CN109117677A - A kind of circuit for elliptic curve multi point arithmetic - Google Patents

A kind of circuit for elliptic curve multi point arithmetic Download PDF

Info

Publication number
CN109117677A
CN109117677A CN201811109399.1A CN201811109399A CN109117677A CN 109117677 A CN109117677 A CN 109117677A CN 201811109399 A CN201811109399 A CN 201811109399A CN 109117677 A CN109117677 A CN 109117677A
Authority
CN
China
Prior art keywords
point
coordinate
module
mark
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811109399.1A
Other languages
Chinese (zh)
Inventor
徐建国
潘国振
廖恬瑜
杨艺宾
朱冠胤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201811109399.1A priority Critical patent/CN109117677A/en
Publication of CN109117677A publication Critical patent/CN109117677A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/556Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/724Finite field arithmetic
    • G06F7/725Finite field arithmetic over elliptic curves

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Computing Systems (AREA)
  • Complex Calculations (AREA)

Abstract

A kind of circuit, for realizing the multi point arithmetic of elliptic curve, the circuit includes: input module, for obtaining multiple k;State machine module determines whether circulation terminates in previous cycle for determining cycle-index based on k, and provides the first parameter and the second parameter;Indicate generation module, for generating times point mark, addition mark or a subtraction mark in previous cycle;And point Doubling Points computing module, in previous cycle: based on a times point mark, carrying out two point doublings to more than second times of point coordinate, and operation result is stored as to the coordinate of more than the second times of point;It is then based on addition mark or subtraction mark, the coordinate of coordinate and more than second times of point to the basic point carries out add operation or subtraction, and operation result is stored as to the coordinate of more than the second times of point, and in the case where the state machine module determines the loop termination, coordinate of the coordinate of more than second times of point as more than the first times of point is exported.

