CN109284082A - A kind of point processing method and device that ECC and SM2 is general - Google Patents

A kind of point processing method and device that ECC and SM2 is general Download PDF

Info

Publication number
CN109284082A
CN109284082A CN201710601306.6A CN201710601306A CN109284082A CN 109284082 A CN109284082 A CN 109284082A CN 201710601306 A CN201710601306 A CN 201710601306A CN 109284082 A CN109284082 A CN 109284082A
Authority
CN
China
Prior art keywords
point
under
coordinate system
algorithm
modified jacobian
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710601306.6A
Other languages
Chinese (zh)
Inventor
王振
王永
郭彬
贺岩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sanechips Technology Co Ltd
Shenzhen ZTE Microelectronics Technology Co Ltd
Original Assignee
Shenzhen ZTE Microelectronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen ZTE Microelectronics Technology Co Ltd filed Critical Shenzhen ZTE Microelectronics Technology Co Ltd
Priority to CN201710601306.6A priority Critical patent/CN109284082A/en
Publication of CN109284082A publication Critical patent/CN109284082A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/38Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
    • G06F7/48Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
    • G06F7/483Computations with numbers represented by a non-linear combination of denominational numbers, e.g. rational numbers, logarithmic number system or floating-point numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/38Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
    • G06F7/48Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
    • G06F7/57Arithmetic logic units [ALU], i.e. arrangements or devices for performing two or more of the operations covered by groups G06F7/483 – G06F7/556 or for performing logical operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Mathematics (AREA)
  • Computing Systems (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Nonlinear Science (AREA)
  • Complex Calculations (AREA)

Abstract

A kind of point processing method and device is disclosed herein, comprising: determines the algorithm types that this point processing uses;When using ECC algorithm, the point add operation circuit or point doubling circuit called directly under modified Jacobian Modified Jacobian projective coordinate system completes this point processing;When using SM2 algorithm, the point doubling circuit under point add operation circuit or Modified Jacobian projective coordinate system under affine-Modified Jacobian mixed proportion is called to complete this point processing.The application realizes the point processing method for being common to ECC algorithm and SM2 algorithm, and the operational performance of SM2 and ECC not only greatly improved.Meanwhile circuit area can be also reduced, operation power consumption is reduced, the design requirement of SoC can be preferably adapted to.

