CN103049710B - Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm - Google Patents

Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm Download PDF

Info

Publication number
CN103049710B
CN103049710B CN201210540967.XA CN201210540967A CN103049710B CN 103049710 B CN103049710 B CN 103049710B CN 201210540967 A CN201210540967 A CN 201210540967A CN 103049710 B CN103049710 B CN 103049710B
Authority
CN
China
Prior art keywords
point
digital signature
controller
arithmetic element
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210540967.XA
Other languages
Chinese (zh)
Other versions
CN103049710A (en
Inventor
沈阳
郭沛宇
王磊
宫铭豪
丁森华
梁晋春
马艳
姚颖颖
张乃光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Academy of Broadcasting Science of SAPPRFT
Original Assignee
Academy of Broadcasting Science of SAPPRFT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Academy of Broadcasting Science of SAPPRFT filed Critical Academy of Broadcasting Science of SAPPRFT
Priority to CN201210540967.XA priority Critical patent/CN103049710B/en
Publication of CN103049710A publication Critical patent/CN103049710A/en
Application granted granted Critical
Publication of CN103049710B publication Critical patent/CN103049710B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a field-programmable gate array (FPGA) chip for an SM2 digital signature verification algorithm. The FPGA chip comprises a system bus interface, an SM2 controller and an SM2 operation unit, and the system bus interface is used for communicating with an external system of the FPGA chip, acquiring parameters and data which are required by SM2 digital signature verification from the external system , writing the parameters and the data in the SM2 controller, receiving a control message, a work state query message and an operation result query message which are sent by the external system and sending the control message, the work state query message and the operation result query message to the SM2 controller; the SM2 controller is used for triggering the SM2 operation unit according to the control message and sending a work state and a verification result of the SM2 operation unit to the external system through the system bus interface after the SM2 controller receives the work state query message and the operation result query message; and the SM2 operation unit is used for reading the parameters and the data which are required by SM2 digital signature verification for this time from the SM2 controller under the triggering of the SM2 controller, finishing verification calculation according to the SM2 digital signature verification algorithm and sending a verification result to the SM2 controller.

