TW201404108A - Semi-systolic Gaussian normal basis multiplier - Google Patents

Semi-systolic Gaussian normal basis multiplier Download PDF

Info

Publication number
TW201404108A
TW201404108A TW101124568A TW101124568A TW201404108A TW 201404108 A TW201404108 A TW 201404108A TW 101124568 A TW101124568 A TW 101124568A TW 101124568 A TW101124568 A TW 101124568A TW 201404108 A TW201404108 A TW 201404108A
Authority
TW
Taiwan
Prior art keywords
gaussian
multiplier
systolic
elements
regular
Prior art date
Application number
TW101124568A
Other languages
Chinese (zh)
Inventor
Qi-Wen Qiu
Hong-Wei Zhang
Wen-Yao Liang
qiu-ying Li
zhi-min Lin
Yun-Qi Ye
Original Assignee
Univ Ching Yun
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Ching Yun filed Critical Univ Ching Yun
Priority to TW101124568A priority Critical patent/TW201404108A/en
Publication of TW201404108A publication Critical patent/TW201404108A/en

Links

Landscapes

  • Complex Calculations (AREA)

Abstract

The present invention discloses a semi-systolic Gaussian normal basis multiplier, which is used for multiplication of an element A and an element B to obtain an element C, wherein the elements A, B and C all belong to the elements in a m-bit finite field GF(2 m ). The finite field GF(2 m ) has a Gaussian normal basis for normal elements of type t respectively as <alpha> end . The multiplier comprises a transform unit for transforming the Gaussian normal basis of type t into a polynomial basis {<gamma> 0,<gamma> 1, …, <gamma> mt }; a multiplication module, which is connected with the transform unit for multiplication of coefficients; and, an inverse transform unit, which is connected with the multiplication module for transforming the element C' with polynomial basis {<gamma> 0,<gamma> 1, …, <gamma> mt } into the element C with the Gaussian normal basis of type t.

Description

半心臟收縮型高斯正規基底乘法器 Semi-systolic Gaussian regular base multiplier

本發明係關於公開金鑰加密系統的乘法技術,特別是指一種半心臟收縮型(semi-systolic)的高斯正規基底乘法器。 The present invention relates to a multiplication technique for a public key encryption system, and more particularly to a semi-systolic Gaussian regular base multiplier.

GF(2m)為公開金鑰加密系統常用的有限場之一,多用於進階加密標準(AES)、橢圓曲線加密法(ECC)、及成對(pairing-based)加密法等,進行二進位制的運算,其中的m代表該有限場GF(2m)所採用的位元數量。當該有限場GF(2m)採用正規基底(normal basis)時,其所屬元素可表示為階次小於m的二進位多項式。此類的有限場GF(2m)對於加法的計算,係為相同階次(weight)之係數的模數2(modulo-2)運算,這可藉由互斥或閘來實現。正規基底(normal basis)適用於平方的運算,其可藉由移位的運算來實現。然而,乘法的運算對於正規基底則較難實現。為解決此問題,本發明採用高斯正規基底(Gaussian normal basis),以期建構較佳的乘法演算法。 GF(2 m ) is one of the limited fields commonly used in public key cryptosystems. It is mostly used in Advanced Encryption Standard (AES), Elliptic Curve Cryptography (ECC), and pairing-based cryptography. The operation of the carry system, where m represents the number of bits used by the finite field GF(2 m ). When the finite field GF(2 m ) adopts a normal basis, the element to which it belongs can be expressed as a binary polynomial of order less than m. The finite field GF(2 m ) of this class is a modulo-2 operation of the coefficients of the same order for the addition, which can be achieved by mutual exclusion or gate. The normal basis applies to the squared operation, which can be implemented by a shift operation. However, multiplication operations are more difficult to implement for regular substrates. To solve this problem, the present invention uses a Gaussian normal basis to construct a better multiplication algorithm.

