Elliptic Curve Cryptography processor View project
All content following this page was uploaded by Shubham Anand on 27 November 2019.
Abstract— Increasing digital transactions in today’s the 1024 bit key in any other cryptographic system. So a
world and many other applications where data spying smaller key size infers that ECC requires much less
can have very severe consequences brings a challenge hardware than any other system for implementation without
to design a reliable security system which requires committing any compromise with level of security.
less hardware without compromising with the level of
security. Many cryptographic system has been With massively increasing digital system design
purposed and implemented and still a lot of research carry propagation problem has always been the concern but
is being done to improve them in all aspects. many redundant schemes have been derived to overcome
Elliptical curve cryptography is one of the this problem. Most popular of them are carry save arithmetic
asymmetric cryptographic techniques which uses (CSA), redundant signed digits (RSD) and residue number
smaller sized keys and is capable of providing systems (RNS). Depending on the application any of these
security equivalent to the other known techniques can be used to overcome carry propagation problem. Out of
such as Rivest, Adleman etc. In this paper, we these RNS performs all the arithmetic operations on
implemented a processor which is capable to perform remainder from a base consisting of a set of relatively prime
operations such as point addition and point doubling numbers. Since remainders can be represented by a smaller
required in ECC for encryption. The processor number of bits than the actual number hence the hardware
computes all the arithmetic operations by using requirements are small for RNS based ALU.
residue number system technique which not only
In the literature many ECC processors have been
makes the data more secure but also requires less
proposed targeting either binary fields, prime fields, or dual
hardware for implementation, as it deals with
field operations. In prime field it is very important to
remainders which consists of much smaller number
achieve carry free arithmetic to avoid lengthy datapaths. In
of bits than the actual number.
our work we have used RNS for the same. Since both ECC
and RNS works for subsiding the hardware requirements of
Keywords— elliptical curve cryptography (ECC),
the design, our objective for this work was to combine the
residue number system (RNS) and field-
positives of both to bring down hardware requirements even
programmable gate array (FPGA).
further. In this work we have designed an elliptical curve
cryptographic processor utilizing an application specific
I. INTRODUCTION instruction set and performing all the arithmetic operations
using RNS. The work is performed in Xilinx Spartan3E
There are many cryptographic systems presently existing (xc3s250e-4tq144) FPGA. The design consists of an RNS
and lot of research is being applied to make a reliable based arithmetic unit utilizing RNS generator, modulo
security system capable of meeting up the present day adder, modulo subtractor, modulo multiplier, modulo
security requirements. More advanced levels of security divider and RNS to binary converter. A control unit
requires more hardware and thus induces large power consisting of a finite state machine is used to control the
consumptions and delays in the design. Thus the security flow of instructions to perform the desired operations. Two
comes at the cost of hardware and hence reducing the data buses and memories are also included in the design.
hardware requirements of a cryptographic system is equally
important. Also reduction in hardware cannot be done by From here the paper is organized as follows. The
compromising with the level of security. section II of this paper provides brief explanation of some
critical concepts required for the understanding of the design
A cryptographic technique called ECC which was such as ECC and RNS. Also implementations of RNS
there from quite a long time recently became very popular generator and RNS to binary converter are shown in this
when the need for reducing hardware became prominent. section. Section III describes the proposed architecture for
The reason for its popularity is the key size it requires for the design. The design and implementation results of the
encryption. According to researchers, a 164 bit key used arithmetic unit is presented in section IV. Section V
with ECC yields the same level of security as provided by describes control unit design while section VI contains
III. ARCHITECTURE
The proposed architecture of the processor consists of an
RNS based arithmetic unit including a modular adder,
modular subtractor and modular multiplier fed by a RNS
generator and output of AU unit is provided to a RNS to
Figure 1: RTL schematic of RNS generator
binary converter. The architecture consists of two data buses
one providing input and the other for storing the outputs. A
control unit consisting of a finite state machine is used for
controlling the arithmetic unit. The processor supports P256
NIST recommended prime curves. Two other controllers for
performing point addition and point addition acts as a sub
controller and being controlled by the main controller.
The input from the data bus is first converted to
RNS form and provided to the AU. The AU under the
influence of the controllers performs the required arithmetic
operations and the output is fed to RNS to binary converter
which drives the output data bus.
1. A = remx32 * remy32;
2. B = remx5 * remy5;
3. C = remx3 * remy3;
4. remz32 = A %32; remz5 = B%5; remz3 = C%3;
Instruction Operation
INI Initialize registers
Figure 12. RTL schematic of the main controller
CMP Compares the given values
with another based on the Firstly a start signal is given to the controller which brings
state and set the not equal the control from default initial state (INIT) to instruction
flag read state. The function of this state is to decode the
instruction and depending on the instruction given send the
JMP Jump to the given control to the corresponding state. The six instructions
instruction address in case specified in the instruction are given in a specified order in
the not equal flag is set order to perform the desired operation. The first instruction
should be INI which sends the control to load coordinate
WPA Perform point addition state in which inputs from the input data bus are presented at
the input ports of AU. An input known as finish loading
WPD Perform point doubling
inputs goes high as all the inputs are presented to AU and
FIN Finish and produce output at brings control back to instruction read. The next instruction
output data bus should be CMP to compare the inputs for equality as equal
input can lead to an undefined form as per the equations
Table 1. Instruction set provided for point doubling and point addition. If the input
The FSM of the main controller consists of the following coordinates are not equal flag is enabled which kind of
states 1. INIT; 2. Instruction Read; 3. Load Coordinates; 4. ensures that other operations can be applied on the provided
Jump; 5. Wait; 6. Compare; and 7. Finish. Hence a three bit input coordinates. Then the design is all set to perform point
binary state assignment is done. On implementing the addition and doubling which are performed by instructions
control unit the state diagram and RTL obtained after WPA and WPD respectively. By the time AU is computing
synthesis are presented in Figure 12 and 13 respectively. results for point addition or point doubling a signal PA or
PD gets enabled which brings the controller to wait state.
The controller remains in wait state till the PA or PD is set
low. One JMP instruction is provided to move the
instruction pointer to any desired location. In the end FIN
instruction is used to provide the computed results on the
output data bus. And after the computations the controller
goes back to the initial (INIT) state.
B. Point adder/doubler controller
These are sub controllers working under the influence of
main controller. They are responsible for determining the
flow of instructions to be given to the AU for performing
either point doubling or point addition on the input
coordinates. This unit utilizes the components such as
modular adder, modular multiplier and modular subtractor
for obtaining the resulting coordinates after point addition or
point doubling. The flow of instructions for performing
point addition is shown in figure 14 and for point doubling
Figure 12. State diagram of the controller is shown in figure 15.
Figure 15. Flow of instructions for performing point
doubling
VIII. REFERENCES