Description

Fpga chip for SM2 digital signature verification algorithm
Technical field
The present invention relates to field of computer technology, more particularly to a kind of FPGA for SM2 digital signature verification algorithm Chip.
Background technology
National Password Management office will propose the related cryptographic algorithm standard of China in the end of the year 2010, including:SM2 standard, SM3 Standard, SM7 standard.Wherein SM2 standard is:Mathematical problem basis based on Elliptic Curve Discrete Logarithm, in international correlation ECC (Elliptic curve cipher)The domestic standard developing on the basis of relevant criterion algorithm and coming.
The main still RSA Algorithm of the more asymmetric cryptographic algorithm of domestic and international application at present.But from theory analysis and answer Seen with demand angle, ECC algorithm(Comprise SM2 canonical algorithm)Security intensity be higher than RSA Algorithm, key length is more simultaneously Short, application prospect is preferable.But the system based on SM2 algorithm is realized, or even product is few in terms of terminal chip research and development.
On the other hand, national Password Management office requires system and the terminal of domestic all application asymmetric cryptographic algorithms, in Domestic standard must be used, including SM2 algorithm standard rules before 2015.Therefore, permissible in terms of SM2 research and development of products and system schema Carry out system research.
Content of the invention
In order to solve the problems referred to above of the prior art, the present invention provide a kind of for SM2 digital signature verification algorithm Fpga chip.
The present invention provides a kind of fpga chip for SM2 digital signature verification algorithm, including:System bus interface, uses In being communicated with the external system of fpga chip, parameter data needed for external system obtains SM2 digital signature authentication, And write SM2 controller, receive control message, working condition query messages and the operation result inquiry that external system sends Message, and it is sent to SM2 controller;SM2 controller, is connected with system bus interface and SM2 arithmetic element, for according to control Message trigger SM2 arithmetic element, after receiving working condition query messages and operation result query messages, by system bus Interface sends working condition and the result of SM2 arithmetic element to external system;SM2 arithmetic element, in SM2 controller Triggering under, read this parameter data needed for SM2 digital signature authentication from SM2 controller, carry out according to SM2 numeral Signature verification algorithm carries out checking and calculates, and the result is sent to SM2 controller.
Preferably, system bus interface includes:Meet universal industrial bus standard system bus interface or, meet The system bus interface of User Defined bus inferface protocol.
Preferably, SM2 controller specifically includes:Control register, for receiving outside by system bus interface In the case of the control message that system sends, according to control message, SM2 arithmetic element is triggered by SM2 enabling signal and starts, lead to Cross SM2 reset signal triggering SM2 arithmetic element to reset;Data register, for receiving external system by system bus interface This parameter data needed for SM2 digital signature authentication sending, and stored, in control register reset SM2 computing After unit, empty this parameter data needed for SM2 digital signature authentication;Status register, for receiving work shape In the case of state query messages, the working condition of inquiry SM2 arithmetic element, and by system bus interface, working condition is sent To external system;Proactive notification external system SM2 arithmetic element has completed this SM2 digital signature authentication;Receiving computing In the case of result queries message, send the checking of this SM2 digital signature authentication to external system by system bus interface Result.
Preferably, SM2 arithmetic element specifically includes:First state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and communicated with SM2 controller;First mould adds computing module, for completing SM2 numeral under affine coordinate system The calculating of t=(r '+s ') modn in signature verification algorithm, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is Signature code word, calculates the digest value of messageHv() is digest calculations function,Before " " represents The splicing of latter two character string, n is the rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;First times Point processing module, for the support in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division arithmetic Under, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under affine coordinate systemA, wherein, G is elliptic curve Basic point, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to PAT ' times Point;First point add operation module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under affine coordinate systemAThe point of two points Plus computing, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
Preferably, first state machine module specifically for:Read needed for this SM2 digital signature authentication in SM2 controller Parameter data;Receive the SM2 enabling signal that SM2 controller sends, start SM2 arithmetic element;Tested according to SM2 digital signature Computing process invocation the first point doubling module of card algorithm, the first point add operation module, the first mould add computing module, and according to This parameter data needed for SM2 digital signature authentication carries out checking and calculates;After the completion of this SM2 digital signature authentication, Obtain the result, the result and complement mark are returned to SM2 controller;Receive the SM2 reset letter that SM2 controller sends Number, reset SM2 arithmetic element.
Preferably, first state machine module specifically for:Call the first mould to add computing module and calculate t=(r '+s ') modn; The first point doubling module is called to calculate [s '] G and [t '] PA;The first point add operation module is called to calculate (x ', y ')=[s '] G+ [t′]PA;Call the first mould to add computing module and calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, verifies Pass through, otherwise verify and do not pass through.
Preferably, SM2 arithmetic element specifically includes:Coordinate transferring, for the point coordinate data on elliptic curve Changed from affine coordinate system to Jacobi Coordinate system;Second state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and communicated with SM2 controller;Second mould adds computing module, for completing SM2 number under Jacobi Coordinate system The calculating of t=(r '+s ') modn in word signature verification algorithm, and R=(e '+x1') calculating of modn, wherein, (r '+s ') For code word of signing, calculate the digest value of messageHv() is digest calculations function," " represents The splicing of former and later two character strings, n is the rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;Second Point doubling module, for propping up in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division arithmetic Hold down, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under Jacobi Coordinate systemA, wherein, G is oval bent The basic point of line, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two elements a, b ∈Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to PAT ' times Point;Second point adds computing module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under Jacobi Coordinate systemATwo points Point add operation, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
Preferably, prime field multiplying is replaced with Montgomery multiplying.
Preferably, Montgomery multiplying institute is replaced by the digital signal processor DSP resource in fpga chip The multiplier needing.
Preferably, the second state machine module specifically for:Read needed for this SM2 digital signature authentication in SM2 controller Parameter data;Receive the SM2 enabling signal that SM2 controller sends, start SM2 arithmetic element;The second mould is called to add computing Module calculates t=(r '+s ') modn;The second point doubling module is called to calculate [s '] G and [t '] PA;Call the second point add operation Module calculates (x ', y ')=[s '] G+ [t '] PA;Call the second mould to add computing module and calculate R=(e '+x1') modn, checking R= Whether r ' sets up, if setting up, being verified, otherwise verifying and do not pass through;After the completion of this SM2 digital signature authentication, acquisition is tested Card result, the result and complement mark are returned to SM2 controller;Receive the SM2 reset signal that SM2 controller sends, multiple Position SM2 arithmetic element.
The present invention has the beneficial effect that:
By means of the technical scheme of the embodiment of the present invention, take full advantage of fpga chip resource, can effectively lift SM2 and calculate The arithmetic speed of method;The technical scheme of the embodiment of the present invention can apply to all kinds of safety certification fields, simultaneously according to specific Application scenarios and technical need, take flexible configuration mode, realize system resource and the reasonable distribution of operation efficiency.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can Become apparent, below especially exemplified by the specific embodiment of the present invention.