有鑑於此,在本發明的一方面,一實施例提供一種半 心臟收縮型高斯正規基底乘法器,用以對一元素A與一元素B進行乘積運算,以得到一元素C,其中該等元素A、B及C皆屬於一m位元有限場GF(2m)中之元素,該有限場GF(2m)的正規元素及型式t(type-t)高斯正規基底分別為α及{,,,...,},該元素A可表示為,該元素B可表示為,該元素C可表示為,其中各元素係數ai、bi及ci等於0或1,該乘法器包括:一轉換單元,可將該型式t高斯正規基底{,,,...,}轉換為一多項式基底{γ 0,γ 1,...,γ mt },其中對於1imt,0jm-1,0kt-1而言,,且τ為一預先設定的數;該轉換單元並將該等元素A、B轉換為以該多項式基底{γ 0,γ 1,...,γ mt }為基底的元素A’及B’,該元素A’可表示為,該元素B’可表示為,其中==0且=a j ,=b j ;該轉換單元並將該等元素A’及B’分別重新整理成,其中對於1im-1及0kt而言,=0且=0且;一乘積模組,連接至該轉換單元,對於1it及0j t而言,接收該A’i及B’j,並計算等於;以及一逆轉換單元,連接至該乘積 模組並接收該,藉以計算,並將該多項式基底{γ 0,γ 1,...,γ mt }之元素轉換為該型式t高斯正規基底{,,,...,}之元素C。 In view of this, in an aspect of the present invention, an embodiment provides a semi-systolic Gaussian normal matrix multiplier for performing a product operation on an element A and an element B to obtain an element C, wherein the elements a, B and C belong to a m-bit finite field GF (2 m) of elements in the finite field GF (2 m) elements and regular pattern t (type-t) are Gaussian normal substrate and , , ,..., }, the element A can be expressed as , the element B can be expressed as , the element C can be expressed as , wherein each element coefficient a i , b i and c i is equal to 0 or 1, the multiplier comprises: a conversion unit, the type t Gaussian regular basis can be { , , ,..., } converted to a polynomial basis { γ 0 , γ 1 ,..., γ mt }, where for 1 i Mt,0 j M-1,0 k For t-1, And τ is a predetermined number; the conversion unit converts the elements A, B into elements A' and B' based on the polynomial base { γ 0 , γ 1 , ..., γ mt } , the element A' can be expressed as , the element B' can be expressed as ,among them = =0 and = a j , = b j ; the conversion unit and reorganize the elements A' and B' into and , for 1 i M-1 and 0 k t, =0 and , =0 and a product module connected to the conversion unit for 1 i t and 0 j t , receive the A' i and B' j and calculate equal And an inverse conversion unit connected to the product module and receiving the By calculation And the element of the polynomial base { γ 0 , γ 1 ,..., γ mt } Converted to this type t Gaussian regular basis { , , ,..., Element C.

該乘積模組包含m2個計算單元,用以針對各該A’i與B’j係數來計算,使得等於。各計算單元包含一及閘、一互斥或閘及二個單位元鎖存器。 The product module includes m 2 calculation units for calculating the A' i and B' j coefficients for each Make equal . Each computing unit includes a gate, a mutex or gate, and two unit cell latches.

該逆轉換單元包含一互斥或閘及一筒移位器。該互斥或閘串接該筒移位器,且該筒移位器接收該,並使該的資料向右移動m或(m+1)個位元。 The inverse conversion unit includes a mutex or a gate and a cylinder shifter. The mutually exclusive or brake is connected to the barrel shifter, and the barrel shifter receives the And make this The data is moved to the right by m or (m+1) bits.

以下將參照隨附之圖式詳細描述及說明本發明之特徵、目的、功能,及其達成所使用的技術手段;但所列舉之實施例僅為輔助說明,以利對本發明有更進一步的認知與瞭解,並不因此限制本發明的範圍及技術手段。而為了說明上的便利,圖式中各裝置組件係以概略的、誇張的、或簡要的方式表示,且各構成要素的尺寸並未完全為其實際尺寸。 The features, objects, and functions of the present invention, as well as the technical means for achieving the same, are described in detail with reference to the accompanying drawings. It is understood that the scope and technical means of the invention are not limited thereby. For the convenience of description, each device component in the drawings is represented in a rough, exaggerated, or brief manner, and the dimensions of the constituent elements are not completely the actual size.