Description

A kind of circuit for elliptic curve multi point arithmetic
Technical field
This specification embodiment is related to elliptic curve, relates in particular to the circuit of elliptic curve multi point arithmetic.
Background technique
Elliptic curve is the smooth projective curve that deficiency is 1 on domain, and the point entirety on elliptic curve constitutes a module, Integral point on elliptic curve only has limited multiple, these rational points can be generated by the addition on group.Consider K=kG, wherein K, G is the point on elliptic curve Ep (a, b), and n is the rank of G, and k is the integer less than n, then k and G is given, according to Adding law, meter It calculates K to be easy to but in turn, gives K and G, ask k with regard to extremely difficult.Thus elliptic curve encryption algorithm comes into being.
It is consistent project safely in financial services industry.It is required to use oval song in multiple links of financial service Line Encryption Algorithm.How in the case where guaranteeing safety, accelerates Encryption Algorithm, have become a project.
Summary of the invention
This specification one embodiment provides a kind of circuit, for realizing the multi point arithmetic of elliptic curve.The circuit It include: input module, the multiple k of more than the first times of point for obtaining basic point in elliptic curve;State machine module, for being based on institute The cycle-index that multiple k determines the operation is stated, determines the circulation whether eventually based on the cycle-index in previous cycle Only, and based on the multiple k and 3k the first parameter and the second parameter of previous cycle are provided respectively;Indicate generation module, uses In generating a times point mark in previous cycle, based on the first parameter and second from the received previous cycle of the state machine module Parameter generates addition mark or subtraction mark;Point Doubling Points computing module, wherein being stored with the coordinate and more than second of the basic point The coordinate of point again, wherein the initial value of the coordinate of more than the second times of point is the coordinate of the basic point, and the point doubles point processing Module is used in previous cycle: being based on sit more than second times of point from received times of point mark of the mark generation module Two point doubling of target, and operation result is stored as to the coordinate of more than the second times of point, it is then based on from the mark and generates The coordinate of the received addition mark of module or subtraction mark, coordinate and more than second times of point to the basic point carries out addition fortune It calculates or subtraction, and operation result is stored as to the coordinate of more than the second times of point;And it is determined in the state machine module Coordinate of the coordinate of more than the second times of point as more than the first times of point is exported in the case where the loop termination.
In the first possible embodiment, if the first parameter be 0 and second parameter be 1, indicate generation mould Block generates addition mark;If the first parameter be 1 and second parameter be 0, indicate generation module generate subtraction mark.
Further alternative to be, the coordinate of more than second times of point is Jacobian projective coordinates, and the coordinate of basic point is affine seat Mark, described Doubling Points computing module are additionally configured to, Jacobian projective coordinates and basic point based on more than the second times of point Affine coordinate executes point add operation.Alternatively, the coordinate of more than second times of point is Jacobian projective coordinates;The point doubles point processing Module is additionally configured to, and the Jacobian projective coordinates based on more than second times of point execute two point doublings.
In one embodiment, described Doubling Points computing module is additionally configured to respectively to two point doublings and addition Operation or subtraction are individually dispatched.
In one embodiment, described Doubling Points computing module is additionally configured to the modular multiplication in two point doublings Mixed scheduling is carried out with the modular multiplication in add operation or subtraction.
The circuit provided by this specification embodiment, due in terms of circuit is realized delay be it is determining, be conducive to plus Fast arithmetic speed promotes handling capacity.In addition, point add operation using Jacobian coordinate and affine coordinate mixing by the way of, times point Operation is avoided Modulo division and is reduced respective operand by the way of Jacobian coordinate.
Detailed description of the invention
In order to which technical solution in the embodiment of the present application and advantage is more clearly understood, below in conjunction with attached drawing to the application Exemplary embodiment be described in more detail, it is clear that described embodiment be only the application a part implement Example, rather than the exhaustion of all embodiments.
Fig. 1 is the addition and subtraction calculation flow chart of elliptic curve multi point arithmetic;
Fig. 2 is the circuit structure diagram of this specification embodiment;
Fig. 3 is the structural schematic diagram of the modular multiplication progress combined dispatching of point doubling and point add operation.
Specific embodiment
With reference to the accompanying drawing, the scheme provided this specification is described.
Fig. 1 is the addition and subtraction calculation flow chart of elliptic curve multi point arithmetic.As shown in Figure 1, being inputted first in step 102 A point (referred to hereinafter as P as basic point) on elliptic curve, and the multiple of the more times of points to be sought for the point k.K is the big integer of a m bit bit wide,kj∈ { 0,1 }.According to k, can calculateWherein, hj∈ { 0,1 }, it is assumed that the bit number of k is m, and the bit number of h is r+1, then can It obtains, r=m or m+1.
It is the point on elliptic curve if Q is the output of multi point arithmetic in step 104.Q is initialized as a little in advance P.If j is cyclic variable, initial value r;
In step 106, j=j-1;Then do you judge j=0?
If j=0,118 are entered step, direct output point Q;Otherwise, 108 are entered step, 2 times of points is carried out and calculates Q= [2]Q;
Then, h is judged in step 110 and 114jAnd kj
If hj=1, and kj=0, then 112 are entered step, add operation Q=Q+P is carried out, then returns to 106;If hj =0, and kj=1 enters step 116, carries out subtraction Q=Q-P, then returns to 106.
By the calculation flow chart of the above multi point arithmetic, it can be concluded that, primary more times of points are needed by multiple cycle calculations Final output point Q is obtained afterwards;Wherein, cycle-index is determined by the bit feature of input integer k and h;In preferable situation, One cycle only includes 2 point doublings, and one cycle includes 2 point doublings and primary point plus-minus in poor situation Operation.