Brief description
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are common for this area Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred embodiment, and is not considered as to the present invention Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
Fig. 1 is the SM2 digital signature verification algorithm flow chart of the embodiment of the present invention;
Fig. 2 is the structural representation of the fpga chip for SM2 digital signature verification algorithm of the embodiment of the present invention;
Fig. 3 is the schematic diagram of the SM2 signature verification fpga chip internal structure of the embodiment of the present invention;
Fig. 4 be the embodiment of the present invention affine coordinate system under SM2 signature verification arithmetic element realize schematic diagram;
Fig. 5 be the embodiment of the present invention Jacobi Coordinate system under SM2 signature verification arithmetic element realize schematic diagram.
Specific embodiment
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing Exemplary embodiment it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here Limited.On the contrary, these embodiments are provided to be able to be best understood from the disclosure, and can be by the scope of the present disclosure Complete conveys to those skilled in the art.
The invention provides a kind of fpga chip for SM2 digital signature verification algorithm, SM2 is realized based on fpga chip The checking computing of digital signature in national password standard.Application scenarios or application demand are all kinds of safe terminal systems.This Bright embodiment is based on digital signature verification algorithm in national Password Management office SM2 standard, realizes prime field and calculate on fpga chip Method calculates.In addition pass through the data conversion of affine coordinate system and Jacobi Coordinate system, design can be optimized to SM2 algorithm, The operation efficiency of fpga chip thus can be improved.Meanwhile, programmable features and configurable characteristic, chip are had by fpga chip EBI can carry out R & D design, reduces cost according to concrete system requirements, improves efficiency.
As described above, the FPGA of SM2 signature algorithm realizes being equal to existing Special safety chip in terms of calculation function.But It is because fpga chip has the characteristic such as configurable, programmable, scalable so that the FPGA realization of SM2 Digital Signature Algorithm can According to specific application scenarios and application demand, flexibly to be realized the selection of algorithm computational efficiency and system cost of implementation. I.e. under algorithm real-time less demanding application demand environment, the fpga chip of internal resource more saving can be selected, enter The algorithm based on affine coordinate system for the row is realized;On the other hand, for the application demand environment that requirement of real-time is higher, can select Internal resource is compared with the fpga chip of horn of plenty, and can adopt algorithm optimization, or improves the technological means such as chip clock, comes Improve arithmetic speed and system effectiveness further.Meanwhile, again can be according to specific system bus type, flexible configuration chip pair External system bus, improves the system self-adaptability of chip, is also another advantage that FPGA realizes compared to Special safety chip. Below in conjunction with accompanying drawing and embodiment, the present invention will be described in further detail.It should be appreciated that concrete reality described herein Apply example only in order to explain the present invention, do not limit the present invention.
Before the technical scheme to the embodiment of the present invention is described in detail, first to SM2 national standard digital signature Verification algorithm is described in detail.
《SM2 ellipse curve public key cipher algorithm》National standard is divided into four parts, including:General provisions, Digital Signature Algorithm, IKE, public key encryption algorithm.Digital Signature Algorithm includes again:Elliptic curve systems parameter, user key to, auxiliary Function, user's other information, the generating algorithm of digital signature and flow process, the verification algorithm of digital signature and flow process etc..
The FPGA that the embodiment of the present invention mainly completes digital signature verification algorithm realizes and effectiveness of performance optimization.Main below Illustrate SM2 digital signature verification algorithm basic condition, subsequently again FPGA is realized and optimize and make an explanation.
SM2 digital signature verification algorithm, specific as follows:
Input:
1st, elliptic curve parameter:Including finite field FpScale q, define elliptic curve E (Fq) equation two elements a, b ∈Fq、E(Fq) on basic point G=(xG,yG) (G ≠ O), wherein xGAnd yGIt is FpIn two elements, elliptic curve basic point E (Fq) On the rank n of G and other option(Cofactor h as n etc.);
2、ZA:The Hash Value of the distinguished mark of user, part elliptical curve systematic parameter and user's A public key;
3、PA:The public key of user;
4、M':Message to be verified;
5、(r',s'):The signature code word that system receives.
Output:The result:It is verified or verifies and do not pass through.
Step:Fig. 1 is the SM2 digital signature verification algorithm flow chart of the embodiment of the present invention, as shown in figure 1, in order to check Message M' receiving and its digital signature (r', s'), the user as verifier needs to realize following calculation step:
Step 1, whether inspection r' ∈ [1, n-1] sets up, if not, then verify and do not pass through, wherein n is elliptic curve Rank;
Step 2, whether inspection s' ∈ [1, n-1] sets up, if not, then verify and do not pass through, wherein n is elliptic curve Rank;
Step 3, putsThe splicing of wherein " " former and later two character strings of operator representation;
Step 4, calculatesCalculate the digest value of message, wherein Hv() is digest calculations function;
Step 5, signature codeword data type is converted to integer, calculates t=(r '+s ') modn, if t=0, verify not Pass through;
Step 6, calculates elliptic curve point (x ', y ')=[s '] G+ [t '] PA, wherein (x ', y ') is on elliptic curve Point, [s '] G and [t '] PAFor point doubling [s '] G+ [t '] PAFor point add operation;
Step 7, calculates R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, is verified;Otherwise verify Do not pass through, wherein x1' it is one of above-mentioned steps 6 calculated elliptic curve point (x ', y ') coordinate element.
Hereinafter the technical scheme of the embodiment of the present invention is described in detail.
According to embodiments of the invention, there is provided a kind of fpga chip for SM2 digital signature verification algorithm, Fig. 2 is The structural representation of the fpga chip for SM2 digital signature verification algorithm of the embodiment of the present invention, as shown in Fig. 2 according to this The fpga chip for SM2 digital signature verification algorithm of inventive embodiments includes:System bus interface 20, SM2 controller 22, And SM2 arithmetic element 24, below the modules of the embodiment of the present invention are described in detail.
System bus interface 20, for being communicated with the external system of fpga chip, obtains SM2 numeral from external system Parameter data needed for signature verification, and write SM2 controller 22, receive control message, the work shape that external system sends State query messages and operation result query messages, and it is sent to SM2 controller 22;
Wherein, system bus interface 20 includes:Meet universal industrial bus standard system bus interface 20 or, symbol Share the system bus interface 20 of family self-defined bus interface protocol.
SM2 controller 22, is connected with system bus interface 20 and SM2 arithmetic element 24, for being triggered according to control message SM2 arithmetic element 24, after receiving working condition query messages and operation result query messages, by system bus interface 20 Send working condition and the result of SM2 arithmetic element 24 to external system;
SM2 controller 22 specifically includes:
Control register, for the situation in the control message receiving external system transmission by system bus interface 20 Under, according to control message, SM2 arithmetic element 24 is triggered by SM2 enabling signal and starts, SM2 fortune is triggered by SM2 reset signal Calculate unit 24 to reset;
Data register, this SM2 digital signature for being received external system transmission by system bus interface 20 is tested The required parameter data of card, and stored, after control register reset SM2 arithmetic element 24, empty this SM2 numeral Parameter data needed for signature verification;