首先假設α及{,,,...,}分別為該有限場GF(2m) 的正規元素及型式t之高斯正規基底,則α GF(2m)且該有限場GF(2m)的元素A可表示為,元素B可表示為,其中各元素係數ai及bi為二進位制的係數,其值為0或1;也就是說,對於i=0,1,2,...,m-1而言,a i ,b i {0,1}。上述的正規基底及其所衍生的元素具有下列的特徵:(1),(2)(A+B)2=A 2+B 2First assume that α and { , , ,..., } is the normal element of the finite field GF(2 m ) and the Gaussian regular base of the type t, respectively, α GF(2 m ) and the element A of the finite field GF(2 m ) can be expressed as , element B can be expressed as , wherein each element coefficient a i and b i is a binary coefficient, and its value is 0 or 1; that is, for i=0, 1, 2, ..., m-1, a i , b i {0,1}. The above-mentioned regular substrate and the elements derived therefrom have the following characteristics: (1) , (2) ( A + B ) 2 = A 2 + B 2 .

倘若上述的m及t皆為正整數且(mt+1)為非偶數的質數,又假設γ為有限場GF(2mt)之不可分解的第(mt+1)根,則對於任何有限場GF(2mt+1)之不可分解的第t根,其元素可稱為GF(2)之上的型式(m,t)之高斯週期。藉此,α為GF(2m)中的正規元素,且{,,,...,}為GF(2m)的正規基底。該型式(m,t)之高斯週期所代表的型式t之高斯正規基底具有下列的特徵:(1),(2)τ t =1 mod mt+1,(3)γ mt+1=γ (mt+1)mod(mt+1)=1。 If the above m and t are both positive integers and (mt+1) is a non-even prime number, and γ is the indecomposable (mt+1) root of the finite field GF(2 mt ), then for any finite field The indecomposable t-th root of GF(2 mt+1 ), its elements It can be called the Gaussian period of the pattern (m, t) above GF(2). Thereby, α is a regular element in GF(2 m ), and { , , ,..., } is a regular base of GF(2 m ). The Gaussian regular substrate of the type t represented by the Gaussian period of the pattern (m, t) has the following characteristics: (1) , (2) τ t =1 mod mt+1, (3) γ mt +1 = γ ( mt +1) mod ( mt +1) =1.

當對元素A與元素B進行乘積運算而得到元素C時,該元素C可表示為,亦屬於型式t之高斯正規基底的元素,且各元素係數ci為0或1之二進位制係數。本發明所提出者為半心臟收縮型高斯正規基底乘法器,其運算將包含各元素由型式t之高斯正規基底{,,,...,} 至多項式基底{γ 0,γ 1,...,γ mt }的轉換,其中對於1imt,0jm-1,0kt-1而言,,且τ為一預先設定的正整數;則該等元素A、B將被轉換為以該多項式基底{γ 0,γ 1,...,γ mt }為基底的元素A’、B’,其可分別表示為,其中==0且=a j ,=b j 。經過如下的計算整理: 該等元素A’及B’可分別重新整理成t+1個部份的相加如下:,其中對於1im-1及0kt而言,=0且=0且When element A is obtained by performing a product operation on element A and element B, the element C can be expressed as It also belongs to the element of the Gaussian normal substrate of the type t, and each element coefficient c i is a binary coefficient of 0 or 1. The present invention proposes a semi-systolic Gaussian regular base multiplier whose operation will contain a Gaussian regular basis of each element from the form t { , , ,..., } to the transformation of the polynomial base { γ 0 , γ 1 ,..., γ mt }, where for 1 i Mt,0 j M-1,0 k For t-1, And τ is a predetermined positive integer; then the elements A, B will be converted into elements A', B' based on the polynomial base { γ 0 , γ 1 , ..., γ mt }, It can be expressed as and ,among them = =0 and = a j , = b j . After the following calculations: The elements A' and B' can be reorganized into t+1 parts respectively as follows: , , for 1 i M-1 and 0 k t, =0 and , =0 and .

藉此,元素A’與B’的乘積C '可計算如下: 其中的乘積係數可藉由下列方程式而得: 其中,當1km-1時,γ的乘積,其可計算如下: 且對於kwk+m-1而言,其係數為Thereby, the product C ' of the elements A' and B ' can be calculated as follows: Product coefficient It can be obtained by the following equation: Among them, when 1 k When m-1, And , γ and The product of which can be calculated as follows: And for k w For k + m -1, the coefficient is .