This specification inventors realized that, by point add operation in reasonable arrangement multi point arithmetic (add operation or Subtraction) and point doubling, it can be with effectively reducing operand.In one example, point add operation uses Jacobian coordinate With the mode of affine coordinate mixing, point doubling is avoided Modulo division and is reduced respective by the way of Jacobian coordinate Operand.In another example, by analyzing point again and all data dependencies for calculating step of point add operation, if Meter is reasonable to calculate scheduling, reduces the quantity that modular multiplication calculates bubble in assembly line, improves a times performance for point and point add operation.
Fig. 2 is the circuit structure diagram of this specification embodiment.The circuit is for calculating more times of points of elliptic curve, the circuit Including state machine module 210, executed for controlling mark generation module and putting the circulation of Doubling Points computing module.Specifically, State machine module 210 determines the recurring number that more times of points of elliptic curve calculate according to k, controls the progress of cipher rounds.It is transported in control During calculating circulation, state machine module 210 provides the first parameter and the second parameter under previous cycle, i.e. parameter kjAnd hj, J is the loop No. of previous cycle;Wherein, k is the multiple of more times of points of elliptic curve to be calculated, kjIt is the binary representation of k The corresponding bit of jth position, i.e.,In kj, hjFor the corresponding bit of the jth position of the binary representation of 3k, i.e.,In hj.As shown in Figure 1, the circulation terminates, that is, follow since j=r-1 to j=1 Number of rings is r-1 times.To which the state machine module 210 can get the numerical value of cycle-index r-1 based on k value, and in previous cycle In, by determining whether j-1 is 0, i.e. whether j is 1, determines whether entire cipher rounds terminate.Wherein, join as elliptic curve Number, m can be 256 bits.
The circuit further include mark generation module 204, mark generation module 204 the state machine module determine described in Circulation generates a times point mark dbl_flag in the case where not terminating, according to kjAnd hjGenerate point mark-on will.In one example, point Mark-on will includes addition mark add_flag or subtraction mark sub_flag.Wherein, if hj=1, and kj=0, then generate addition Mark, if hj=0, and kj=1, then generate subtraction mark.These marks control whether to carry out for point Doubling Points computing module Corresponding operation.When new circulation starts, indicate that generation module 204 generates a times point mark dbl_flag first, instruction is pressed should Mark carries out two point doublings.Then, mark generation module 204 is according to the parameter k under previous cyclejAnd hjGenerate addition mark Add_flag or subtraction mark sub_flag.Addition mark be used to indicate carry out more times of point Q that previous curve point processing obtains and Basic point P carries out curve dot summation operation.Subtraction mark, which is used to indicate, carries out more times of point Q and basic point that previous curve point processing obtains P carries out curve point subtraction.Last time before so-called previous curve point processing refers to immediately this curve point processing is bent Line point processing.
The circuit further includes a Doubling Points computing module 206, according to times point mark or point mark-on will under previous cycle Times point or point are carried out using the point coordinate of elliptic curve point plus are calculated.Point Doubling Points computing module 206 is stored with the basic point The coordinate for the more times of point Q that coordinate and previous cycle obtain.In the initial time of multi point arithmetic, deposited basic point as more times of point Q Storage is got up.In previous cycle, it is based on putting Doubling Points computing module 206 from received times of point mark of the mark generation module Two point doublings are carried out to more times of currently stored point Q, and the coordinate for the more times of points that two point doubling is obtained is as under The coordinate of more times of point Q when secondary operation.It is then based on from the received addition mark of the mark generation module or subtraction mark, The coordinate of coordinate and current more times of point Q to the basic point carries out add operation or subtraction, and operation result is stored as The coordinate of more times of point Q.Wherein, when mark is addition mark, Doubling Points computing module 206 is put to more times of currently stored point Q Coordinate and the coordinate of basic point P carry out curve dot summation operation, and the coordinate for the more times of points that operation obtains is stored as more times The coordinate of point Q is for next operation.When mark is subtraction mark, point Doubling Points computing module 206 is to currently stored more The coordinate of the coordinate of point Q and basic point carries out curve point subtraction again, and the coordinate for the more times of points that operation obtains is stored as The coordinate of more times of point Q is for calculating next time.In previous cycle, as shown in Figure 1, state machine module doubles point processing mould in point Block 206 judges whether j-1 is 0 after executing point doubling, add operation or subtraction, to judge whether this circulation is tied Beam exports this coordinate for recycling more times of point Q in the case where state machine module determines the loop termination.In state machine mould In the case where block determines that circulation does not terminate, it is recycled into and recycles next time, that is, as shown in Figure 1, doubling point processing mould from the point The point doubling that block 206 executes in subsequent cycle starts.
Those skilled in the art is, it is realized that point doubling and signed magnitude arithmetic(al) have certain complexity.For example, Under Jacobian coordinate, times operation put includes 5M+5Sq, the operation of general addition includes 15M+5Sq.M identifies modular multiplication, Sq Represent square operation.Therefore, it is necessary to reduce operand therein.
Elliptic curve point P1 (X1, Y1, Z1) and point P2 (X2, Y2, Z2) are transported in the point realization of Doubling Points computing module 206 Calculation obtains point P3 (X3, Y3, Z3) and point P4 (X4, Y4, Z4).Wherein, point P4 (X4, Y4, Z4) be point doubling output as a result, Point P3 is the result of point add operation.Its operation expression is P4=[2] P1, P3=P4+P2.P1 can be understood as a circulation knot The more times of points generated after beam, P2 can be understood as basic point.In one example, point P1 uses Jacobian coordinate representation, point P2 It is indicated using affine coordinate, i.e. Z2=1, output point P3, P4 use Jacobian coordinate representation.Wherein point doubling by transporting as follows Calculate composition:
Z4=2Y1Z1
Point add operation is made of following operation:
Wherein, the operation in both the above formula is modular arithmetic.
As for the elliptic curve point subtraction in point add operation, can be speeded up to realize using flexible add operation. In one example, for P4-P2, the coordinate (X2 ,-Y2, Z2) of-P2 can be first obtained, then calculating P4+ (- P2) can obtain To the result of elliptic curve point subtraction.