Description

A kind of point processing method and device that ECC and SM2 is general
Technical field
The present invention relates to system on chip (SOC, system-on-a-Chip) chip field more particularly to a kind of ECC and SM2 General point processing method and device.
Background technique
Elliptic curve cryptosystems (ECC) are to you can well imagine to come out in 1985 fraction of the year by Neal Koblitz and Victor Miller A kind of public-key cryptosystem, intractability of the safety based on elliptic curves discrete logarithm problem.It is up to the present every Key provides a kind of highest public-key cryptosystem of encryption intensity, such as 160 ECC can reach 1024 RSA peaces It is complete horizontal.The security performance of ECC is higher, calculation amount is smaller, processing speed faster, in the case where security performance is roughly the same, The key of ECC has more brilliant security performance compared to the key of RSA and block cipher, and the requirement to bandwidth is lower.Therefore, from Just it is always research and the application foci of public key cryptography after ECC proposition, there is more extensive application prospect.
SM2 ellipse curve public key cipher algorithm is that a kind of fixed ECC of curve of national Password Management office publication in 2010 is calculated Method, it suitable for commercial cipher application digital signature and certification, key exchange and encryption and decryption processes, with improve peace The credibility and interoperability of full product.National Password Management office requires oval bent using SM2 in China's commercial cipher system Line cryptographic algorithm replaces RSA Algorithm.
According to the feature of elliptic curve cryptography, it is substantially at present for the design method of ECC and SM2 using soft or hard Part is implemented in combination with.Wherein, scalar multiplication (more times of point algorithms) complexity highest, when operation time accounts for entire ECC or SM2 process Between 80% or so.Scalar multiplication is made of point processing (point adduction times point), and arithmetic of rational point and a times point algorithm are added by modular multiplication, mould Subtract these basic operations with mould to constitute.
In summary, if there is a kind of high-performance point processing can be compatible with ECC and SM2, it will greatly improve ECC's and SM2 Calculated performance.
Summary of the invention
In order to solve the above-mentioned technical problem, the embodiment of the invention provides a kind of ECC and SM2 general point processing method and Device.
This application provides following schemes:
A kind of point processing method, comprising:
Determine the algorithm types that this point processing uses;
When using ECC algorithm, modified Jacobian Modified Jacobian projective coordinates are called directly Point add operation circuit or point doubling circuit under system complete this point processing;
When using SM2 algorithm, the point add operation circuit under affine-Modified Jacobian mixed proportion is called Or the point doubling circuit under Modified Jacobian projective coordinate system completes this point processing.
Wherein, when using SM2 algorithm, the point add operation under affine-Modified Jacobian mixed proportion is called Point doubling circuit under circuit or Modified Jacobian projective coordinate system completes this point processing, comprising: judges this Whether point processing is fixed point scalar multiplication;When this point processing is fixed point scalar multiplication, call it is affine- Under point add operation circuit or Modified Jacobian projective coordinate system under Modified Jacobian mixed proportion Point doubling circuit completes this point processing;When this point processing is not fixed point scalar multiplication, Modified is called Point add operation circuit or point doubling circuit under Jacobian projective coordinate system complete this point processing.
Wherein, when the point representation under Jacobian projective coordinate system is (X, Y, Z), the Modified Point representation under Jacobian projective coordinate system is (X, Y, Z, aZ4), the Modified Jacobian projective coordinate system It is to affine coordinate system transformation for mula
Wherein, if The arithmetic of rational point form of expression under the Modified Jacobian projective coordinate system are as follows:
X3=R2-TW2, Y3=R (U1W2-X3)-S1W3, Z3=Z1Z2W,Wherein,W=U1-U2, R=S1-S2, T=U1+U2, M= S1+S2, V=TW2-2X3;Wherein, P and Q indicates two different points on elliptic curve.
Wherein, ifQ=(X2,Y2),When,
The arithmetic of rational point form of expression under the affine-Modified Jacobian mixed proportion are as follows: X3=R2-TW2, Y3=R (X1W2-X3)-Y1W3, Z3=Z1WWherein,W=X1- U2, R=Y1-S2, T=U1+U2
Wherein, P and Q indicates two different points on elliptic curve.
Wherein, if
The point algorithm form of expression again under the Modified Jacobian projective coordinate system are as follows: X3=M2- 2S, Y3=M (S-X3)-T, Z3=2Y1Z2,Wherein,
Wherein, Q indicates a point on elliptic curve.
A kind of point processing device, includes at least: point processing unit;
The point processing unit includes: point processing controller, modified Jacobian Modified Jacobian Point add operation circuit under projective coordinate system, the point add operation circuit under affine-Modified Jacobian mixed proportion, And the point doubling circuit under Modified Jacobian projective coordinate system;
Wherein, the point processing controller, the algorithm types used for confirming this point processing;Using ECC algorithm When, call directly point add operation circuit under modified Jacobian Modified Jacobian projective coordinate system or Point doubling circuit completes this point processing;When using SM2 algorithm, affine-Modified Jacobian hybrid coordinate is called The point doubling circuit under point add operation circuit or Modified Jacobian projective coordinate system under system completes this point fortune It calculates.
Wherein, the point processing controller is specifically used for when using SM2 algorithm, judges whether this point processing is solid Pinpoint scalar multiplication;When this point processing is fixed point scalar multiplication, call affine-Modified Jacobian mixed The point doubling circuit closed under point add operation circuit or Modified Jacobian projective coordinate system under coordinate system completes this Point processing;When this point processing is not fixed point scalar multiplication, call under Modified Jacobian projective coordinate system Point add operation circuit or point doubling circuit complete this point processing.
The application can at least obtain one of following effect:
On the one hand, in one preferred embodiment of the application, ECC algorithm and SM2 algorithm be can be used simultaneously, confirmation need using It, can be by calling directly point add operation circuit or point doubling under Modified Jacobian projective coordinate system when ECC algorithm Circuit completes a point processing;When confirmation is needed using ECC algorithm, affine-Modified Jacobian can be called to mix Point add operation circuit under coordinate system completes this point processing or calls times point under Modified Jacobian projective coordinate system Computing circuit completes this point processing.In this way, realizing the point processing method for being common to ECC algorithm and SM2 algorithm, not only substantially Improve the operational performance of SM2 and ECC.Meanwhile circuit area can be also reduced, operation power consumption is reduced, SoC can be preferably adapted to Design requirement.
On the other hand, in another preferred embodiment of the application, ECC and SM2 algorithm can be supported using same covering device, i.e., it is logical It crosses the point add operation under Modified Jacobian projective coordinate system and affine-Modified Jacobian mixed proportion Circuit is multiplexed, and the operational performance of SM2 and ECC not only greatly improved.Meanwhile circuit area is also effectively reduced, it reduces Operation power consumption can preferably adapt to the design requirement of SoC.
In another aspect, counting this application provides the arithmetic of rational point under Modified Jacobian projective coordinate system and again Method makes times multiplication number of point algorithm not depend on the value of elliptic curve parameter a, eight multiplyings is fixed as, to a ≠ -3mod The scalar multiplication operational performance of the curve of P, on-fixed point improves about 10%.
Another aspect, this application provides the arithmetic of rational point under affine-Modified Jacobian mixed proportion, make The scalar multiplication operational performance of fixed point improves about 10%.
Another aspect, the application is by being multiplexed affine-Modified Jacobian mixed proportion and Modified Point add operation circuit under Jacobian projective coordinate system, further reduces circuit area, reduces operation power consumption.
In another aspect, ECC algorithm and SM2 algorithm use same set of point processing device in the application, reduce circuit face Product, reduces operation power consumption.
Other features and advantages of the present invention will be illustrated in the following description, also, partly becomes from specification It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention can be by specification, right Specifically noted structure is achieved and obtained in claim and attached drawing.
Detailed description of the invention
Attached drawing is used to provide to further understand technical solution of the present invention, and constitutes part of specification, with this The embodiment of application technical solution for explaining the present invention together, does not constitute the limitation to technical solution of the present invention.
Fig. 1 is a kind of flow diagram of point processing method of the embodiment of the present application;
Fig. 2 is the exemplary implementation flow chart of some operation methods of embodiment.
Fig. 3 is the structural schematic diagram of two midpoint arithmetic unit of embodiment;
Fig. 4 is the structural schematic diagram of exemplary dots arithmetic facility in embodiment two.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention Embodiment be described in detail.It should be noted that in the absence of conflict, in the embodiment and embodiment in the application Feature can mutual any combination.
Step shown in the flowchart of the accompanying drawings can be in a computer system such as a set of computer executable instructions It executes.Also, although logical order is shown in flow charts, and it in some cases, can be to be different from herein suitable Sequence executes shown or described step.
The application provide it is a kind of be common to ECC and SM2, high performance, low-power consumption point processing technical solution, with big The calculated performance of width raising ECC and SM2.The application can be applied to smart card, mobile payment etc. and want to safety, performance and power consumption Ask relatively high field.
Since the characteristic of elliptic curve determines that the design method of ECC and SM2 are substantially using software and hardware combining It realizes.In entire algorithm flow, scalar multiplication computational complexity highest, operation time accounts for entire ECC or SM2 flow time 80% or so.Therefore, it can be said that scalar multiplication operational performance determines the performance of ECC and SM2, it is the key that elliptic curve operations. Scalar multiplication is made of point processing, in consideration of it, the application provides a kind of point processing device that ECC and SM2 is general to improve mark Multiplication performance is measured, to promote the performance of ECC and SM2.
Technical scheme is described in detail below.It should be noted that following examples can any combination.
Embodiment one
A kind of point processing method, as shown in Figure 1, may include:
Step 101, the algorithm types that this point processing uses are determined, execute step when confirmation is needed using ECC algorithm 102, step 103 is executed when confirmation is needed using SM2 algorithm;
Step 102, when using ECC algorithm, modified Jacobian (Modified is called directly Jacobian) the point add operation circuit under projective coordinate system or point doubling circuit complete this point processing;
Step 103, when using SM2 algorithm, the point under affine-Modified Jacobian mixed proportion is called to add Point doubling circuit under computing circuit or Modified Jacobian projective coordinate system completes this point processing.
In the present embodiment, is realized and be common to by same set of point processing device (passing through same group of computing circuit of multiplexing) The point processing method of ECC algorithm and SM2 algorithm, not only greatly improved the operational performance of SM2 and ECC.Meanwhile it can also reduce electricity Road surface product, reduces operation power consumption, can preferably adapt to the design requirement of SoC.
In the present embodiment, determine the mode of algorithm types that local point processing uses can there are many.For example, can basis This algorithm types that need to automatically determine of current application are ECC or SM2, which is that this point processing uses Algorithm types.For example, when the point processing method of the present embodiment being applied to smart card, the affiliated terminal needs of the smart card make Which kind of algorithm just used with the corresponding point processing method of which kind of algorithm.If terminal uses SM2 algorithm, point processing Method then uses SM2 algorithm, if terminal uses ECC algorithm, point processing method just uses ECC algorithm.