根據上述的方程式,本發明實施例之計算的乘積模組方塊圖可如圖1所示,該乘積模組100包含m2個U計算單元110,用以針對各該A’i與B’j係數來計算,使得等於。各U計算單元110的電路圖可如圖2所示,其包含一及(AND)閘111、一互斥 或(XOR)閘112及二個單位元鎖存器(latch)113及114;該及閘111用以執行乘法的運算,該互斥或閘112用以執行加法的運算,該單位元鎖存器113/114用以執行資料串列的延遲一位元。該U計算單元具有三個輸入端ain,bin,cin及三個輸出端aout,bout,cout,經過該U計算單元110的運算後,aout仍維持其輸入值ain,bout為其輸入值bin延遲一位元,cout為ain與bin相乘後,再與cin相加所得的值,再延遲一位元。在如圖2的實施例中,ain由該U計算單元110的左側輸入,而aout由該U計算單元110的右側輸出;bin由該U計算單元110的左上角輸入,而bout由該U計算單元110的右下角輸出;cin由該U計算單元110的上端輸入,而cout由該U計算單元110的下端輸出;如此可方便多個U計算單元110排列成矩陣的型式,以建構的乘積模組100。 According to the above equation, the calculation of the embodiment of the present invention The product module block diagram can be as shown in FIG. 1. The product module 100 includes m 2 U calculation units 110 for calculating the A'i and B'j coefficients. Make equal . The circuit diagram of each U computing unit 110 can be as shown in FIG. 2, and includes an AND gate 111, a mutually exclusive or (XOR) gate 112, and two unit cell latches 113 and 114; The gate 111 is used to perform a multiplication operation, the mutex or gate 112 is used to perform an addition operation, and the unit cell latch 113/114 is configured to perform a delay one bit of the data string. The U calculation unit has three input terminals a in , b in , c in and three output terminals a out , b out , c out . After the operation of the U calculation unit 110, a out still maintains its input value a in b out is delayed by one bit for its input value b in , c out is the value obtained by multiplying a in with b in , and then added with c in , and then delaying one bit. In the embodiment of FIG. 2, a in is input from the left side of the U calculation unit 110, and a out is output from the right side of the U calculation unit 110; b in is input from the upper left corner of the U calculation unit 110, and b out Outputted by the lower right corner of the U calculation unit 110; c in is input by the upper end of the U calculation unit 110, and c out is output by the lower end of the U calculation unit 110; thus, it is convenient to arrange the plurality of U calculation units 110 into a matrix type. To construct Product module 100.

至於的乘積模組100,請參照圖1,該m2個U計算單元110可排列成矩陣的型式,各U計算單元標示成Ux,y,其中x代表其所在的列號,y代表其所在的行號;該等U計算單元110的排列方式為:對角線上設置計算單元Ui,i,並往右設置m-1個U計算單元,因此共有m2個U計算單元110。在如圖1的實施例中,a’im~a’im+m-1分別作為對角線計算單元U0,0~Um-1,m-1的ain輸入,b’jm~b’jm+m-1分別作 為第0列計算單元U0,0~U0,m-1的bin輸入,2m-1個0分別作為第0列計算單元U0,0~U0,m-1及對角線計算單元U0,m-1~Um-1,2m-2的cin輸入。藉由如圖1之該等U計算單元110的矩陣排列,以及相鄰的該等U計算單元110之間的輸入/輸出端的連結,該乘積模組100可計算出的各係數。 As for For the product module 100, please refer to FIG. 1. The m 2 U calculation units 110 can be arranged in a matrix form, and each U calculation unit is labeled as U x, y , where x represents the column number in which it is located, and y represents its location. The row numbers of the U calculation units 110 are arranged by setting the calculation unit U i,i on the diagonal and m-1 U calculation units to the right, thus sharing m 2 U calculation units 110. In the embodiment of Fig. 1, a' im ~ a' im + m-1 is input as a in of the diagonal calculation unit U 0,0 ~U m-1,m-1 , respectively, b' jm ~b ' jm+m-1 is input as b in of the 0th column calculation unit U 0,0 ~U 0,m-1 , respectively, 2m-1 0 as the 0th column calculation unit U 0,0 ~U 0,m -1 and the c in input of the diagonal calculation unit U 0,m-1 ~U m-1,2m-2 . The product module 100 can be calculated by the matrix arrangement of the U calculation units 110 as shown in FIG. 1 and the connection of the input/output terminals between the adjacent U calculation units 110. The coefficients of each.