It can thus be seen that the operation mode under hybrid coordinate avoids Modulo division and reduces respective operand.
In one embodiment, by analyzing the data dependency that point and point add operation respectively calculate step again, point Not She Ji point doubling and point add operation the scheduling of calculating step, both available optimal scheduling situation, i.e. modular multiplication calculate Number of bubbles in assembly line is minimum.
With modular multiplication, mould plus-minus for basic operation, then point doubling may include for example following operation:
M1=Z1*Z1, M2=X1*X1, M3=Y1*Y1, M4=Y1*Z1, M5=M3*M3, M6=X1*M3, M7=M1* M1, M8=S2*S2, M9=S2*S7;
S0=M4 < < 1, S1=M2-M7, S2=(S1 < < 1)+S1, S3=M6 < < 3, S4=M6 < < 2, S5=S3+S4, S6= M5 < < 3, S7=S5-M8, S8=M8-S3, S9=M9-S6.
Wherein, M represents modular multiplication, and S represents mould plus-minus.< < represents and recycles to the left.
Point add operation may include for example following operation:
M0=Z4*Z4, M1=X2*Z4, M2=Y4*X2, M3=Y2*Z4, M4=M3*M0, M5=X2*M0, M6=M1* M0, M7=M2*M0, M8=S2*S2, M10=X4*Y4, M9=S0*S0;M11=X4*Z4, M12=S9*S3, M13=M8*S2, M14=M12*S2, M15=M9*S1, M16=M9*S4;
S0=M5-X4, S1=M5+X4, S2=M4-Y4, S3=S1+X4, S4=M7-M10, S5=M6-M11, S6=M16 + M13, S7=M8-M15, S8=M14-S6.
It will be seen from figure 1 that when point doubling and point add operation exist simultaneously, advance of the point doubling in point add operation Row, and one of input of point add operation (add operation or subtraction) is the output of point doubling.The hair of this specification Bright people notices, and certain modular multiplications of point doubling are added and subtracted dependent on the mould of point doubling, for example M8 and M9 depends on S2 and S7, because This needs to wait the operation result of S2 and S7, leads to the increasing of delay;Although an input dependence of point add operation is in point fortune again The output of calculation, but the certain modular multiplications for putting plus and minus calculation can be opened immediately after the part modular multiplication or mould of point doubling plus-minus Exhibition, such as the modular multiplication M0 of point plus and minus calculation can carry out after the modular multiplication M4 of point doubling.It is calculated to reduce modular multiplication The quantity of bubble in assembly line can carry out each modular multiplication of point doubling and point add operation in a further example Combined dispatching further decreases delay, promotes handling capacity.Fig. 3 is that the modular multiplication of point doubling and point plus and minus calculation carries out joint tune The structural schematic diagram of degree.As shown in figure 3, point Doubling Points computing module includes: times point module 302, for receiving through input terminal 301 It needs times elliptic curve point of point and its coordinate and point doubling is decomposed into modular multiplication and mould plus and minus calculation, then by mould Multiplication and mould plus and minus calculation are separately sent to modular multiplication assembly line 308 and the execution (not shown) of mould plus and minus calculation assembly line;Point adds Module 304, for receiving the elliptic curve point for needing point to add and basic point and its coordinate and point add operation being decomposed into modular multiplication fortune Calculation and mould plus and minus calculation, are then separately sent to modular multiplication assembly line 308 and mould plus and minus calculation for modular multiplication and mould plus and minus calculation Assembly line is (not shown) to be executed;Modular multiplication assembly line 308 will add module 304 from the modular multiplication of point module 302 again and from point Modular multiplication carry out mixed scheduling.Point and the result after point add operation are exported through output end 309 again.In this way, by point multiplication operation In times point and point add operation carry out combined dispatching, be further reduced the quantity of bubble in modular multiplication assembly line, reduce delay, promoted Handling capacity.
Although Fig. 3 shares modular multiplication assembly line 308 (modular multiplication unit) with point module 302 again and point plus module 304 and mould is added and subtracted It is illustrated for arithmetic pipelining (mould plus-minus unit), however, this specification embodiment is without being limited thereto.For example, at one In embodiment, described times of point module and the point add module that can respectively include respective modular multiplication unit and mould plus-minus unit.
This specification is illustrated by taking SM2 algorithm as an example.But this specification is not limited only to this, is equally applicable to other The point multiplication operation of elliptic curve.
This specification is illustrated so that FPGA platform is realized as an example, but those skilled in the art is, it is realized that it is applicable in It realizes, for example can be realized by way of ASIC in multiple types platform.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method Part explanation.
It is above-mentioned that this specification specific embodiment is described.Other embodiments are in the scope of the appended claims It is interior.In some cases, the movement recorded in detail in the claims or step can be come according to the sequence being different from embodiment It executes and desired result still may be implemented.In addition, process depicted in the drawing not necessarily require show it is specific suitable Sequence or consecutive order are just able to achieve desired result.In some embodiments, more calculating tasks and parallel processing be also can With or may be advantageous.
Those of ordinary skill in the art should further appreciate that, describe in conjunction with the embodiments described herein Each exemplary unit and algorithm steps, can be realized with the combination of electronic chip, computer software or the two, in order to clear Illustrate to Chu the interchangeability of chip and software, generally describes each exemplary group according to function in the above description At and step.These functions hold track actually with chip or software mode, depending on technical solution specific application and set Count constraint condition.Those of ordinary skill in the art can realize each specific application using distinct methods described Function, but this realization is it is not considered that exceed scope of the present application.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can hold track with chip, processor Software module or the combination of the two implement.Software module can be placed in random access memory (RAM), memory, read-only storage Device (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology neck In any other form of storage medium well known in domain.
Above-described specific embodiment has carried out further the purpose of the present invention, technical scheme and beneficial effects It is described in detail, it should be understood that being not intended to limit the present invention the foregoing is merely a specific embodiment of the invention Protection scope, all any modification, equivalent substitution, improvement and etc. on the basis of technical solution of the present invention, done should all Including within protection scope of the present invention.

