CN109933305A - Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state - Google Patents
Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state Download PDFInfo
- Publication number
- CN109933305A CN109933305A CN201910214681.4A CN201910214681A CN109933305A CN 109933305 A CN109933305 A CN 109933305A CN 201910214681 A CN201910214681 A CN 201910214681A CN 109933305 A CN109933305 A CN 109933305A
- Authority
- CN
- China
- Prior art keywords
- carry
- sm2p256v1
- close
- algorithm
- quick
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Complex Calculations (AREA)
Abstract
Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state, including large number multiplication device, temporary variable produces device, end-around carry accumulator and big number subtracter, the big integer A and B that input bit wide is 256bit obtains the big integer Z that a bit wide is 512bit by large number multiplication device, by carrying out 8 carry accumulation operations with Z after Z generation temporary variable X1 and X2, the cumulative obtained result Z of each carry is re-used as the input of carry accumulator and temporary variable generator, after completing 8 carry accumulation operations, if Z is greater than or equal to big integer constant M, M is then subjected to primary big number subtraction in Z, otherwise the result of 8 end-around carry accumulators is directly exported.
Description
Technical field
The present invention relates to information security fields, more particularly to suitable for the quick Montgomery of the close sm2p256v1 algorithm of state
Modular multiplier optimization component.
Background technique
In the close operation of information security chip progress state, Montgomery modular multiplier is the mould for calling frequency highest most time-consuming
Block is directed to the close recommendation curve of state that frequency of use has comparative advantage although general-purpose algorithm can be adapted to any parameter of curve
Sm2p256v1, using the calculation of nesting circulation, time complexity is high, and hardware design complexity is high, and power consumption is high.
Summary of the invention
It is an object of the present invention to substantially reduce multiplier resources, the design for reducing Montgomery modular multiplier is complicated
Degree, reduces hardware power consumption, and design is suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state.
Goal of the invention of the invention is achieved through the following technical solutions:
Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state, comprising: large number multiplication device,
Temporary variable produces device, end-around carry accumulator and counts subtracter greatly, and the big integer A and B that input bit wide is 256bit passes through big
Number multiplier obtains the big integer Z that a bit wide is 512bit, by carrying out 8 carries with Z after Z generation temporary variable X1 and X2
Accumulation operations, the cumulative obtained result Z of each carry is re-used as the input of carry accumulator and temporary variable generator, complete
After 8 carry accumulation operations, if Z is greater than or equal to big integer constant M, M is subjected to primary big number subtraction in Z,
Otherwise the result of 8 end-around carry accumulators is directly exported.
Further, the large number multiplication device operation mode are as follows: Z=(Z16,...,Z0)=A × B.
The further temporary variable produces device operation mode are as follows: passes through formula T=Zi、X1=T < < 32-T and X2
=X1- T calculates X1And X2, wherein X1And X2Data bit width be 64bit.
Further, the end-around carry accumulator operation mode are as follows: successively calculate according to the following steps
(Zi+8,...,Zi+0): S1:(C, Zi+0)=Zi+0+X1+C;
S2:(C,Zi+1)=Zi+1+X1+C;
S3:(C,Zi+2)=Zi+2+0+C;
S4:(C,Zi+3)=Zi+3+X1+C;
S5:(C,Zi+4)=Zi+4+X1+C;
S6:(C,Zi+5)=Zi+5+X1+C;
S7:(C,Zi+6)=Zi+6+X1+C;
S8:(C,Zi+7)=Zi+7+X2+C;
S9:(CARRY,Zi+8)=Zi+8+C+CAARY;
Such as (C, Z in S1i+0)=Zi+0+X1+ C, wherein Zi+0Data bit width be 32bit, X1Data bit width with C is
64bit, step S2~S9 and so on, ZiFor 32bit intermediate variable.
Further, big several subtracter operation modes are as follows: if (Z16,...,Z8) >=M, then R=(Z16,...,
Z8)-M。
The utility model has the advantages that the quick Montgomery modular multiplier optimization component that the present invention is suitable for the close sm2p256v1 algorithm of state is big
Amount reduces multiplier resources, reduces the design complexities of Montgomery modular multiplier, reduces hardware power consumption, and improve
The operation efficiency of information security chip Montgomery modular multiplier in the close sm2p256v1 parameter of curve of operation state is reducing chip
The internal structure of information security chip can be simplified accordingly on the basis of operation power consumption, thus reduce the manufacturing of chip at
This.
Detailed description of the invention
Fig. 1 is Montgomery modular multiplier optimization component structure chart.
Specific embodiment
The present invention will be further described, but protection scope of the present invention be not limited to it is as described below.