接著進行前述基底轉換的逆轉換程序,藉由該以計算,並將該多項式基底{γ 0,γ 1,...,γ mt }之元素轉換為該型式t高斯正規基底{,,,...,}之元素C。由上述的方程式可推導出下式 而藉由前述之型式t高斯正規基底的特徵γ mt+1=1,上式可重新整理成其中,〈x〉表示x mod mt+1的運算。因此,由C 'C的轉換包含以下的運算:首先藉由來計算C ',再對於0jm-1範圍中的各個j,找到一個滿足i=2 j τ k modmt+1(0kt-1)的i;則C的係數為。圖3為本實施例之半心臟收縮型高斯正規基底乘法器對於C '計算的示意圖,其包含一的乘積模組100、 一互斥或(XOR)閘200及一筒移位器(Barrel shifter)300。該的乘積模組100已如前文及圖1所述,該互斥或閘200用以執行加法的運算,該筒移位器300用以將其所接收的資料串列位移m或m+1個位元,且該互斥或閘200及該筒移位器300用以組成該逆轉換單元。該筒移位器300的電路方塊圖如圖4所示,其包含mt+1個單位元鎖存器310及mt+1個2×1多工選擇器320,藉以對mt+1個輸入資料I0~Imt加以鎖存及選擇的操作,以於一時脈週期中,將該等輸入資料I0~Imt位移一特定的位元,而得到O0~Omt的輸出。該筒移位器的選擇信號s可由該2×1多工選擇器320的左側或右側輸入,本發明對此不加以限制。因此,該筒移位器300可在接收該後,使該的資料向右移動m或(m+1)個位元。 And then performing the inverse conversion process of the foregoing substrate conversion, by To calculate And the element of the polynomial base { γ 0 , γ 1 ,..., γ mt } Converted to this type t Gaussian regular basis { , , ,..., Element C. The following equation can be derived from the above equation By the feature γ mt +1 =1 of the aforementioned t-gaussian regular substrate, the above formula can be rearranged into Where < x 〉 represents the operation of x mod mt + 1 . Therefore, the conversion from C ' to C contains the following operations: first by To calculate C ' , then for 0 j Each j in the m-1 range finds one that satisfies i = 2 j τ k modmt+1(0 k i of t-1); then the coefficient of C is . 3 is a schematic diagram of a half-systole-type Gaussian normal substrate multiplier for C ' calculation of the present embodiment, which includes a The product module 100, a mutually exclusive or (XOR) gate 200, and a Barrel shifter 300. The The product module 100 has been used as described above and in FIG. 1. The mutex or gate 200 is used to perform an addition operation, and the cartridge shifter 300 is configured to shift the received data string by m or m+1. The bit and the mutex or gate 200 and the barrel shifter 300 are used to form the inverse conversion unit. The circuit block diagram of the cartridge shifter 300 is shown in FIG. 4, which includes mt+1 unit cell latches 310 and mt+1 2×1 multiplex selectors 320, so that mt+1 input data is used. I 0 ~I mt are latched and selected to shift the input data I 0 ~I mt by a specific bit in a clock cycle to obtain an output of O 0 ~O mt . The selection signal s of the cartridge shifter can be input to the left or right side of the 2×1 multiplexer 320, which is not limited in the present invention. Therefore, the cartridge shifter 300 can receive the After making this The data is moved to the right by m or (m+1) bits.

接下來以4位元的有限場GF(2m)及型式3的高斯正規基底為例,說明本發明實施例的操作。在本實施例中,元素A及B可分別表示為,並選用τ值為3,則A及B可推導如下: 其中 ,且 Next, the operation of the embodiment of the present invention will be described by taking a 4-bit finite field GF (2 m ) and a Gaussian normal substrate of the pattern 3 as an example. In this embodiment, elements A and B can be represented as and And select τ value of 3, then A and B can be derived as follows: among them And .