The present embodiment can also include: by Jacobian projective coordinates before using ECC algorithm or SM2 algorithm The lower point adduction times point algorithm of system optimizes, and obtains arithmetic of rational point under Modified Jacobian projective coordinate system and again Point algorithm.In a kind of implementation, the point adduction times point algorithm under Jacobian projective coordinate system is optimized, is obtained The mode of arithmetic of rational point under Modified Jacobian projective coordinate system and times point algorithm can be with are as follows: in Jacobian projection Point representation when point representation under coordinate system is (X, Y, Z), under the Modified Jacobian projective coordinate system For (X, Y, Z, aZ4), the Modified Jacobian projective coordinate system is to affine coordinate system transformation for mulaIn this way, times multiplication number put in algorithm under Modified Jacobian projective coordinate system is eight times (4M+4S) does not depend on the value of elliptic curve parameter a, is more suitable for the unfixed algorithm of this elliptic curve of ECC, each times of point Algorithm can save multiplying twice.In addition, the arithmetic of rational point under Modified Jacobian projective coordinate system compares Jacobi Mostly multiplication operates arithmetic of rational point under determinant (Jacobian) projective coordinate system three times.
Such as the point representation under Jacobian projective coordinate system be (X, Y, Z) when, Modified Jacobian projection Point representation under coordinate system can be (X, Y, Z, aZ4), Modified Jacobian projective coordinate system to affine coordinate system Transformation for mula can beIt is excellent by being carried out to the point adduction times point algorithm under Jacobian projective coordinate system Change point adduction times point algorithm and the affine-Modified for improving and obtaining under Modified Jacobian projective coordinate system Arithmetic of rational point under Jacobian mixed proportion.
If P, Q is two points on elliptic curve, the respectively expression under Modified Jacobian projective coordinate system Are as follows:The two points are added and indicate are as follows:The arithmetic of rational point form of expression under Modified Jacobian projective coordinate system are as follows: X3 =R2-TW2, Y3=R (U1W2-X3)-S1W3, Z3=Z1Z2W,Wherein,W=U1-U2, R=S1-S2, T=U1+U2, M= S1+S2, V=TW2-2X3
If P, Q is two points on elliptic curve, respectively in Modified Jacobian projective coordinate system and affine coordinate Expression under system are as follows:Q=(X2,Y2).The two points are added and indicate are as follows:The arithmetic of rational point form of expression under affine-Modified Jacobian mixed proportion are as follows: X3=R2-TW2, Y3=R (X1W2-X3)-Y1W3, Z3=Z1WWherein,W= X1-U2, R=Y1-S2, T=U1+U2
If Q is the point on elliptic curve, the expression under Modified Jacobian projective coordinate system are as follows:Two identical points, which are added (times point) result, to be indicated are as follows: The point algorithm form of expression again under Modified Jacobian projective coordinate system are as follows: X3=M2- 2S, Y3=M (S-X3)-T, Z3= 2Y1Z2,Wherein,
Under above-mentioned Modified Jacobian projective coordinate system and affine-Modified Jacobian mixed proportion Arithmetic of rational point feature is similar, it is therefore possible to use same covering device is realized, saves circuit area.
It as shown in table 1 below, is the operational performance index of arithmetic of rational point and times point algorithm under different coordinates.Wherein, I table Show that an inversion operation, M indicate multiplication operation, S indicates a square operation.As can be seen from Table 1, scalar multiplication makes It is better than using affine coordinate system and canonical projection with the performance of arithmetic of rational point and times point algorithm under Jacobian projective coordinate system Arithmetic of rational point and a times point algorithm under coordinate, wherein since the number dependence of the multiplication in times point algorithm of elliptic curve is oval Curve y2≡x3The value of the parameter a of+ax+b (modp), if a=-3mod P, a times point algorithm only has eight multiplication operation (4M+ 4S), otherwise point algorithm needs ten multiplication operations (4M+6S) again.As can be seen from Table 1, the present embodiment uses Modified Double-adding method under Jacobian projective coordinate system is fixed as eight multiplication operations, Modified Jacobian projective coordinate system Jacobian is better than with the performance of arithmetic of rational point and double-adding method under affine-Modified Jacobian mixed proportion Arithmetic of rational point and a times point algorithm under projective coordinate system.
Table 1
In the present embodiment, point add operation circuit based on affine-Modified Jacobian projective coordinate system and Point add operation circuit under Modified Jacobian projective coordinate system realizes the above method.It calls according to different conditions not With point add operation circuit, improve scalar multiplication performance to reduce in scalar multiplication multiplication number, at the same to computing circuit into Row optimization, by the point add operation circuit and Modified Jacobian under affine-Modified Jacobian projective coordinate system Point add operation circuit multiplexer under projective coordinate system reduces circuit area, reduces operation power consumption in two kinds of algorithms.This Outside, the arithmetic of rational point of the point add operation circuit of affine-Modified Jacobian projective coordinate system, can make the mark of fixed point Measure multiplication performance boost about 10%.
It is fixed curve based on SM2 algorithm curve in the present embodiment, ECC algorithm curve is the characteristic of on-fixed curve.It is right In fixed point scalar multiplication and on-fixed point scalar multiplication using the point adduction times point algorithm under different coordinate systems.In SM2 algorithm Including fixed point scalar multiplication and on-fixed point scalar multiplication, ECC algorithm curve is not fixed, and all scalar multiplications are all on-fixed Point scalar multiplication.Specifically, SM2 algorithm curve is fixed curve, it is based in the signature of SM2, sign test, encryption and decryption process The scalar multiplication (kG) of basic point G (x, y) and the scalar multiplication of non-basic point.Basic point is fixed in SM2 algorithm, for basic point Scalar multiplication is known as fixed point scalar multiplication, and the scalar multiplication midpoint of non-basic point is unfixed, referred to as on-fixed point scalar multiplication.
The present embodiment realizes the above method based on the point doubling circuit under Modified Jacobian projective coordinate system, The multiplication number of this times of point algorithm does not depend on the value of elliptic curve parameter a, only eight multiplyings, and it is this ellipse to be suitable for ECC The unfixed algorithm of circular curve, a times point algorithm can save multiplying twice every time, to a ≠ -3mod P curve, on-fixed The scalar multiplication operational performance of point improves about 10%.
In a kind of implementation, when using SM2 algorithm, call under affine-Modified Jacobian mixed proportion Point add operation circuit or Modified Jacobian projective coordinate system under point doubling circuit complete this point processing, can To include: to judge whether this point processing is fixed point scalar multiplication;When this point processing is fixed point scalar multiplication, Point add operation circuit or Modified Jacobian projection under affine-Modified Jacobian mixed proportion is called to sit Point doubling circuit under mark system completes this point processing;When this point processing is not fixed point scalar multiplication, call Point add operation circuit or point doubling circuit under Modified Jacobian projective coordinate system complete this point processing.
As shown in table 2 below, a kind of example implementations of SM2 algorithm and ECC algorithm are common to for the present embodiment.
Table 2
As shown in table 2, in the above-mentioned implementation of the present embodiment, fixed point scalar multiplication is directed in SM2 algorithm, Using under the arithmetic of rational point and Modified Jacobian coordinate system under affine-Modified Jacobian mixed proportion Point algorithm again.It is directed to on-fixed point scalar multiplication in SM2 algorithm, uses the point under Modified Jacobian coordinate system Point algorithm again under computation system and Modified Jacobian coordinate system.In common SM2 and ECC scalar multiplication algorithm (such as Radix-2 algorithm and sliding window algorithm), it is all to realize scalar multiplication by continuously calling point add operation and point doubling 's.In the present embodiment, it is described in detail by taking sliding window algorithm as an example.Since SM2 algorithm basic point is fixed and invariable, lead to It crosses if software realization sliding window algorithm and point of invocation arithmetic unit calculate scalar multiplication, it is contemplated that it calculates and does not have to calculate every time, it can be with Good solidification is calculated in advance in memory, reduces pre-calculation time.Also, the arithmetic of rational point performance under mixed proportion also superior to Arithmetic of rational point under Modified Jacobian coordinate system.The present embodiment compares point for the scalar multiplication interpretative version of fixed point Computation system and again point algorithm all use about 10% (window 5) of the scheme performance boost of Jacobian coordinate system.
As shown in table 2, in the above-mentioned implementation of the present embodiment, the scalar multiplication of on-fixed point is directed in ECC algorithm Operation uses the arithmetic of rational point and a times point algorithm under Modified Jacobian coordinate system.Using sliding window algorithm, in window Arithmetic of rational point number is 2 in the case that mouth w is 5w-1- 1+n/ (w+1), times putting an algorithm number is that 255 (n is to multiply in scalar multiplication Several binary lengths, n=256).To a ≠ -3mod P curve, the present embodiment is directed to the scalar multiplication side of on-fixed point Case compares about 10% (window 5) of the scheme performance boost for using Jacobian coordinate system.
In the above-mentioned implementation of the present embodiment, scalar multiplication, this algorithm can be realized using sliding window algorithm Each circulation requires to calculate primary times of point algorithm in calculating process, and in the case where window is 5, arithmetic of rational point number is about The 1/5 of algorithm is put again.It follows that the above-mentioned implementation of the present embodiment can be obvious, reduce multiplication number in times point algorithm, Reduce the number of multiplication in scalar multiplication, and then effectively improves scalar multiplication operational performance.
As shown in Fig. 2, being the another example implementations of the present embodiment point processing method, in this implementation, point Calculating process may include steps of:
Step 201, judgement is currently needed using which type of algorithm (ECC or SM2 algorithm), if necessary to use SM2 Algorithm continues step 202, if you do not need to then continuing step 210 using ECC algorithm;
Step 202, SM2 algorithm is executed;
Step 203, judge whether this point processing is fixed point scalar multiplication, if it is continue step 204, otherwise Continue step 207;
Step 204, judge whether to select point add operation, be to continue step 205, otherwise continue step 206;
Step 205, the point add operation circuit under affine-Modified Jacobian mixed proportion is called to complete this Point processing, current process terminate.
Step 206, the extraordinarily computing circuit under Modified Jacobian projective coordinate system is called to complete this place fortune It calculates, current process terminates.
Step 207, judge whether to select point add operation, be to continue step 208, otherwise continue step 209;
Step 208, the point add operation circuit under Modified Jacobian projective coordinate system is called to complete this point fortune It calculates, current process terminates.
Step 209, the extraordinarily computing circuit under Modified Jacobian projective coordinate system is called to complete this place fortune It calculates, current process terminates.
Step 210, ECC algorithm is executed;
Step 211, judge whether to select point add operation, be to continue step 212, otherwise continue step 213;
Step 212, the point add operation circuit under Modified Jacobian projective coordinate system is called to complete this point fortune It calculates, current process terminates.
Step 213, the extraordinarily computing circuit under Modified Jacobian projective coordinate system is called to complete this place fortune It calculates, current process terminates.
It, can be according to application it needs to be determined that this algorithm types (ECC or SM2 algorithm), then in above-mentioned implementation Which kind of selected to carry out according to scalar multiplication algorithm a little to add/point doubling, and according to algorithm types selection using under coordinate system Arithmetic of rational point.
Embodiment two
A kind of point processing device, as shown in figure 3, including at least: point processing unit 31;
The point processing unit 31 may include: point processing controller 311, Modified Jacobian projective coordinate system Under point add operation circuit 311, the point add operation circuit 312 under affine-Modified Jacobian mixed proportion and Point doubling circuit 313 under Modified Jacobian projective coordinate system;
Wherein, the point processing controller 311 can be used for confirming the algorithm types that this point processing uses;Using ECC When algorithm, the point add operation circuit 311 or point doubling circuit under Modified Jacobian projective coordinate system are called directly 313 complete this point processing;When using SM2 algorithm, the point under affine-Modified Jacobian mixed proportion is called The point doubling circuit 313 under computing circuit 312 or Modified Jacobian projective coordinate system is added to complete this point processing.
The present embodiment realizes ECC algorithm and SM2 algorithm using same set of point processing device, by by Modified Point add operation circuit under Jacobian projective coordinate system and affine-Modified Jacobian mixed proportion is multiplexed, The operational performance of SM2 and ECC not only greatly improved.Meanwhile circuit area is also effectively reduced, and operation power consumption is reduced, it can Preferably adapt to the design requirement of SoC.In addition, affine-Modified Jacobian the mixed proportion of the present embodiment also reusable Point add operation circuit under Modified Jacobian projective coordinate system, reduces circuit area, reduces operation power consumption.
In a kind of implementation, the point processing controller 311 is particularly used in when using SM2 algorithm, judges this Whether point processing is fixed point scalar multiplication;When this point processing is fixed point scalar multiplication, call it is affine- Under point add operation circuit 312 or Modified Jacobian projective coordinate system under Modified Jacobian mixed proportion Point doubling circuit 313 complete this point processing;When this point processing is not fixed point scalar multiplication, call Point add operation circuit 311 or point doubling circuit 313 under Modified Jacobian projective coordinate system complete this point fortune It calculates.
In the present embodiment, point processing device includes affine-Modified Jacobian projective coordinate system and Modified Point add operation circuit under Jacobian projective coordinate system.In this way, point processing device can call according to different conditions it is different Point add operation circuit improves scalar multiplication performance to reduce in scalar multiplication multiplication number, while carrying out to computing circuit excellent Change, the point under affine-Modified Jacobian projective coordinate system and Modified Jacobian projective coordinate system is added into fortune Circuit multiplexer is calculated, reduces circuit area, reduces operation power consumption.
In the present embodiment, point processing device includes the point doubling circuit under Modified Jacobian projective coordinate system, The multiplication number of the algorithm of point again of the point doubling circuit does not depend on the value of elliptic curve parameter a, is fixed as eight multiplyings, To a ≠ -3mod P curve, the scalar multiplication operational performance of on-fixed point improves about 10%.
The concrete operation details of the present embodiment is repeated no more referring to embodiment one.
As shown in figure 4, being a kind of exemplary realization structure of the present embodiment point processing equipment.As shown in figure 4, the point processing Equipment mainly may include: AHB interface, arithmetic and control unit, point processing device, modulo device, RAM data selector (MUX). Wherein, point processing device may include: point processing controller, point add operation circuit and point doubling circuit;Modulo device can To include: that mould adds computing circuit, mould to subtract computing circuit, modular multiplication (Montgomery) computing circuit.Wherein, Mod_int indicates mould Operation interrupt signal, Point_int indicate point processing interrupt signal.
AHB interface module is mainly used for realizing that AHB agreement is hopped storage read-write protocol;Arithmetic and control unit is used for control system Or hardware operation RAM, point processing and the selection of modular arithmetic;Point processing device major function is to realize affine-Modified Point under Jacobian and Modified Jacobian projective coordinate system sums it up point doubling circuit, wherein point add operation circuit Major function is the point add operation realized under affine-Modified Jacobian and Modified Jacobian projective coordinate system Circuit, point doubling circuit major function are the point doubling circuits realized under Modified Jacobian projective coordinate system;Mould Arithmetic unit major function is to realize that big data mould adds, mould subtracts and scale multiplying circuit;Basis fortune in point adduction point doubling Calculation is added by mould, mould subtracts, modular multiplication is constituted, therefore modulo device realizes a basic operations for adduction point doubling.RAM MUX can be used for the read-write selection of RAM being output to CPU or modulo device.
Those of ordinary skill in the art will appreciate that all or part of the steps in the above method can be instructed by program Related hardware (such as processor) is completed, and described program can store in computer readable storage medium, as read-only memory, Disk or CD etc..Optionally, one or more integrated circuits also can be used in all or part of the steps of above-described embodiment It realizes.Correspondingly, each module/unit in above-described embodiment can take the form of hardware realization, such as pass through integrated circuit It realizes its corresponding function, can also be realized in the form of software function module, such as be stored in and deposited by processor execution Program/instruction in reservoir realizes its corresponding function.The application is not limited to the knot of the hardware and software of any particular form It closes.
The advantages of basic principles and main features and the application of the application have been shown and described above.The application is not by upper The limitation for stating embodiment, the above embodiments and description only describe the principles of the application, are not departing from the application Under the premise of spirit and scope, the application be will also have various changes and improvements, these changes and improvements both fall within claimed Within the scope of the application.

Claims (8)

1. a kind of point processing method, comprising:
Determine the algorithm types that this point processing uses;
When using ECC algorithm, call directly under modified Jacobian Modified Jacobian projective coordinate system Point add operation circuit or point doubling circuit complete this point processing;
When using SM2 algorithm, call point add operation circuit under affine-Modified Jacobian mixed proportion or Point doubling circuit under Modified Jacobian projective coordinate system completes this point processing.
2. point processing method according to claim 1, which is characterized in that when using SM2 algorithm, call it is affine- Under point add operation circuit or Modified Jacobian projective coordinate system under Modified Jacobian mixed proportion Point doubling circuit completes this point processing, comprising:
Judge whether this point processing is fixed point scalar multiplication;
When this point processing is fixed point scalar multiplication, call under affine-Modified Jacobian mixed proportion Point doubling circuit under point add operation circuit or Modified Jacobian projective coordinate system completes this point processing;
When this point processing is not fixed point scalar multiplication, the point under Modified Jacobian projective coordinate system is called Computing circuit or point doubling circuit is added to complete this point processing.
3. point processing method according to claim 1, which is characterized in that
When point representation under Jacobian projective coordinate system is (X, Y, Z), the Modified Jacobian projection is sat Point representation under mark system is (X, Y, Z, aZ4), the Modified Jacobian projective coordinate system to affine coordinate system becomes Changing formula is
4. point processing method according to any one of claims 1 to 3, which is characterized in that
If
The arithmetic of rational point form of expression under the Modified Jacobian projective coordinate system are as follows:
X3=R2-TW2, Y3=R (U1W2-X3)-S1W3, Z3=Z1Z2W,
Wherein,W=U1-U2, R=S1-S2, T= U1+U2, M=S1+S2, V=TW2-2X3
Wherein, P and Q indicates two different points on elliptic curve.
5. point processing method according to any one of claims 1 to 3, which is characterized in that
IfQ=(X2,Y2),When,
The arithmetic of rational point form of expression under the affine-Modified Jacobian mixed proportion are as follows: X3=R2-TW2, Y3=R (X1W2-X3)-Y1W3, Z3=Z1WWherein,W=X1-U2, R= Y1-S2, T=U1+U2
Wherein, P and Q indicates two different points on elliptic curve.
6. point processing method according to any one of claims 1 to 3, which is characterized in that
If
The point algorithm form of expression again under the Modified Jacobian projective coordinate system are as follows: X3=M2- 2S, Y3=M (S- X3)-T, Z3=2Y1Z2,Wherein,
Wherein, Q indicates a point on elliptic curve.
7. a kind of point processing device, which is characterized in that include at least: point processing unit;
The point processing unit includes: point processing controller, modified Jacobian Modified Jacobian projection Point add operation circuit under coordinate system, the point add operation circuit under affine-Modified Jacobian mixed proportion and Point doubling circuit under Modified Jacobian projective coordinate system;
Wherein, the point processing controller, the algorithm types used for confirming this point processing;When using ECC algorithm, directly It connects the point add operation circuit under the modified Jacobian Modified Jacobian projective coordinate system of calling or point is transported again It calculates circuit and completes this point processing;When using SM2 algorithm, call under affine-Modified Jacobian mixed proportion Point doubling circuit under point add operation circuit or Modified Jacobian projective coordinate system completes this point processing.
8. point processing device according to claim 7, which is characterized in that
The point processing controller is specifically used for judging whether this point processing is fixed point scalar multiplication when using SM2 algorithm Operation;When this point processing is fixed point scalar multiplication, call under affine-Modified Jacobian mixed proportion Point add operation circuit or Modified Jacobian projective coordinate system under point doubling circuit complete this point processing;? When this point processing is not fixed point scalar multiplication, the point add operation under Modified Jacobian projective coordinate system is called Circuit or point doubling circuit complete this point processing.
CN201710601306.6A 2017-07-21 2017-07-21 A kind of point processing method and device that ECC and SM2 is general Pending CN109284082A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710601306.6A CN109284082A (en) 2017-07-21 2017-07-21 A kind of point processing method and device that ECC and SM2 is general

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710601306.6A CN109284082A (en) 2017-07-21 2017-07-21 A kind of point processing method and device that ECC and SM2 is general

Publications (1)

Publication Number Publication Date
CN109284082A true CN109284082A (en) 2019-01-29

Family

ID=65185340

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710601306.6A Pending CN109284082A (en) 2017-07-21 2017-07-21 A kind of point processing method and device that ECC and SM2 is general

Country Status (1)

Country Link
CN (1) CN109284082A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048844A (en) * 2019-03-29 2019-07-23 网御安全技术(深圳)有限公司 Realize more times of point calculating methods, devices of SM2 algorithm
CN114205085A (en) * 2021-12-03 2022-03-18 东北大学 Optimization processing method of SM2 and transformation method of super book fabric platform
CN114594925A (en) * 2022-03-17 2022-06-07 安徽师范大学 Efficient modular multiplication circuit suitable for SM2 encryption operation and operation method thereof

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102609239A (en) * 2011-09-01 2012-07-25 北京华大信安科技有限公司 ECC (elliptic curve cryptography) coprocessor
CN103631660A (en) * 2013-09-23 2014-03-12 中国科学院数据与通信保护研究教育中心 Method and device for distributing storage resources in GPU in big integer calculating process
CN104503730A (en) * 2014-10-24 2015-04-08 山东华芯半导体有限公司 Instruction-based large-number point addition and point multiplication operation circuit and realization method
WO2016091166A1 (en) * 2014-12-10 2016-06-16 山东华芯半导体有限公司 Arithmetic circuit and data transfer method
US20170187530A1 (en) * 2015-12-23 2017-06-29 Intel Corporation Elliptic curve hardware integrated circuit

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102609239A (en) * 2011-09-01 2012-07-25 北京华大信安科技有限公司 ECC (elliptic curve cryptography) coprocessor
CN103631660A (en) * 2013-09-23 2014-03-12 中国科学院数据与通信保护研究教育中心 Method and device for distributing storage resources in GPU in big integer calculating process
CN104503730A (en) * 2014-10-24 2015-04-08 山东华芯半导体有限公司 Instruction-based large-number point addition and point multiplication operation circuit and realization method
WO2016091166A1 (en) * 2014-12-10 2016-06-16 山东华芯半导体有限公司 Arithmetic circuit and data transfer method
US20170187530A1 (en) * 2015-12-23 2017-06-29 Intel Corporation Elliptic curve hardware integrated circuit

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048844A (en) * 2019-03-29 2019-07-23 网御安全技术(深圳)有限公司 Realize more times of point calculating methods, devices of SM2 algorithm
CN110048844B (en) * 2019-03-29 2020-09-11 网御安全技术(深圳)有限公司 Multi-point calculation method and device for realizing SM2 algorithm
CN114205085A (en) * 2021-12-03 2022-03-18 东北大学 Optimization processing method of SM2 and transformation method of super book fabric platform
CN114594925A (en) * 2022-03-17 2022-06-07 安徽师范大学 Efficient modular multiplication circuit suitable for SM2 encryption operation and operation method thereof

Similar Documents

Publication Publication Date Title
JP4067818B2 (en) Elliptic curve cryptography apparatus, elliptic curve cryptography program, and elliptic curve cryptography calculation method
Pelzl et al. Hyperelliptic curve cryptosystems: Closing the performance gap to elliptic curves
JP4752313B2 (en) Cryptographic processing operation method, cryptographic processing apparatus, and computer program
EP1306750A2 (en) Multi-scalar multiplication computation in elliptic curve signature verification
JP4682852B2 (en) Cryptographic processing apparatus, cryptographic processing method, and computer program
Kocabaş et al. Implementation of binary Edwards curves for very-constrained devices
CN101834723A (en) RSA (Rivest-Shamirh-Adleman) algorithm and IP core
CN101371285B (en) Encryption processing device, encryption processing method
CN101221491B (en) Point addition system of elliptic curve cipher system
CN100428140C (en) Implement method of elliptic curve cipher system coprocessor
CN109284082A (en) A kind of point processing method and device that ECC and SM2 is general
CN101262345A (en) Time point system for ellipse curve password system
CN105790939A (en) Prime number field elliptic curve cryptography system of VLSI realization accelerator
CN109145616A (en) The realization method and system of SM2 encryption, signature and key exchange based on efficient modular multiplication
CN110704109B (en) Elliptic curve password coprocessor
JP3794266B2 (en) Elliptic curve scalar multiplication method and apparatus, and storage medium
KR101223498B1 (en) Method for generating public key in elliptic curve cryptography and system for executing the method
CN103888246A (en) Low-energy-consumption small-area data processing method and data processing device thereof
CN113467752B (en) Division operation device, data processing system and method for private calculation
Zeidler et al. Design of a low-power asynchronous elliptic curve cryptography coprocessor
JP2004125891A (en) Power remainder computer
KR20080050054A (en) Method for generating sparse w-naf key, method for processing and method for encrypting thereof
JP4599859B2 (en) Cryptographic processing operation method, cryptographic processing apparatus, and computer program
Adachi et al. Combination of mixed coordinates strategy and direct computations for efficient scalar multiplications
KR100974624B1 (en) Method and Apparatus of elliptic curve cryptography processing in sensor mote and Recording medium using it

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190129