Status register, for, in the case of receiving working condition query messages, inquiring about the work of SM2 arithmetic element 24 Make state, and working condition is sent to by external system by system bus interface 20;Proactive notification external system SM2 computing list Unit 24 has completed this SM2 digital signature authentication;In the case of receiving operation result query messages, connect by system bus Mouth 20 sends the result of this SM2 digital signature authentication to external system.
SM2 arithmetic element 24, under the triggering of SM2 controller 22, reading this SM2 number from SM2 controller 22 Parameter data needed for word signature verification, carries out carrying out checking calculating according to SM2 digital signature verification algorithm, by the result It is sent to SM2 controller 22.With 2 examples, the structure of SM2 arithmetic element 24 will be illustrated below.
Example 1
SM2 arithmetic element 24 specifically includes:
First state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is entered with SM2 controller 22 Row communication;
First state machine module specifically for:Read this parameter needed for SM2 digital signature authentication in SM2 controller 22 Data;Receive the SM2 enabling signal that SM2 controller 22 sends, start SM2 arithmetic element 24;According to SM2 digital signature authentication Computing process invocation the first point doubling module of algorithm, the first point add operation module, the first mould add computing module, and according to this Parameter data needed for secondary SM2 digital signature authentication carries out checking and calculates;After the completion of this SM2 digital signature authentication, obtain Take the result, the result and complement mark are returned to SM2 controller 22;Receive the SM2 reset that SM2 controller 22 sends Signal, reset SM2 arithmetic element 24.
Wherein, according to computing process invocation the first point doubling module of SM2 digital signature verification algorithm, the first point add operation Module, the first mould add computing module, and the parameter data according to needed for this SM2 digital signature authentication carries out checking and calculates tool Body includes processing as follows:
Call the first mould to add computing module and calculate t=(r '+s ') modn;The first point doubling module is called to calculate [s '] G [t '] PA;The first point add operation module is called to calculate (x ', y ')=[s '] G+ [t '] PA;The first mould is called to add computing module meter Calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, being verified, otherwise verifying and do not pass through.
First mould adds computing module, for complete under affine coordinate system the t=in SM2 digital signature verification algorithm (r '+ S ') modn calculating, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates the summary of message ValueHv() is digest calculations function," " represents the splicing of former and later two character strings, and n is ellipse The rank of circular curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
First point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field Under the support of division arithmetic, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under affine coordinate systemA, wherein, G is the basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two Individual element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PAIt is Refer to PAT ' times of point;
First point add operation module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field Under the support of division arithmetic, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under affine coordinate systemATwo points Point add operation, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
Example 2:
SM2 arithmetic element 24 specifically includes:
Coordinate transferring, for being entered to Jacobi Coordinate system from affine coordinate system to the point coordinate data on elliptic curve Row conversion;
Second state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is entered with SM2 controller 22 Row communication;
Second state machine module specifically for:Read this parameter needed for SM2 digital signature authentication in SM2 controller 22 Data;Receive the SM2 enabling signal that SM2 controller 22 sends, start SM2 arithmetic element 24;The second mould is called to add computing mould Block calculates t=(r '+s ') modn;The second point doubling module is called to calculate [s '] G and [t '] PA;Call the second point add operation mould Block calculates (x ', y ')=[s '] G+ [t '] PA;Call the second mould to add computing module and calculate R=(e '+x1') modn, checking R=r ' Whether set up, if setting up, being verified, otherwise verifying and do not pass through;After the completion of this SM2 digital signature authentication, obtain checking As a result, the result and complement mark are returned to SM2 controller 22;Receive the SM2 reset signal that SM2 controller 22 sends, Reset SM2 arithmetic element 24.
Second mould adds computing module, for completing the t=in SM2 digital signature verification algorithm under Jacobi Coordinate system The calculating of (r '+s ') modn, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates message Digest valueHv() is digest calculations function," " represents the splicing of former and later two character strings, n For the rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
Second point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field Under the support of division arithmetic, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under Jacobi Coordinate systemA, its In, G is the basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation Two element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to PAT ' times of point;
Second point adds computing module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field Under the support of division arithmetic, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under Jacobi Coordinate systemATwo The point add operation of point, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
It should be noted that in examples detailed above 1 and example 2, prime field multiplying can be replaced with Montgomery multiplying.Further, it is also possible to be replaced by the digital signal processor DSP resource in fpga chip Multiplier needed for Montgomery multiplying.
Below in conjunction with accompanying drawing, the technique scheme of the embodiment of the present invention is described in detail.
Fig. 3 is the schematic diagram of the SM2 signature verification fpga chip internal structure of the embodiment of the present invention, as shown in figure 3, being based on Fpga chip completes SM2 digital signature authentication, and chip is integrally realized including three parts:System bus interface 20, SM2 controller 22 and SM2 arithmetic elements 24.
Separately below system bus interface 20, SM2 controller 22 and SM2 arithmetic element 24 are illustrated.
1st, system bus interface 20
System bus interface 20 is realized more flexible, can be general industrial bus standard or user makes by oneself Adopted bus inferface protocol, needs to be designed developing according to specific system requirements.The effect of system bus interface 20 is mainly: Communicated with chip exterior system based on the SM2 signature verification chip of FPGA, including signature verification desired parameters data Write, the control of SM2 chip and chip status inquiry and operation result inquiry.
2nd, SM2 controller 22
The realization of SM2 controller 22 is mainly register group.Functionally divide, main inclusion:Control register, data are posted Storage, status register.The register group of SM2 controller 22 can regard EBI and the intermediate axle of SM2 arithmetic element 24 as Beam or intermediate link, can realize external system to the control of SM2 arithmetic element 24 or access by SM2 controller 22.
Control register
Control register has two signal positions, is functionally divided into:SM2 enabling signal and SM2 reset signal.SM2 opens Dynamic signal is mainly used in the computing startup function of SM2 chip, and this control function is completed by a trigger, can be level Triggering or edge triggering, are weighed according to design requirement;External system passes through EBI to SM2 controller 22 Control register write triggers this signal.SM2 reset signal is mainly used in the reset of SM2 arithmetic element 24, and this reset signal is Low level effective, external system is passed through EBI and is triggered this signal, this signal to the control register write of SM2 controller 22 General complete a SM2 signature verification computing in SM2 arithmetic element 24, external system after the result is taken away, put Position, by set, can reset SM2 arithmetic element 24, in case new SM2 signature verification calculates.
Data register