上式中的A’及B’可重新整理如下: 其中,其中,經過A '×B '的計算後,可得到C’: 其中,對於0 i,j 3而言,A' and B' in the above formula can be rearranged as follows: among them, and among them, After the calculation of A ' × B ' , you can get C': Among them, for 0 i , j 3, .

根據上述的方程式,本實施例的乘積模組101之方 塊圖可如圖5所示,該乘積模組包含(42)或16個U計算單元110,用以針對各該A’i與B’j係數來計算,各U計算單元110如圖2所示,在此不再贅述。的各係數被安排在具相對應權重的位置上,其結果整理如表1。 According to the above equation, the embodiment The block diagram of the product module 101 can be as shown in FIG. 5. The product module includes (4 2 ) or 16 U calculation units 110 for calculating the A' i and B' j coefficients. Each U computing unit 110 is shown in FIG. 2 and will not be described again. The coefficients of each are arranged at positions with corresponding weights, and the results are summarized in Table 1.

A’與B’的乘積C '可表示為,如此則可將表1中第γ t 列的各項係數相加,可得到C '的係數,例如。因此,C的係數則可直接由C '的係數而得到: 而導致C的最終結果為 The product C ' of A' and B ' can be expressed as In this way, the coefficients of the γ t column in Table 1 can be added to obtain the coefficient of C ' ,E.g for . Therefore, the coefficient of C can be obtained directly from the coefficient of C ' : And the final result of C is

唯以上所述者,包含:特徵、步驟、結構、及其它類似的效果,僅為本發明之實施範例,亦可為該領域所屬的技藝人士在依本發明申請專利範圍進行均等變化及修飾,仍將不失本發明之要義所在,亦不脫離本發明之精神和範圍,故都應視為本發明的進一步實施狀況,當不能以之限制本發明的範圍。 The above description includes the features, the steps, the structure, and the like, and is only an embodiment of the present invention, and may be equally modified and modified by those skilled in the art according to the scope of the present invention. The scope of the present invention is not to be construed as limiting the scope of the present invention.

100/101‧‧‧乘積模組 100/101‧‧‧Product Module

110‧‧‧計算單元 110‧‧‧Computation unit

111‧‧‧及閘 111‧‧‧ and gate

112‧‧‧互斥或閘 112‧‧‧ Mutual exclusion or gate

113/114‧‧‧單位元鎖存器 113/114‧‧‧Unit Latches

200‧‧‧互斥或閘 200‧‧‧mutual exclusion or gate

300‧‧‧筒移位器 300‧‧‧Canister shifter

310‧‧‧單位元鎖存器 310‧‧‧Unit Latch

320‧‧‧多工選擇器 320‧‧‧Multiplex selector

圖1為根據本發明實施例之計算的乘積模組的方塊示意圖。 1 is a calculation in accordance with an embodiment of the present invention A block diagram of the product module.

圖2為U計算單元的電路圖。 2 is a circuit diagram of a U calculation unit.

圖3為本發明實施例之半心臟收縮型高斯正規基底乘法器對於C '計算的示意圖。 Embodiment 3 FIG embodiment of the present invention, half of the heart contraction substrate Gaussian normal multiplier for computing a schematic C '.

圖4為上述實施例之筒移位器的電路圖。 Fig. 4 is a circuit diagram of the cartridge shifter of the above embodiment.

圖5為根據本發明實施例之計算的乘積模組的方塊示意圖(m=4,t=3)。 Figure 5 is a calculation in accordance with an embodiment of the present invention A block diagram of the product module (m=4, t=3).

100‧‧‧乘積模組 100‧‧‧Product Module

200‧‧‧互斥或閘 200‧‧‧mutual exclusion or gate

300‧‧‧筒移位器 300‧‧‧Canister shifter

Claims (8)