Claims (6)

1. a kind of circuit, for realizing the multi point arithmetic of elliptic curve, the circuit includes:
Input module, the multiple k of more than the first times of point for obtaining basic point in elliptic curve;
State machine module is followed in previous cycle based on described for being determined the cycle-index of the operation based on the multiple k Ring number determine it is described circulation whether terminate, and based on the multiple k and 3k provide respectively previous cycle the first parameter and Second parameter;
Indicate generation module, for generating a times point mark in previous cycle, based on received current from the state machine module The first parameter and the second parameter of circulation generate addition mark or subtraction mark;And
Point Doubling Points computing module, wherein being stored with the coordinate of the basic point and the coordinate of more than second times of point, wherein described second The initial value of the coordinate of more times of points is the coordinate of the basic point, and described Doubling Points computing module is used in previous cycle:
Based on from received times of point mark of the mark generation module, two point doublings to more than second times of point coordinate are carried out, and Operation result is stored as to the coordinate of more than the second times of point;It is then based on from the received addition of mark generation module Mark or subtraction mark, the coordinate of coordinate and more than second times of point to the basic point carry out add operation or subtraction, and will Operation result is stored as the coordinate of more than the second times of point, and
In the case where the state machine module determines the loop termination, export described in the coordinate conduct of more than the second times of point The coordinate of more than first times of point.
2. circuit as described in claim 1, which is characterized in that if the first parameter be 0 and second parameter be 1, indicate Generation module generates addition mark;If the first parameter be 1 and second parameter be 0, indicate generation module generate subtraction mark Will.
3. circuit as described in claim 1, which is characterized in that the coordinate of more than second times of point is Jacobian projective coordinates, base The coordinate of point is affine coordinate, and described Doubling Points computing module is additionally configured to, the Jacobian based on more than the second times of point The affine coordinate of projective coordinates and basic point executes the add operation or subtraction.
4. circuit as described in claim 1, which is characterized in that the coordinate of more than second times of point is Jacobian projective coordinates;Institute It states a Doubling Points computing module to be additionally configured to, the Jacobian projective coordinates based on more than second times of point execute two point doublings.
5. circuit as described in claim 1, which is characterized in that described Doubling Points computing module includes that times point module and point add Module, wherein described times of point module and the point add module to respectively include respective modular multiplication unit and mould plus-minus unit.
6. circuit as described in claim 1, which is characterized in that described Doubling Points computing module includes that times point module and point add Module, wherein described times of point module and the point add module to share modular multiplication unit, to add mould to described times of point module and the point Modular multiplication in block carries out combined dispatching.
CN201811109399.1A 2018-09-21 2018-09-21 A kind of circuit for elliptic curve multi point arithmetic Pending CN109117677A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811109399.1A CN109117677A (en) 2018-09-21 2018-09-21 A kind of circuit for elliptic curve multi point arithmetic