As shown in Figure 1, being suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state, comprising: big
Number multiplier, temporary variable production device, end-around carry accumulator and subtracters several greatly, the big integer A that input bit wide is 256bit
With B by large number multiplication device obtain a bit wide be 512bit big integer Z, by Z generate temporary variable X1 and X2 after with Z into
8 carry accumulation operations of row, the cumulative obtained result Z of each carry are re-used as carry accumulator and temporary variable generator
M, if Z is greater than or equal to big integer constant M, is carried out primary big number in Z after completing 8 carry accumulation operations by input
Otherwise subtraction directly exports the result of 8 end-around carry accumulators.
Further, the large number multiplication device operation mode are as follows: Z=(Z16,...,Z0)=A × B.
The further temporary variable produces device operation mode are as follows: passes through formula T=Zi、X1=T < < 32-T and X2
=X1- T calculates X1And X2, wherein X1And X2Data bit width be 64bit.
Further, the end-around carry accumulator operation mode are as follows: successively calculate according to the following steps
(Zi+8,...,Zi+0):
S1:(C,Zi+0)=Zi+0+X1+C;
S2:(C,Zi+1)=Zi+1+X1+C;
S3:(C,Zi+2)=Zi+2+0+C;
S4:(C,Zi+3)=Zi+3+X1+C;
S5:(C,Zi+4)=Zi+4+X1+C;
S6:(C,Zi+5)=Zi+5+X1+C;
S7:(C,Zi+6)=Zi+6+X1+C;
S8:(C,Zi+7)=Zi+7+X2+C;
S9:(CARRY,Zi+8)=Zi+8+C+CAARY;
Such as (C, Z in S1i+0)=Zi+0+X1+ C, wherein Zi+0Data bit width be 32bit, X1Data bit width with C is
64bit, step S2~S9 and so on, ZiFor 32bit intermediate variable.
Further, big several subtracter operation modes are as follows: if (Z16,...,Z8) >=M, then R=(Z16,...,
Z8)-M。
Further, the sm2p256v1 is 256 elliptic curve parameters of prime field of the close recommendation of state, elliptic curve
Equation is y2=x3+ax+b.Parameter of curve is as follows:
Wherein parameter p is to need to fix in montgomery modulo multiplication to use parameter.
The utility model has the advantages that the quick Montgomery modular multiplier optimization component that the present invention is suitable for the close sm2p256v1 algorithm of state is big
Amount reduces multiplier resources, reduces the design complexities of Montgomery modular multiplier, reduces hardware power consumption, and improve
The operation efficiency of information security chip Montgomery modular multiplier in the close sm2p256v1 parameter of curve of operation state is reducing chip
The internal structure of information security chip can be simplified accordingly on the basis of operation power consumption, thus reduce the manufacturing of chip at
This.
The above shows and describes the basic principles and main features of the present invention and the advantages of the present invention.The technology of the industry
Personnel are it should be appreciated that the present invention is not limited to the above embodiments, and the above embodiments and description only describe this
The principle of invention, without departing from the spirit and scope of the present invention, various changes and improvements may be made to the invention, these changes
Change and improvement all fall within the protetion scope of the claimed invention.The claimed scope of the invention by appended claims and its
Equivalent thereof.
Claims (5)
1. being suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state characterized by comprising big
Number multiplier, temporary variable production device, end-around carry accumulator and subtracters several greatly, the big integer A that input bit wide is 256bit
With B by large number multiplication device obtain a bit wide be 512bit big integer Z, by Z generate temporary variable X1 and X2 after with Z into
8 carry accumulation operations of row, the cumulative obtained result Z of each carry are re-used as carry accumulator and temporary variable generator
M, if Z is greater than or equal to big integer constant M, is carried out primary big number in Z after completing 8 carry accumulation operations by input
Otherwise subtraction directly exports the result of 8 end-around carry accumulators.
2. it is suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state as described in claim 1,
It is characterized in that, the large number multiplication device operation mode are as follows: Z=(Z16,...,Z0)=A × B.
3. it is suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state as described in claim 1,
It is characterized in that, the temporary variable produces device operation mode are as follows: passes through formula T=Zi、X1=T < < 32-T and X2=X1-T
Calculate X1And X2, wherein X1And X2Data bit width be 64bit.
4. it is suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state as described in claim 1,
It is characterized in that, the end-around carry accumulator operation mode are as follows: successively calculate (Z according to the following stepsi+8,...,Zi+0):
S1:(C,Zi+0)=Zi+0+X1+C;
S2:(C,Zi+1)=Zi+1+X1+C;
S3:(C,Zi+2)=Zi+2+0+C;
S4:(C,Zi+3)=Zi+3+X1+C;
S5:(C,Zi+4)=Zi+4+X1+C;
S6:(C,Zi+5)=Zi+5+X1+C;
S7:(C,Zi+6)=Zi+6+X1+C;
S8:(C,Zi+7)=Zi+7+X2+C;
S9:(CARRY,Zi+8)=Zi+8+C+CAARY;
Such as (C, Z in S1i+0)=Zi+0+X1+ C, wherein Zi+0Data bit width be 32bit, X1Data bit width with C is 64bit,
Step S2~S9 and so on, ZiFor 32bit intermediate variable.