一種半心臟收縮型高斯正規基底乘法器,用以對一元素A與一元素B進行乘積運算,以得到一元素C,其中該等元素A、B及C皆屬於一m位元有限場GF(2m)中之元素,該有限場GF(2m)的正規元素及型式t高斯正規基底分別為α及{,,,...,},該元素A可表示為,該元素B可表示為,該元素C可表示為,其中各元素係數ai、bi及ci等於0或1,該乘法器包括:一轉換單元,可將該型式t高斯正規基底{,,,...,}轉換為一多項式基底{γ 0,γ 1,...,γ mt },其中對於1imt,0jm-1,0kt-1而言,,且τ為一預先設定的數;該轉換單元並將該等元素A、B轉換為以該多項式基底{γ 0,γ 1,...,γ mt }為基底的元素A’及B’,該元素A’可表示為,該元素B’可表示為,其中==0且=a j ,=b j ;該轉換單元並將該等元素A’及B’分別重新整理成,其中對於1im-1 及0kt而言,=0且=0且;一乘積模組,連接至該轉換單元,對於1it及0j t而言,接收該A’i及B’j,並計算等於;以及一逆轉換單元,連接至該乘積模組並接收該,藉以計算,並將該多項式基底{γ 0,γ 1,...,γ mt }之元素轉換為該型式t高斯正規基底{,,,...,}之元素C。 A semi-systolic Gaussian regular base multiplier for multiplying an element A and an element B to obtain an element C, wherein the elements A, B and C belong to an m-bit finite field GF ( 2 m) of elements in the finite field GF (2 m) elements and formal t Gaussian type substrate are regular and , , ,..., }, the element A can be expressed as , the element B can be expressed as , the element C can be expressed as , wherein each element coefficient a i , b i and c i is equal to 0 or 1, the multiplier comprises: a conversion unit, the type t Gaussian regular basis can be { , , ,..., } converted to a polynomial basis { γ 0 , γ 1 ,..., γ mt }, where for 1 i Mt,0 j M-1,0 k For t-1, And τ is a predetermined number; the conversion unit converts the elements A, B into elements A' and B' based on the polynomial base { γ 0 , γ 1 , ..., γ mt } , the element A' can be expressed as , the element B' can be expressed as ,among them = =0 and = a j , = b j ; the conversion unit and reorganize the elements A' and B' into and , for 1 i M-1 and 0 k t, =0 and , =0 and a product module connected to the conversion unit for 1 i t and 0 j t , receive the A' i and B' j and calculate equal And an inverse conversion unit connected to the product module and receiving the By calculation And the element of the polynomial base { γ 0 , γ 1 ,..., γ mt } Converted to this type t Gaussian regular basis { , , ,..., Element C. 如申請專利範圍第1項之半心臟收縮型高斯正規基底乘法器,其中該乘積模組包含m2個計算單元,用以針對各該A’i與B’j係數來計算,使得等於For example, the systolic Gaussian regular base multiplier of claim 1 of the patent scope, wherein the product module comprises m 2 calculation units for calculating the coefficients of each of the A'i and B'j Make equal . 如申請專利範圍第2項之半心臟收縮型高斯正規基底乘法器,其中各計算單元包含一及閘、一互斥或閘及二個單位元鎖存器。 For example, the systolic Gaussian regular base multiplier of claim 2, wherein each calculation unit comprises a gate, a mutex or a gate and two unitary latches. 如申請專利範圍第1項之半心臟收縮型高斯正規基底乘法器,其中該逆轉換單元包含一互斥或閘及一筒移位器。 A half-systolic Gaussian regular substrate multiplier as claimed in claim 1 wherein the inverse conversion unit comprises a mutually exclusive or gate and a barrel shifter. 如申請專利範圍第4項之半心臟收縮型高斯正規基底乘法器,其中該互斥或閘串接該筒移位器。 A systolic Gaussian regular substrate multiplier of the fourth aspect of the patent application, wherein the mutually exclusive or gate is connected to the barrel shifter. 如申請專利範圍第5項之半心臟收縮型高斯正規基底乘法器,其中該筒移位器接收該,並使該的資料向右移動m或(m+1)個位元。 a systolic Gaussian regular substrate multiplier of claim 5, wherein the cartridge shifter receives the And make this The data is moved to the right by m or (m+1) bits. 如申請專利範圍第1項之半心臟收縮型高斯正規基底乘法器,其中該τ為正整數。 A half-systolic Gaussian regular substrate multiplier as claimed in claim 1 wherein the τ is a positive integer. 如申請專利範圍第1項之半心臟收縮型高斯正規基底乘法器,其中該有限場GF(2m)為4位元的有限場,該高斯正規基底為型式t的高斯正規基底,且τ為3。 The systolic Gaussian normal basal multiplier of claim 1 is wherein the finite field GF(2 m ) is a 4-bit finite field, the Gaussian normal substrate is a Gaussian regular substrate of the type t, and τ is 3.
TW101124568A 2012-07-09 2012-07-09 Semi-systolic Gaussian normal basis multiplier TW201404108A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW101124568A TW201404108A (en) 2012-07-09 2012-07-09 Semi-systolic Gaussian normal basis multiplier