Data register is mainly used in storing the data needed for SM2 arithmetic element 24 calculates, and these data include:SM2 number Elliptic curve parameter needed for word signature verification algorithm(Scale q, two element a and b of elliptic curve equation, basic point G(Mainly For basic point coordinate element), the rank n of basic point G and other option etc.), for checking calculate client public key PA, to be verified The summary of messageSigned codevector (r', s') word calculating for checking etc.(Note, chip design of the present invention is main Complete SM2 digital signature verification algorithm step 5 to step 7, due to the operand very little of above several steps, can be in FPGA core Complete in piece external system, chip internal completes the big step of operand below, so can save the area of chip and become This);Wherein, elliptic curve parameter may be referred to the reference parameter providing in SM2 standard it is also possible to count by the checking of user's early stage Calculate the elliptic curve parameter voluntarily drawing.Data register as data buffer storage, before SM2 arithmetic element 24 triggering starts and calculates By DSR, therefore before SM2 arithmetic element 24 startup, external system is needed to pass through external bus interface by above-mentioned data Write;After SM2 arithmetic element 24 starts computing, SM2 arithmetic element 24 is by above-mentioned data read-out;After data read-out, this data Register can be treated that this SM2 signature verification calculates and terminate, and empties to after SM2 arithmetic element 24 reset, and wait is new once Again new data is write before SM2 computing.
Status register
Status register can be used for inquiring about the working condition of chip SM2 arithmetic element 24, including:In free time, calculating, count Complete.Additionally, status register can comprise a computing complement mark position, for providing the interrupt identification of external system, Can be calculated with proactive notification external system SM2 by this mark and complete.Meanwhile, status register also has a flag bit, referred to as Result flag bit, for representing the result, including two classes:It is proved to be successful and authentication failed, external system can read this mark Will position, obtains operation result.
3rd, SM2 arithmetic element 24
The embodiment of the present invention is based primarily upon above-mentioned SM2 signature verification fpga chip internal structure and is designed realizing, mainly Work concentrates on SM2 arithmetic element 24.It is designed under affine coordinate system first, realize, verify;Then in Jacobi coordinate Under system, optimization that the related algorithm of SM2 arithmetic element 24, computation structure are carried out, thus improve SM2 signature verification to calculate speed Degree.This invention carries out chip design based on FPGA, basic structure three major parts still as shown in Figure 3, and difference is The realization of SM2 arithmetic element 24 is different.It should be noted that the realization of the SM2 arithmetic element 24 of Fig. 3 is based on affine coordinate system 's.Two classes of SM2 arithmetic element 24 are realized:Under affine coordinate system, SM2 signature checking arithmetic element be embodied as substantially real Existing;Under Jacobi Coordinate system, the checking arithmetic element of SM2 signature is realized, and is that a kind of optimization that can improve arithmetic speed is realized Scheme, but more fpga chip resources can be taken.Concrete condition is with reference to description below.
The realization of SM2 signature verification arithmetic element under affine coordinate system
Fig. 4 be the embodiment of the present invention affine coordinate system under SM2 signature verification arithmetic element realize schematic diagram, as Fig. 4 institute Show, SM2 arithmetic element 24 is communicated with SM2 controller 22, and signal type includes:Control signal write, data write, state And result reads, its semiotic function corresponds to control register, data register and Status register in SM2 controller 22 respectively The function of device.
It is important to note that this SM2 arithmetic element 24, mainly complete the step 5 of SM2 digital signature verification algorithm to The calculating process of step 7.Because a few step calculating process amounts of calculation of signing are little, can complete in chip exterior.
According to shown in Fig. 4, the internal structure of SM2 arithmetic element 24 includes:State machine module, point doubling module, point add Computing module(Point plus the point add operation referring to Point on Elliptic Curve, need bottom prime number domain operation to support, take advantage of including prime field Method, prime field division and prime field addition and subtraction), mould add computing module.
1st, state machine module
According to fpga chip state machine design feature, the state machine major function in SM2 arithmetic element 24 is:SM2 computing Row control, and the communication function with SM2 controller 22.The state of state machine controls the transfer flow to be:Read SM2 controller The data of data register in 22>The enabling signal of control register in response SM2 controller 22>Carry out SM2 meter Calculate>SM2 calculates and completes, and obtains operation result, and result and complement mark return to the Status register of SM2 control register Device>Wait the reset signal of SM2 controller 22.
The function of state machine is specific as follows:
(1)SM2 digital independent, the main data reading data register in SM2 controller 22, this is state machine once Before the computing of complete S M2, first have to the work completing.
(2)SM2 control signal responds:The enabling signal being given primarily responsive to SM2 controller 22 and reset signal.Response is opened Dynamic signal, starts SM2 and calculates;Response reset signal, resets to SM2 arithmetic element 24, prepares once new calculating.
(3)Control SM2 calculating process, the calculating according to SM2 digital signature verification algorithm step 5 to step 7 requires, respectively Dispatch each computing module in order once, specially:
Mould adds computing, mainly completes t=(r '+s ') modn and calculates;
Point doubling is successively each once, [s '] G and [t '] PA
Point add operation, [s '] G+ [t '] PA
Mould adds computing, R=(e '+x1′)modn.
(4)Provide checking SM2 signature verification result, and return state and checking to the status register of SM2 controller 22 Result.
2nd, point add operation module
This module mainly completes [s '] G and [t '] P of SM2 digital signature verification algorithm step 6AThe point of two points adds fortune Calculate, i.e. (x ', y ')=[s '] G+ [t '] PA.
Point add operation rule is listed below, as follows:
(1)If two point P1=(x1,y1) and P2=(x2,y2), seek P3=(x3,y3)=P1+P2
(2)Then x 3 = ( y 2 - y 1 x 2 - x 1 ) 2 - x 1 - x 2 With y 3 = ( y 2 - y 1 x 2 - x 1 ) ( x 1 - x 3 ) - y 1 .
According to above-mentioned operation rule, elliptic curve point add operation, need bottom prime field signed magnitude arithmetic(al), prime field Multiplying and the support of prime field division arithmetic.
3rd, point doubling module
Point doubling module is mainly responsible for completing [s '] G in SM2 digital signature verification algorithm step 6 and [t '] PATwice Computing.
In the embodiment of the present invention, [s '] G is the point doubling completing first, [t '] PAIt is times point fortune subsequently to be completed Calculate.G is the basic point of elliptic curve, PAIt is client public key, be also a point on elliptic curve.[s '] G refers to s ' times of point of G, [t′]PARefer to PAT ' times of point.Correlation theories knowledge according to elliptic curve understands, the point on elliptic curve completes point doubling Point after one-tenth, still on this elliptic curve, namely this point is also the point of elliptic curve, therefore [s '] G and [t '] PAIt is oval Two points on curve.The result that this two points carry out point add operation is also the point on elliptic curve.
In terms of calculating process, the essence of point doubling can regard multiple point add operation as, and therefore point doubling still needs The prime field signed magnitude arithmetic(al) of bottom to be called, prime field multiplying and prime field division arithmetic module.
4th, mould adds computing module
It is relatively simple that mould adds computing, that is, after data summation, then carries out modulus computing.Mainly it is responsible for completing SM2 digital signature T=(r '+s ') modn of verification algorithm step 5 calculates, and the R=(e '+x of step 71') modn calculating.
The above-mentioned SM2 signature verification arithmetic element under affine coordinate system, realized based on fpga chip, completes a SM2 Signature computing, generally requires more than 500 additional calculation, corresponding division calculation then needs more than 20,000 time.For example, according to SM2 point Plus the computation rule of computing, need 1 division calculation and three multiplication to calculate, but the division calculation amount in prime field is multiplication 50 times, therefore can it is clear that:Maximum Calculation bottleneck is exactly substantial amounts of division arithmetic.
Here, in order to reduce the division arithmetic amount under affine coordinate system, Jacobi Coordinate system can be introduced.Sit in Jacobi Coordinate under mark system can be expressed as, and it correspond to affine coordinate, therefore can be considered as coordinate vector in Jacobi coordinate system Intermediate variable, using the mutual conversion that can complete affine coordinate system and Jacobi Coordinate system.