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811109399.1A CN109117677A (en) 2018-09-21 2018-09-21 A kind of circuit for elliptic curve multi point arithmetic

Publications (1)

Publication Number Publication Date
CN109117677A true CN109117677A (en) 2019-01-01

Family

ID=64856167

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811109399.1A Pending CN109117677A (en) 2018-09-21 2018-09-21 A kind of circuit for elliptic curve multi point arithmetic

Country Status (1)

Country Link
CN (1) CN109117677A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111966324A (en) * 2020-08-19 2020-11-20 哈尔滨理工大学 Multi-elliptic curve scalar multiplier oriented implementation method, device and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1625104A (en) * 2004-12-09 2005-06-08 中国电子科技集团公司第三十研究所 Multiple computing circuit for ellipic curve cipher algorithm chip
CN101547089A (en) * 2008-03-28 2009-09-30 上海爱信诺航芯电子科技有限公司 Method for realizing elliptic curve cryptosystem algorithm over prime field in integrated circuit
CN101782845A (en) * 2009-01-20 2010-07-21 北京华大信安科技有限公司 High speed arithmetic device and method of elliptic curve code
CN102104482A (en) * 2009-12-21 2011-06-22 上海华虹集成电路有限责任公司 Method for infinity point representation under affine coordinate system in elliptic curve cryptosystem
US20130003964A1 (en) * 2005-11-03 2013-01-03 Certicom Corp. Simultaneous Scalar Multiplication Method
CN103078732A (en) * 2013-01-08 2013-05-01 武汉大学 Prime field elliptic curve crypto dot product accelerating circuit
CN107241198A (en) * 2017-08-01 2017-10-10 北京智慧云测科技有限公司 The security assessment method and device of a kind of elliptic curve
CN107547201A (en) * 2017-09-28 2018-01-05 哈尔滨工程大学 A kind of method of scalar multiplication computational efficiency in raising elliptic curve cryptosystem