5. it is suitable for the quick Montgomery modular multiplier optimization component of the close sm2p256v1 algorithm of state as described in claim 1,
It is characterized in that, big several subtracter operation modes are as follows: if (Z16,...,Z8) >=M, then R=(Z16,...,Z8)-M。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910214681.4A CN109933305A (en) | 2019-03-20 | 2019-03-20 | Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910214681.4A CN109933305A (en) | 2019-03-20 | 2019-03-20 | Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109933305A true CN109933305A (en) | 2019-06-25 |
Family
ID=66987836
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910214681.4A Pending CN109933305A (en) | 2019-03-20 | 2019-03-20 | Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109933305A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040225702A1 (en) * | 2003-05-09 | 2004-11-11 | Hee-Kwan Son | Montgomery modular multiplier and method thereof |
| CN104951279A (en) * | 2015-05-27 | 2015-09-30 | 四川卫士通信息安全平台技术有限公司 | Vectorized Montgomery modular multiplier design method based on NEON engine |
| CN109145616A (en) * | 2018-08-01 | 2019-01-04 | 上海交通大学 | The realization method and system of SM2 encryption, signature and key exchange based on efficient modular multiplication |
-
2019
- 2019-03-20 CN CN201910214681.4A patent/CN109933305A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040225702A1 (en) * | 2003-05-09 | 2004-11-11 | Hee-Kwan Son | Montgomery modular multiplier and method thereof |
| CN104951279A (en) * | 2015-05-27 | 2015-09-30 | 四川卫士通信息安全平台技术有限公司 | Vectorized Montgomery modular multiplier design method based on NEON engine |
| CN109145616A (en) * | 2018-08-01 | 2019-01-04 | 上海交通大学 | The realization method and system of SM2 encryption, signature and key exchange based on efficient modular multiplication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113628094B (en) | High-throughput SM2 digital signature computing system and method based on GPU | |
| CN106445471A (en) | Processor and method for executing matrix multiplication on processor | |
| Gu et al. | A novel weight design in multi-objective evolutionary algorithm | |
| CN110351087A (en) | The montgomery modulo multiplication operation method and computing device of pipeline-type | |
| Hu et al. | Design of recurrent neural networks for solving constrained least absolute deviation problems | |
| CN109933304B (en) | Rapid Montgomery modular multiplier operation optimization method suitable for national secret sm2p256v1 algorithm | |
| CN108390393A (en) | Power distribution network multi-objective reactive optimization method and terminal device | |
| Zhang et al. | Efficient prime-field arithmetic for elliptic curve cryptography on wireless sensor nodes | |
| CN103236819B (en) | A kind of memory system chaotic signal generator | |
| CN115577603A (en) | Simulation method and system for reducing unit matrix dimension and related equipment | |
| CN108256638A (en) | Microprocessor circuit and the method for performing neural network computing | |
| CN108256644A (en) | Microprocessor circuit and the method for performing neural network computing | |
| CN107547201A (en) | A kind of method of scalar multiplication computational efficiency in raising elliptic curve cryptosystem | |
| Park et al. | Optimal tuning of a confined Brownian information engine | |
| CN109933305A (en) | Quick Montgomery modular multiplier optimization component suitable for the close sm2p256v1 algorithm of state | |
| CN113467754A (en) | Lattice encryption modular multiplication operation method and framework based on decomposition reduction | |
| Sanchez et al. | A novel 1d-convolution accelerator for low-power real-time cnn processing on the edge | |
| CN104750455A (en) | Method and device for processing data on basis of Montgomery modular multiplication | |
| Shi et al. | Some limit properties of random transition probability for second-order nonhomogeneous Markov chains indexed by a tree | |
| CN104598199B (en) | The data processing method and system of a kind of Montgomery modular multipliers for smart card | |
| Rakanovic et al. | Reducing off-chip memory traffic in deep CNNs using stick buffer cache | |
| CN112668183A (en) | Rain flow counting processing method for long-time history vibration signal | |
| CN110619104A (en) | Near-field dynamics serial and parallel numerical calculation method based on cubic lattice integration method | |
| CN110619928A (en) | Parallel cubic lattice integration method of bond-based near-field dynamics | |
| CN104680174B (en) | The frame clustering method of Grid-oriented animation progressive transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20211012 Address after: Floor 12 and 13, building 3, 333 Yunhua Road, high tech Zone, Chengdu, Sichuan 610000 Applicant after: CHENGDU 30JAVEE MICROELECTRONICS Co.,Ltd. Address before: Building 2, 333 Yunhua Road, high tech Zone, Chengdu, Sichuan 610000 Applicant before: SICHUAN WEISHITONG INFORMATION SECURITY PLATFORM TECHNOLOGY Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190625 |