By the mutual conversion of affine coordinate system and Jacobi Coordinate system so that SM2 signature verification calculates in Jacobi's seat Mark system is lower to be realized, and can be prevented effectively from substantial amounts of division calculation hence it is evident that reducing amount of calculation.And complete a SM2 computing During, affine coordinate system only needs 1 time with the mutual conversion of Jacobi Coordinate system.Even one time SM2 signature computing, also only Need division arithmetic two or three times, can greatly optimize arithmetic element and arithmetic speed.Inherently see, by affine coordinate system with The conversion of Jacobi Coordinate system, effectively eliminates division calculation amount call number, be mainly reflected in effectively reduce times put and point plus The call number to prime field division for the calculating process.
Above know, by the mutual conversion of affine coordinate system and Jacobi Coordinate system, can effectively reduce division arithmetic. Therefore, after division arithmetic optimization realization, main Calculation bottleneck is then multiplying.
Multiplying in prime field is all modular multiplication, i.e. c=a × bmodp.Or traditional multiplying needs to borrow Division is helped to take the remainder, or realizing by the subtraction of low rate.The present invention adopts Montgomery multiplication(Meng Gema Sharp multiplication)The multiplication that then can effectively optimize prime field calculates, and complicated computing is changed into the multiplication of simply low precision Computing is realizing.Montgomery multiplying is as follows:
Algorithm:Montgomery Multiplication(Montgomery multiplication calculates)
Input:
1st, domain Fp, mould p, orderP=n1□2D+n0, n 0 ′ = - n 0 - 1 mod 2 D ;
2nd, integer a, b ∈ [0, p-1], a=a1□2D+a0, b=b1□2D+b0
3rd, integer T = Σ i = 0 2 2 iD t i , Integer m.
Output:C=a b × R-1modp
Step:
Step 1, T=a0b0
Step 2, m=(t0n′0)mod2D
Step 3, T=(T+mn0) > > D;
Step 4, T=T+a0b1+a1b0+mn1
Step 5, m=(t0n′0)mod2D
Step 6, T=(T+mn0) > > D;
Step 7, c=(T+a1b1+mn1)modp.
By the step of realizing in the description of above-mentioned algorithm, a modular multiplication was originally completed on prime field, can To be converted into the multiplying of simply low precision several times.Therefore can effectively reduce the computing week of original prime field multiplying Phase, improve the arithmetic speed of SM2 digital signature authentication computing.But it is based on above-mentioned Montgomery multiplying, the present invention is By FPGA programming realization, need to take more fpga logic resources.Therefore under Jacobi coordinate system, realize SM2 numeral Signature verification computing, fpga chip area is big compared with the realization under affine coordinate system.Below under Jacobi coordinate system, SM2 number The situation of realizing of word signature verification arithmetic element illustrates.
The realization of SM2 signature verification arithmetic element under Jacobi Coordinate system
Fig. 5 be the embodiment of the present invention Jacobi Coordinate system under SM2 signature verification arithmetic element realize schematic diagram, such as Fig. 5 Shown, contrast with Fig. 4, the main distinction is:
1st, increased coordinate transferring, sat to Jacobi from affine coordinate system for the point coordinate data on elliptic curve The conversion of mark system, the point data of data register mainly in SM2 controller, first finished after conversion by coordinate transferring, then Write SM2 arithmetic element, calculates and point plus calculating for putting again;
2nd, in Fig. 5, point calculates and point adds calculating and all completes under Jacobi Coordinate system again, and it is to bottom arithmetic element Call number significantly reduce, particularly prime field division and multiplying are called;
3rd, in Fig. 5, replace original prime field multiplying with Montgomery multiplying module, can effectively improve System operations speed.
Each several part shown in Fig. 5, its function and module are realized, substantially same as shown in Figure 4, will not be described here.
It should be noted that comprising DSP resource inside the fpga chip of certain model, these DSP resources are through optimizing Multiply-accumulate module, DSP quantity allow under conditions of, using DSP realize simply low precision multiplying, be better than The internal general multiplier of fpga chip.
Therefore by using abundant DSP resource inside fpga chip, can be to low essence in Montgomery multiplying Degree multiplication calculates makees further hardware optimization.Utilize the internal DSP substitution of resources original Montgomery computing of fpga chip Required multiplier.Then the computational efficiency of Montgomery multiplication can improve by about one time, this be also in concrete application demand and A kind of optimization means under system cost enabled condition.
Table 1 is that M2 algorithm FPGA realizes and its optimize resource efficiency comparing situation, and as shown in table 1, listed FPGA realizes Mode is mainly:Under affine coordinate system and Jacobi Coordinate system, averagely complete the comparing result of SM2 signature verification calculating. Including:Affine coordinate system is realized, Jacobi Coordinate system realizes(General multipliers are replaced using 1 times of DSP resource), Jacobi Coordinate system is realized and prioritization scheme 1(General multipliers are replaced using 1 times of DSP resource, and it is excellent to carry out adder to synthesis tool Change), Jacobi Coordinate system realize and prioritization scheme 2(Replace general multipliers using 2 times of DSP resources).
Table 1
In sum, by means of the technical scheme of the embodiment of the present invention, sat with Jacobi using affine coordinate system coordinate system The method of mark system mutually conversion, and make full use of fpga chip resource, can effectively lift the arithmetic speed of SM2 algorithm.This The implementation method of invention and optimization method, can apply to all kinds of safety certification fields, simultaneously according to specific application scenarios and Technical need, takes flexible configuration mode, realizes system resource and the reasonable distribution of operation efficiency.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein. Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various Programming language realizes the content of invention described herein, and the description above language-specific done is to disclose this Bright preferred forms.
In specification mentioned herein, illustrate a large amount of details.It is to be appreciated, however, that the enforcement of the present invention Example can be put into practice in the case of not having these details.In some instances, known method, structure are not been shown in detail And technology, so as not to obscure the understanding of this description.
Similarly it will be appreciated that in order to simplify the disclosure and help understand one or more of each inventive aspect, Above in the description to the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor The application claims of shield more features than the feature being expressly recited in each claim.More precisely, it is such as following Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore, The claims following specific embodiment are thus expressly incorporated in this specific embodiment, wherein each claim itself All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that and the module in the equipment in embodiment can be carried out adaptively Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list Unit or assembly be combined into a module or unit or assembly, and can be divided in addition multiple submodule or subelement or Sub-component.In addition to such feature and/or at least some of process or unit exclude each other, can adopt any Combination is to this specification(Including adjoint claim, summary and accompanying drawing)Disclosed in all features and so disclosed Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification(Including adjoint power Profit requires, makes a summary and accompanying drawing)Disclosed in each feature can carry out generation by the alternative features providing identical, equivalent or similar purpose Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments In included some features rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint One of meaning can in any combination mode using.
The all parts embodiment of the present invention can be realized with hardware, or to run on one or more processor Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice Microprocessor or digital signal processor(DSP)To realize according to embodiments of the present invention calculating for SM2 digital signature authentication The some or all functions of some or all parts in the fpga chip of method.The present invention is also implemented as executing Some or all equipment of method as described herein or program of device(For example, computer program and computer journey Sequence product).Such program realizing the present invention can store on a computer-readable medium, or can have one or The form of multiple signals.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or There is provided with any other form.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such Element.The present invention can come real by means of the hardware including some different elements and by means of properly programmed computer Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame Claim.