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1625104A (en) * 2004-12-09 2005-06-08 中国电子科技集团公司第三十研究所 Multiple computing circuit for ellipic curve cipher algorithm chip
US20130003964A1 (en) * 2005-11-03 2013-01-03 Certicom Corp. Simultaneous Scalar Multiplication Method
CN101547089A (en) * 2008-03-28 2009-09-30 上海爱信诺航芯电子科技有限公司 Method for realizing elliptic curve cryptosystem algorithm over prime field in integrated circuit
CN101782845A (en) * 2009-01-20 2010-07-21 北京华大信安科技有限公司 High speed arithmetic device and method of elliptic curve code
CN102104482A (en) * 2009-12-21 2011-06-22 上海华虹集成电路有限责任公司 Method for infinity point representation under affine coordinate system in elliptic curve cryptosystem
CN103078732A (en) * 2013-01-08 2013-05-01 武汉大学 Prime field elliptic curve crypto dot product accelerating circuit
CN107241198A (en) * 2017-08-01 2017-10-10 北京智慧云测科技有限公司 The security assessment method and device of a kind of elliptic curve
CN107547201A (en) * 2017-09-28 2018-01-05 哈尔滨工程大学 A kind of method of scalar multiplication computational efficiency in raising elliptic curve cryptosystem

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
刘付山: "关于SM2快速标量乘法协处理器的研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
牛永川: "SM2椭圆曲线公钥密码算法的快速实现研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111966324A (en) * 2020-08-19 2020-11-20 哈尔滨理工大学 Multi-elliptic curve scalar multiplier oriented implementation method, device and storage medium
CN111966324B (en) * 2020-08-19 2024-01-30 哈尔滨理工大学 Implementation method and device for multi-elliptic curve scalar multiplier and storage medium

Similar Documents

Publication Publication Date Title
US7505587B2 (en) Elliptic curve cryptosystem apparatus, storage medium storing elliptic curve cryptosystem program, and elliptic curve cryptosystem arithmetic method
CN112988237B (en) Paillier decryption system, chip and method
CN112217643B (en) Operation method, device and equipment
Knežević et al. Low-latency ECDSA signature verification—A road toward safer traffic
CN103942031B (en) Elliptic domain curve operations method
CN112070222B (en) Processing device, accelerator and method for federal learning
CN104461449A (en) Large integer multiplication realizing method and device based on vector instructions
CN103049710B (en) Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm
WO2020146285A1 (en) Protection of cryptographic operations by intermediate randomization
CN109324901B (en) Deep learning distributed computing method, system and node based on block chain
Saxena et al. An efficient parallel algorithm for secured data communications using RSA public key cryptography method
CN108875416B (en) Elliptic curve multiple point operation method and device
Jeong et al. Implementation of efficient SHA-256 hash algorithm for secure vehicle communication using FPGA
Wenger et al. An 8-bit AVR-based elliptic curve cryptographic RISC processor for the internet of things
CN101639788A (en) Multi-core parallel method for continuous system simulation based on TBB threading building blocks
CN109117677A (en) A kind of circuit for elliptic curve multi point arithmetic
Becker et al. Polynomial multiplication on embedded vector architectures
CN114021734A (en) Parameter calculation device, system and method for federal learning and privacy calculation
Wang et al. FPGA-based SHA-3 acceleration on a 32-bit processor via instruction set extension
CN104572012A (en) Polynomial-based GF [2(227)] high-speed modular multiplier based on AOP (all one polynomial)
Zhao et al. Efficient implementation of kyber on mobile devices
CN112099760A (en) Single multiplier seamless scheduling method for point addition and point doubling in SM2 cryptographic algorithm
Takaki et al. An optimized implementation of aes-gcm for fpga acceleration using high-level synthesis
CN104067194A (en) Apparatus and method of execution unit for calculating multiple rounds of a SKEIN hashing algorithm
Le et al. Mrsa: A high-efficiency multi romix scrypt accelerator for cryptocurrency mining and data security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40008660

Country of ref document: HK

TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20201010

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Applicant before: Alibaba Group Holding Ltd.

Effective date of registration: 20201010

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant before: Advanced innovation technology Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190101