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW101124568A TW201404108A (en) 2012-07-09 2012-07-09 Semi-systolic Gaussian normal basis multiplier

Publications (1)

Publication Number Publication Date
TW201404108A true TW201404108A (en) 2014-01-16

Family

ID=50345721

Family Applications (1)

Application Number Title Priority Date Filing Date
TW101124568A TW201404108A (en) 2012-07-09 2012-07-09 Semi-systolic Gaussian normal basis multiplier

Country Status (1)

Country Link
TW (1) TW201404108A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104252332A (en) * 2014-08-20 2014-12-31 哈尔滨工业大学深圳研究生院 Multiplier and multiplier processing element for ellipse cipher apparatus
CN113836851A (en) * 2021-09-23 2021-12-24 山东华翼微电子技术股份有限公司 II-type optimal normal base and polynomial base conversion circuit

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104252332A (en) * 2014-08-20 2014-12-31 哈尔滨工业大学深圳研究生院 Multiplier and multiplier processing element for ellipse cipher apparatus
CN104252332B (en) * 2014-08-20 2018-09-18 哈尔滨工业大学深圳研究生院 A kind of multiplier processing unit and multiplier for elliptic curves cryptosystem device
CN113836851A (en) * 2021-09-23 2021-12-24 山东华翼微电子技术股份有限公司 II-type optimal normal base and polynomial base conversion circuit

Similar Documents

Publication Publication Date Title
JP6682041B2 (en) Processing method of fully homomorphic encryption based on modulo arithmetic
WO2015164996A1 (en) Elliptic domain curve operational method and elliptic domain curve operational unit
Karakoyunlu et al. Efficient and side-channel-aware implementations of elliptic curve cryptosystems over prime fields
JP4180024B2 (en) Multiplication remainder calculator and information processing apparatus
Banerjee Reversible cryptographic hardware with optimized quantum cost and delay
TW201404108A (en) Semi-systolic Gaussian normal basis multiplier
KR100508092B1 (en) Modular multiplication circuit with low power
CN103929305A (en) SM2 signature algorithm implementation method
US8527570B1 (en) Low cost and high speed architecture of montgomery multiplier
JP4170267B2 (en) Multiplication remainder calculator and information processing apparatus
CN111510292B (en) Method, system, device and storage medium for randomly generating hill high-order key matrix
KR100478974B1 (en) Serial finite-field multiplier
CN103023659B (en) ECC (elliptic curve cryptosystem) encryption hardware device with expandable parameter bit width
Lee Low-Latency Bit-Parallel Systolic Multiplier for Irreducible x m+ x n+ 1 with gcd (m, n)= 1
El-Razouk et al. New Bit-Level Serial GF (2^ m) Multiplication Using Polynomial Basis
CN108008934B (en) Composite finite field inversion device based on lookup table
JP3823107B2 (en) Basis transformation method and basis transformation device in finite field
JP6457911B2 (en) Scalar multiplier
Lu et al. A programmable VLSI architecture for computing multiplication and polynomial evaluation modulo a positive integer
KR100946256B1 (en) Scalable Dual-Field Montgomery Multiplier On Dual Field Using Multi-Precision Carry Save Adder
Liu et al. Multiprecision multiplication on ARMv8
Monfared et al. A new multiplicative inverse architecture in normal basis using novel concurrent serial squaring and multiplication
Trujillo-Olaya et al. Hardware architectures for inversion in GF (2 m) using polynomial and gaussian normal basis
Realpe-Muñoz et al. High-Performance Architectures for Finite Field Inversion Over GF (2163)
Poomagal et al. Modular multiplication algorithm in cryptographic processor: A review and future directions