Claims (9)

1. a kind of fpga chip for SM2 digital signature verification algorithm is it is characterised in that include:
System bus interface, for being communicated with the external system of described fpga chip, obtains SM2 number from described external system Parameter data needed for word signature verification, and write described SM2 controller, the control receiving described external system transmission disappears Breath, working condition query messages and operation result query messages, and it is sent to described SM2 controller;
SM2 controller, is connected with described system bus interface and described SM2 arithmetic element, for being touched according to described control message Send out SM2 arithmetic element described, after receiving described working condition query messages and described operation result query messages, by institute State working condition and the result that system bus interface sends described SM2 arithmetic element to described external system;
SM2 arithmetic element, under the triggering of described SM2 controller, reading this SM2 numeral from described SM2 controller Parameter data needed for signature verification, carries out carrying out checking calculating according to described SM2 digital signature verification algorithm, will checking knot Fruit is sent to described SM2 controller;
Described SM2 arithmetic element specifically includes:
Coordinate transferring, for being carried out turning to Jacobi Coordinate system from affine coordinate system to the point coordinate data on elliptic curve Change;
Second state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is carried out with described SM2 controller Communication;
Second mould adds computing module, for complete under Jacobi Coordinate system the t=in SM2 digital signature verification algorithm (r '+ S ') modn calculating, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates the summary of message ValueHv() is digest calculations function,Represent the splicing of former and later two character strings, n is The rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
Second point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division Under the support of computing, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under Jacobi Coordinate systemA, wherein, G It is the basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two Individual element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PAIt is Refer to PAT ' times of point;
Second point adds computing module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under Jacobi Coordinate systemATwo points Point add operation, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
2. fpga chip as claimed in claim 1 is it is characterised in that described system bus interface includes:Meet universal industrial The system bus interface of bus standard;Or meet the system bus interface of User Defined bus inferface protocol.
3. fpga chip as claimed in claim 1 is it is characterised in that described SM2 controller specifically includes:
Control register, for receiving, by described system bus interface, the described control message that described external system sends In the case of, according to described control message, started by the described SM2 arithmetic element of SM2 enabling signal triggering, resetted by SM2 The described SM2 arithmetic element of signal triggering resets;
Data register, for receiving, by described system bus interface, this SM2 digital signature that described external system sends The required parameter data of checking, and stored, after described control register resets described SM2 arithmetic element, empty this Parameter data needed for secondary SM2 digital signature authentication;
Status register, for, in the case of receiving described working condition query messages, inquiring about described SM2 arithmetic element Working condition, and described working condition is sent to by described external system by described system bus interface;Described in proactive notification SM2 arithmetic element described in external system has completed this SM2 digital signature authentication;Receiving described operation result query messages In the case of, send the result of this SM2 digital signature authentication to described external system by described system bus interface.
4. fpga chip as claimed in claim 1 it is characterised in that or, described SM2 arithmetic element specifically includes:
First state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is carried out with described SM2 controller Communication;
First mould adds computing module, for completing the t=(r '+s ') in SM2 digital signature verification algorithm under affine coordinate system The calculating of modn, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates the digest value of messageHv() is digest calculations function," | | " represents the splicing of former and later two character strings, and n is ellipse The rank of circular curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
First point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division Under the support of computing, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under affine coordinate systemA, wherein, G is The basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) two of equation Element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to PAT ' times of point;
First point add operation module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under affine coordinate systemAThe point of two points Plus computing, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
5. fpga chip as claimed in claim 4 it is characterised in that described first state machine module specifically for:
Read this parameter data needed for SM2 digital signature authentication in described SM2 controller;
Receive the described SM2 enabling signal that described SM2 controller sends, start described SM2 arithmetic element;
According to the computing process invocation of SM2 digital signature verification algorithm the first point doubling module, described first point add fortune Calculate module, described first mould adds computing module, and the parameter data according to needed for this SM2 digital signature authentication is verified Calculate;
After the completion of this SM2 digital signature authentication, obtain the result, described the result and complement mark are returned to institute State SM2 controller;
Receive the described SM2 reset signal that described SM2 controller sends, reset described SM2 arithmetic element.
6. fpga chip as claimed in claim 5 it is characterised in that described first state machine module specifically for:
Call described first mould to add computing module and calculate t=(r '+s ') modn;
Described first point doubling module is called to calculate [s '] G and [t '] PA
Described first point add operation module is called to calculate (x ', y ')=[s '] G+ [t '] PA
Call described first mould to add computing module and calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, verifies Pass through, otherwise verify and do not pass through.
7. the fpga chip as described in claim 1 or 4 is it is characterised in that replace with illiteracy brother by described prime field multiplying Horse profit Montgomery multiplying.
8. fpga chip as claimed in claim 7 is it is characterised in that pass through the digital signal processor in described fpga chip DSP resource replaces the multiplier needed for described Montgomery multiplying.
9. fpga chip as claimed in claim 1 it is characterised in that described second state machine module specifically for:
Read this parameter data needed for SM2 digital signature authentication in described SM2 controller;
Receive the described SM2 enabling signal that described SM2 controller sends, start described SM2 arithmetic element;
Call described second mould to add computing module and calculate t=(r '+s ') modn;
Described second point doubling module is called to calculate [s '] G and [t '] PA
Call described second point to add computing module and calculate (x ', y ')=[s '] G+ [t '] PA
Call described second mould to add computing module and calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, verifies Pass through, otherwise verify and do not pass through;
After the completion of this SM2 digital signature authentication, obtain the result, described the result and complement mark are returned to institute State SM2 controller;
Receive the described SM2 reset signal that described SM2 controller sends, reset described SM2 arithmetic element.
CN201210540967.XA 2012-12-13 2012-12-13 Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm Active CN103049710B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210540967.XA CN103049710B (en) 2012-12-13 2012-12-13 Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210540967.XA CN103049710B (en) 2012-12-13 2012-12-13 Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm

Publications (2)

Publication Number Publication Date
CN103049710A CN103049710A (en) 2013-04-17
CN103049710B true CN103049710B (en) 2017-02-08

Family

ID=48062343

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210540967.XA Active CN103049710B (en) 2012-12-13 2012-12-13 Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm

Country Status (1)

Country Link
CN (1) CN103049710B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103888246A (en) * 2014-03-10 2014-06-25 深圳华视微电子有限公司 Low-energy-consumption small-area data processing method and data processing device thereof
CN106789078A (en) * 2016-12-29 2017-05-31 记忆科技(深圳)有限公司 A kind of digital signature identification system based on ahb bus
CN107026859A (en) * 2017-03-31 2017-08-08 西安电子科技大学 A kind of safe transmission method of privacy cloud medical data
US10505744B2 (en) * 2017-06-29 2019-12-10 Intel Corporation Technologies for robust computation of elliptic curve digital signatures
CN108322308B (en) * 2017-12-14 2021-01-12 天津津航计算技术研究所 Hardware implementation system of digital signature algorithm for identity authentication
CN109977702B (en) * 2019-04-08 2023-08-04 成都靖尧通信技术有限公司 FPGA equipment encryption authentication system based on DS2432 chip
US11323268B2 (en) * 2019-06-28 2022-05-03 Intel Corporation Digital signature verification engine for reconfigurable circuit devices
CN113055189B (en) * 2021-06-02 2021-08-10 工业信息安全(四川)创新中心有限公司 SM2 digital signature verification failure reason judgment method, device, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1700641A (en) * 2004-03-18 2005-11-23 株式会社东芝 Digital signature assurance system, method, program and apparatus
CN102104482A (en) * 2009-12-21 2011-06-22 上海华虹集成电路有限责任公司 Method for infinity point representation under affine coordinate system in elliptic curve cryptosystem
CN102737270A (en) * 2011-04-15 2012-10-17 航天信息股份有限公司 Security co-processor of bank smart card chip based on domestic algorithms
CN102761413A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 Implementation system of p-element domain SM2 elliptic curve public key cryptographic algorithm

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1700641A (en) * 2004-03-18 2005-11-23 株式会社东芝 Digital signature assurance system, method, program and apparatus
CN102104482A (en) * 2009-12-21 2011-06-22 上海华虹集成电路有限责任公司 Method for infinity point representation under affine coordinate system in elliptic curve cryptosystem
CN102737270A (en) * 2011-04-15 2012-10-17 航天信息股份有限公司 Security co-processor of bank smart card chip based on domestic algorithms
CN102761413A (en) * 2011-04-27 2012-10-31 航天信息股份有限公司 Implementation system of p-element domain SM2 elliptic curve public key cryptographic algorithm

Also Published As

Publication number Publication date
CN103049710A (en) 2013-04-17

Similar Documents

Publication Publication Date Title
CN103049710B (en) Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm
JP7534024B2 (en) A system for protecting verification keys from modification and for verifying proofs of correctness
US11177957B2 (en) Hardware security modules for executing zero-knowledge proofs
Pan et al. An efficient elliptic curve cryptography signature server with GPU acceleration
CN106105093B (en) The method and apparatus that elliptic curve point for resisting other channel information leakage is multiplied
CN103970720B (en) Based on extensive coarseness imbedded reconfigurable system and its processing method
CN104579656A (en) Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm
US8428252B1 (en) Using multiples above two with running totals in elliptic curve cryptography scalar multiplication acceleration tables
CN108063758A (en) For the node in the signature verification method of block chain network and block chain network
CN107135078B (en) PBKDF2 cryptographic algorithm acceleration method and device used thereby
CN104461449A (en) Large integer multiplication realizing method and device based on vector instructions
Kudithi An efficient hardware implementation of the elliptic curve cryptographic processor over prime field
CN103942031A (en) Elliptic domain curve operational method and elliptic domain curve arithmetic unit
CN103761068A (en) Optimized Montgomery modular multiplication method, optimized modular square method and optimized modular multiplication hardware
CN108228754A (en) flow generation method and terminal device
US12047514B2 (en) Digital signature verification engine for reconfigurable circuit devices
Pajuelo-Holguera et al. Fast montgomery modular multiplier using FPGAs
CN109144472B (en) Scalar multiplication of binary extended field elliptic curve and implementation circuit thereof
Le et al. Mrsa: A high-efficiency multi romix scrypt accelerator for cryptocurrency mining and data security
WO2021164047A1 (en) Zero knowledge proof hardware accelerator and the method thereof
CN103107879A (en) RAS accelerator
CN102135871B (en) Device for generating random number by using chaos theory and dynamic password token thereof
EP2735963A1 (en) Galois field inversion device
CN103198258B (en) The method of compound system and transmission data
CN110347968A (en) A kind of optimization fft algorithm and device based on FPGA

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant