CN110704109A - Elliptic curve password coprocessor - Google Patents

Elliptic curve password coprocessor Download PDF

Info

Publication number
CN110704109A
CN110704109A CN201910940603.2A CN201910940603A CN110704109A CN 110704109 A CN110704109 A CN 110704109A CN 201910940603 A CN201910940603 A CN 201910940603A CN 110704109 A CN110704109 A CN 110704109A
Authority
CN
China
Prior art keywords
gate
reg
elliptic curve
module
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910940603.2A
Other languages
Chinese (zh)
Other versions
CN110704109B (en
Inventor
刘冬生
卢楷文
鄢奉赜
刘星杰
刘波
张聪
罗香华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huazhong University of Science and Technology
Hikstor Technology Co Ltd
Original Assignee
Huazhong University of Science and Technology
Hikstor Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huazhong University of Science and Technology, Hikstor Technology Co Ltd filed Critical Huazhong University of Science and Technology
Priority to CN201910940603.2A priority Critical patent/CN110704109B/en
Publication of CN110704109A publication Critical patent/CN110704109A/en
Application granted granted Critical
Publication of CN110704109B publication Critical patent/CN110704109B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/38Concurrent instruction execution, e.g. pipeline, look ahead
    • G06F9/3877Concurrent instruction execution, e.g. pipeline, look ahead using a slave processor, e.g. coprocessor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Abstract

The invention discloses an elliptic curve password coprocessor which comprises a data input module AHB Interface, an operation control module PMC, a data storage module Reg _ Array and a finite field operation module FFAU; the data input module AHB Interface is used as an Interface for communicating with the main processor and is used for inputting system parameters required by elliptic curve point multiplication operation; the operation control module PMC is used for controlling and selecting an elliptic curve point multiplication formula according to the logic level of the highest bit of the random number; the data storage module Reg _ Array is used for storing elliptic curve point multiplication operation parameters, temporary variables of elliptic curve point multiplication operation and elliptic curve point multiplication operation results; the finite field operation module FFAU is used for carrying out finite field module operation according to an operation instruction of the operation control module PMC and an operand of the data storage module Reg _ Array, and returning a result to the Reg _ Array. The method simplifies the control logic and the register data updating frequency during elliptic curve point multiplication operation, realizes the elliptic curve password coprocessing with low power consumption, reduces the computing resources and improves the computing efficiency on the prior basis.

Description

Elliptic curve password coprocessor
Technical Field
The invention belongs to the technical field of information security, and particularly relates to an elliptic curve cryptography coprocessor.
Background
Modern public key cryptography builds on three mathematical problems, namely Integer Factorization (IFP), Discrete Logarithm (DLP), and Discrete Logarithm on Elliptic Curves (ECDLP). The RSA algorithm based on the integer decomposition problem is not suitable for being integrated in a low-power-consumption security device because the energy cost of a hardware computing circuit is too large due to the overlong key of the RSA algorithm. Compared with RSA, Elliptic Curve Cryptography (ECC) can achieve the same security level as RSA with a shorter key, and requires less circuit resources in hardware implementation, so ECC is suitable for integration in low-power security devices.
The core calculation process of ECC is to multiply a random number k with a base point G on an elliptic curve to obtain another point Q on the elliptic curve which is k × G, and this calculation process is called elliptic curve scalar point multiplication. In the calculation of the scalar dot product of the elliptic curve, the coordinates of the temporary point generated by the calculation need to be repeatedly accessed. Register data updates caused by coordinate accesses are a major source of power consumption in the operation of elliptic curve crypto processors. For safety equipment with limited energy supply, hardware acceleration is realized by the existing structure based on parallel computing of each operation level, although the operation efficiency is obviously improved, the reduction of the power consumption of an elliptic curve cryptoprocessor in operation still needs to be improved, and how to design an encryption hardware architecture with low resource overhead such as time-sharing multiplexing and assembly lines and how to design and optimize the capacity of an elliptic curve scalar multiplication algorithm in relation to the performance, the power consumption and the operation efficiency of the whole coprocessor.
Disclosure of Invention
Aiming at the defects of the prior art, the invention aims to provide an elliptic curve cryptography coprocessor, aiming at reducing the power consumption generated during elliptic curve point multiplication operation so as to adapt to the requirement of security equipment on the power consumption.
In order to achieve the purpose, the invention provides an elliptic curve cryptography coprocessor, which comprises a data input module AHB Interface, an operation control module PMC, a data storage module Reg _ Array and a finite field operation module FFAU; the data input module AHB Interface is used as an Interface for communicating with the main processor and is used for inputting system parameters required by elliptic curve point multiplication operation; the operation control module PMC is used for controlling and selecting an elliptic curve point multiplication formula according to the logic level of the highest bit of the random number k; the data storage module Reg _ Array is used for storing elliptic curve point multiplication operation parameters, temporary variables of elliptic curve point multiplication operation and elliptic curve point multiplication operation results; the finite field operation module FFAU is used for carrying out finite field module operation according to an operation instruction of the operation control module PMC and an operand of the data storage module Reg _ Array, and returning a result to the Reg _ Array.
Further, the main processor is a 32-bit embedded microprocessor, and sends out a coprocessor protocol instruction to the coprocessor and performs data exchange.
Further, the data input module AHB Interface includes 7 input signals, which are HREADY _ IN, HSEL, HTRANS [1], HWRITE, respectively, with bit width of 1 bit; HADDR [5:2], R _ addr [3:0] with a bit width of 4 bits; a write data bus HWDATA having a bit width of 32 bits; the output signal is a read data bus HRDATA with 32bits bit width;
HREADY _ IN, HSEL, HTRANS [1], HWRITE constitute a Write enable signal Write _ access and a Read control signal Read _ access.
Further, the circuit of the data input module AHB Interface includes:
a first not gate A, a second not gate B, a third not gate C, a first AND gate 1, a second AND gate 2, a third AND gate 3, a fourth AND gate 4, a fifth AND gate 5, a sixth AND gate 6, a seventh AND gate 7, an eighth AND gate 8, a ninth AND gate 9, a tenth AND gate 10, a first two-way selector M1, a second two-way selector M2, a D trigger D1 and an OR gate 11;
HREADY _ IN, HSEL, HTRANS [1] and HWRITE are respectively connected to the input ends of a first AND gate 1 and a second AND gate 2, the output ends of the first AND gate 1 and the second AND gate 2 are connected to the input end of a third AND gate 3, and the output end of the third AND gate 3 is marked as a Write enable signal Write _ access;
HWRITE is connected to the input end of a first NOT gate A, the output end of the first NOT gate A and HREADY _ IN, HSEL and HTRANS [1] are respectively connected to the input ends of a fourth AND gate 4 and a fifth AND gate 5, the output ends of the fourth AND gate 4 and the fifth AND gate 5 are connected to the input end of a sixth AND gate 6, and the output end of the sixth AND gate 6 is recorded as a Read enable signal Read _ access;
HADDR [5:2] and R _ addr [3:0] are connected to the input terminal of a seventh AND gate 7, and HADDR [5:2] and R _ addr [3:0] are connected to the input terminal of an eighth AND gate 8 through a second NOT gate B and a third NOT gate C, the output terminals of the seventh AND gate 7 and the eighth AND gate 8 are connected to the input terminal of an OR gate 11, and the output terminal of the OR gate 11 is written as a special function register selection signal SFR _ sel;
the special function register selection signal SFR _ sel is respectively connected with the Write enable signal Write _ access and the Read enable signal Read _ access to the input ends of a ninth and gate 9 and a tenth and gate 10, the output end of the ninth and gate 9 is recorded as a register Write enable signal REG _ Wr _ en, and the output end of the tenth and gate 10 is recorded as a register Read enable signal REG _ Rd _ en;
REG _ Wr _ en is connected to a data input terminal of the D flip-flop D1, a data output terminal of the D flip-flop D1 serves as a selection signal of the second demultiplexer M2, two input signals of the second demultiplexer M2 are read data buses HWDATA and 0 of 32bits, respectively, and the read data buses HWDATA are sent into the memory array MEM when REG _ Wr _ en is 1; REG _ Rd _ en is used as a selection signal of the first two-way selector M1, two input signals of the first two-way selector M1 are 32bits data and 0 from the memory array MEM, respectively, and the 32bits data from the memory array MEM is loaded onto the 32bits read data bus HRDATA when REG _ Rd _ en is 1.
Further, the operation control module PMC includes a Data Precomputation unit Data Precomputation, a coordinate exchange unit Coordinates Switch, a point addition and point multiplication computing unit Madd/mduble under projective Coordinates, and a coordinate conversion unit Mxy, and the operation control module PMC provides a specific computing instruction required by the finite field operation module according to a computing formula of the point multiplication computing unit Madd/mduble, and also embeds a counter to compute the number of shifts of the random number k.
Further, the data storage module Reg _ Array comprises three types of registers, namely Reg _ k, Reg _ c, Reg _ x and Reg _ y for storing elliptic curve point multiplication operation parameters; storing the initial values and the result REG _ A, REG _ B, REG _ C, REG _ D and REG _ T of the elliptic curve point multiplication operation; REG _ T1, REG _ T2 storing elliptic curve calculation operation temporary variables; the elliptic curve point multiplication operation parameter is imported by a data input module AHB Interface through a 32bits write data bus HWDATA, the source operand of the finite field operation module FFAU is provided by REG _ A and REG _ B, and the final calculation result is returned by a read data bus HRDATA.
Further, the finite field operation module FFAU includes three basic calculation units of modulo plus add, modulo multiply mul, and modulo square sqr; the finite field operation module FFAU has the input of two source operands input _ A and input _ B, a calculation enable signal comp _ en and an operation code operator _ code. The opcode determines which elementary arithmetic unit the register Reg _ o receives data from.
Through the technical scheme, compared with the prior art, the invention has the following beneficial effects:
1. the invention provides an elliptic curve cipher coprocessor which is divided into four sub-modules, namely a data input module AHBInterface, an operation control module PMC, a data storage module Reg _ Array and a finite field operation module FFAU, wherein the PMC optimizes the conversion mode from projective coordinates to affine coordinates to simplify the control logic, thereby reducing the register data updating frequency during elliptic curve point multiplication operation and realizing the elliptic curve cipher coprocessing with low power consumption; the FFAU optimizes the calculation logic of point addition and point multiplication in the point multiplication module, and adopts the multiplexing design of a serial shift modular multiplication unit and a modular addition and modular subtraction unit, thereby reducing the calculation resource and improving the calculation efficiency on the original basis;
2. the invention reduces the times of mutual conversion between logic '0' and logic '1' in the register by separately processing the common part and the characteristic part of point addition and point multiplication calculation in the point multiplication process of the elliptic curve, thereby reducing the power consumption of the elliptic curve password coprocessor during working.
Drawings
Fig. 1 is a schematic structural diagram of an elliptic curve cryptography coprocessor according to an embodiment of the present invention;
FIG. 2 is a circuit diagram of an AHB Interface according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an operation control module PMC according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a data storage module Reg _ Array according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an operation control module PMC according to an embodiment of the present invention;
FIG. 6 is a flowchart illustrating a process of elliptic curve point-by-budget calculation according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. In addition, the technical features involved in the embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
The invention provides an elliptic curve password coprocessor, as shown in figure 1, comprising a data input module AHBInterface, an operation control module PMC, a data storage module Reg _ Array and a finite field operation module FFAU; the data input module AHB Interface is used as an Interface for communicating with the main processor and is used for inputting system parameters required by elliptic curve point multiplication operation; the operation control module PMC is used for controlling and selecting an elliptic curve point multiplication formula according to the logic level of the highest bit of the random number k; the data storage module Reg _ Array is used for storing elliptic curve point multiplication operation parameters, temporary variables of elliptic curve point multiplication operation and elliptic curve point multiplication operation results; the finite field operation module FFAU is used for carrying out finite field module operation according to an operation instruction of the operation control module PMC and an operand of the data storage module Reg _ Array, and returning a result to the Reg _ Array.
Specifically, the main processor is a 32-bit embedded microprocessor, and sends out a coprocessor protocol instruction to the coprocessor and performs data exchange.
As shown IN FIG. 2, the data input module AHB Interface includes 7 input signals, HREADY _ IN, HSEL, HTRANS [1], HWRITE with bit width of 1 bit; HADDR [5:2], R _ addr [3:0] with a bit width of 4 bits; a write data bus HWDATA having a bit width of 32 bits; the output signal is a read data bus HRDATA with 32bits bit width;
HREADY _ IN, HSEL, HTRANS [1], HWRITE constitute a Write enable signal Write _ access and a Read control signal Read _ access.
Specifically, the circuit of the data input module AHB Interface includes:
a first not gate A, a second not gate B, a third not gate C, a first AND gate 1, a second AND gate 2, a third AND gate 3, a fourth AND gate 4, a fifth AND gate 5, a sixth AND gate 6, a seventh AND gate 7, an eighth AND gate 8, a ninth AND gate 9, a tenth AND gate 10, a first two-way selector M1, a second two-way selector M2, a D trigger D1 and an OR gate 11;
HREADY _ IN, HSEL, HTRANS [1] and HWRITE are respectively connected to the input ends of a first AND gate 1 and a second AND gate 2, the output ends of the first AND gate 1 and the second AND gate 2 are connected to the input end of a third AND gate 3, and the output end of the third AND gate 3 is marked as a Write enable signal Write _ access;
HWRITE is connected to the input end of a first NOT gate A, the output end of the first NOT gate A and HREADY _ IN, HSEL and HTRANS [1] are respectively connected to the input ends of a fourth AND gate 4 and a fifth AND gate 5, the output ends of the fourth AND gate 4 and the fifth AND gate 5 are connected to the input end of a sixth AND gate 6, and the output end of the sixth AND gate 6 is recorded as a Read enable signal Read _ access;
HADDR [5:2] and R _ addr [3:0] are connected to the input terminal of a seventh AND gate 7, and HADDR [5:2] and R _ addr [3:0] are connected to the input terminal of an eighth AND gate 8 through a second NOT gate B and a third NOT gate C, the output terminals of the seventh AND gate 7 and the eighth AND gate 8 are connected to the input terminal of an OR gate 11, and the output terminal of the OR gate 11 is written as a special function register selection signal SFR _ sel;
the special function register selection signal SFR _ sel is respectively connected with the Write enable signal Write _ access and the Read enable signal Read _ access to the input ends of a ninth and gate 9 and a tenth and gate 10, the output end of the ninth and gate 9 is recorded as a register Write enable signal REG _ Wr _ en, and the output end of the tenth and gate 10 is recorded as a register Read enable signal REG _ Rd _ en;
REG _ Wr _ en is connected to a data input terminal of the D flip-flop D1, a data output terminal of the D flip-flop D1 serves as a selection signal of the second demultiplexer M2, two input signals of the second demultiplexer M2 are read data buses HWDATA and 0 of 32bits, respectively, and the read data buses HWDATA are sent into the memory array MEM when REG _ Wr _ en is 1; REG _ Rd _ en is used as a selection signal of the first two-way selector M1, two input signals of the first two-way selector M1 are 32bits data and 0 from the memory array MEM, respectively, and the 32bits data from the memory array MEM is loaded onto the 32bits read data bus HRDATA when REG _ Rd _ en is 1.
As shown in fig. 3, the arithmetic control module PMC includes a Data Precomputation unit Data Precomputation, a coordinate exchange unit Coordinates Switch, a point addition and point multiplication computing unit Madd/mduble under projective Coordinates, and a coordinate conversion unit Mxy, and the arithmetic control module PMC provides a specific computing instruction required by the finite field computing module according to a computing formula of the point multiplication computing unit Madd/mduble, and also incorporates a counter to compute the shift times of the random number k.
As shown in fig. 4, further, the data storage module Reg _ Array includes three types of registers, which are Reg _ k, Reg _ c, Reg _ x, Reg _ y for storing elliptic curve point multiplication operation parameters; storing the initial values and the result REG _ A, REG _ B, REG _ C, REG _ D and REG _ T of the elliptic curve point multiplication operation; REG _ T1, REG _ T2 storing elliptic curve calculation operation temporary variables; the elliptic curve point multiplication operation parameter is imported by a data input module AHB Interface through a 32bits write data bus HWDATA, the source operand of the finite field operation module FFAU is provided by REG _ A and REG _ B, and the final calculation result is returned by a read data bus HRDATA.
As shown in fig. 5, the finite field operation module FFAU includes three basic calculation units, i.e., modulo plus add, modulo multiply mul, and modulo square sqr; the finite field operation module FFAU has the input of two source operands input _ A and input _ B, a calculation enable signal comp _ en and an operation code operator _ code. The opcode determines which elementary arithmetic unit the register Reg _ o receives data from.
The elliptic curve scalar point multiplication operation Q, k × G, is the core operation of the elliptic curve cryptosystem, where point G is the base point on the elliptic curve, k is generally provided by a random number generator, and the calculation result Q is still one point on the elliptic curve. In calculating the scalar point multiplication of the elliptic curve, a montgomery point multiplication algorithm under the L-D projective coordinates is generally adopted, and the calculation flow is shown in fig. 6.
In step 602, the coordinates G of the base point of the elliptic curve and the random number k are input, wherein k corresponds to the position each time the cycleiThe ith bit of data which is a random number k has the same bit length as that of the elliptic curve coordinate.
In step 604, the result Q to be output is preset to 0, and i — m is the number of cycles.
In step 606, a pre-calculation operation is performed, and the registers REG _ a, REG _ B, REG _ C, REG _ D shown in fig. 5 are initialized with the calculation results.
In step 608, i is determined to be 0 since minus one. If the value is 0, the calculation is ended, and the step 616 is skipped to, and the Mxy operation is executed. If it is 1, go to step 610.
In step 610, a decision k is madeiWhether or not the value of (2) is 0. If not, go to step 614 to perform the dot-add calculation. If the value is 0, go to step 612 to perform dot multiplication.
In step 612, the dot magnification calculation is completed and then the loop returns to step 608 for the next loop.
In step 614, the calculation is completed and the loop returns to step 608 for the next loop.
In step 616, the Mxy operation is performed and the calculation result is assigned to Q.
The calculation formulas of Madd/Mdouble and Mxy are as follows:
Figure BDA0002222757620000081
Figure BDA0002222757620000082
wherein the initialized coordinate of the point Q is (0, 0); let X1=x,Z1=1,X2=x4+b,Z2=x2(ii) a From the calculation flow, kiThe value of (d) does not affect the result of Madd. In the register array shown in fig. 5, REG _ a, REG _ B, REG _ C, REG _ D store X after each loop calculation is completed1,Z1,X2,Z2The value of (c). Based on the above observations, it is possible to calculate k before each calculationiDetermines whether the values stored in registers REG _ a, REG _ B, REG _ C, REG _ D need to be swapped, thereby achieving the calculation of dot addition and dot multiplication. For example, when kiWhen the value is 0, the value in the circular register group is transferred three times in sequence, and the REG _ A, the REG _ B, the REG _ C and the REG _ D can be stored with X respectively2,Z2,X1,Z1Can then be in accordance with kiThe calculation is carried out for the calculation flow of 1 hour, thereby simplifying the calculation flow of point addition and point doubling and further achieving the purpose of reducing power consumption.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and that any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (7)

1. An elliptic curve cipher coprocessor is characterized by comprising a data input module AHB Interface, an operation control module PMC, a data storage module Reg _ Array and a finite field operation module FFAU;
the data input module AHB Interface is used as an Interface for communicating with the main processor and is used for inputting elliptic curve point multiplication operation parameters; the operation control module PMC is used for controlling and selecting an elliptic curve point multiplication formula; the data storage module Reg _ Array is used for storing elliptic curve point multiplication operation parameters, temporary variables of elliptic curve point multiplication operation and elliptic curve point multiplication operation results; the finite field operation module FFAU is used for carrying out finite field module operation according to an operation instruction of the operation control module PMC and an operand of the data storage module Reg _ Array.
2. The elliptic curve cryptography coprocessor of claim 1, wherein the main processor is a 32-bit embedded microprocessor, and coprocessor protocol instructions are sent to the coprocessor and data exchange is carried out.
3. Elliptic curve cryptoprocessor according to claim 1, characterized IN that the data input module AHBInterface comprises 7 input signals, respectively HREADY _ IN, HSEL, HTRANS [1], HWRITE, each of which has a bit width of 1 bit; HADDR [5:2], R _ addr [3:0] with a bit width of 4 bits; a write data bus HWDATA having a bit width of 32 bits; the output signal is a read data bus HRDATA with 32bits bit width;
HREADY _ IN, HSEL, HTRANS [1], HWRITE constitute a Write enable signal Write _ access and a Read control signal Read _ access.
4. The elliptic curve cryptography coprocessor of claim 3, wherein said data input module AHBInterface circuit comprises:
the first NOT gate, the second NOT gate, the third NOT gate, the first AND gate, the second AND gate, the third AND gate, the fourth AND gate, the fifth AND gate, the sixth AND gate, the seventh AND gate, the eighth AND gate, the ninth AND gate, the tenth AND gate, the first two-way selector, the second two-way selector, the D trigger and the OR gate;
HREADY _ IN, HSEL, HTRANS [1] and HWRITE are respectively connected to the input ends of a first AND gate and a second AND gate, the output ends of the first AND gate and the second AND gate are connected to the input end of a third AND gate, and the output end of the third AND gate is marked as a Write enable signal Write _ access;
the HWRITE is connected to the input end of a first NOT gate, the output end of the first NOT gate and the HREADY _ IN, HSEL and HTRANS [1] are respectively connected to the input ends of a fourth AND gate and a fifth AND gate, the output ends of the fourth AND gate and the fifth AND gate are connected to the input end of a sixth AND gate, and the output end of the sixth AND gate is recorded as a Read enable signal Read _ access;
the HADDR [5:2] and the R _ addr [3:0] are connected to the input end of a seventh AND gate, the HADDR [5:2] and the R _ addr [3:0] are connected to the input end of an eighth AND gate through a second NOT gate and a third NOT gate, the output ends of the seventh AND gate and the eighth AND gate are connected to the input end of an OR gate, and the output end of the OR gate is recorded as a special function register selection signal SFR _ sel;
the special function register selection signal SFR _ sel is respectively connected with the Write enable signal Write _ access and the Read enable signal Read _ access to the input ends of a ninth AND gate and a tenth AND gate, the output end of the ninth AND gate is recorded as a register Write enable signal REG _ Wr _ en, and the output end of the tenth AND gate is recorded as a register Read enable signal REG _ Rd _ en;
the REG _ Wr _ en is connected to a data input end of the D flip-flop, a data output end of the D flip-flop is used as a selection signal of the second two-way selector, two input signals of the second two-way selector are read data buses HWDATA and 0 of 32bits respectively, and when the REG _ Wr _ en is 1, the read data buses HWDATA are sent into the memory array MEM; the REG _ Rd _ en is used as a selection signal of the first two-way selector, two input signals of the first two-way selector are respectively 32bits of data and 0 from the memory array MEM, and when the REG _ Rd _ en is 1, the 32bits of data from the memory array MEM is loaded onto the 32bits read data bus HRDATA.
5. The elliptic curve cryptography coprocessor of claim 1, wherein the arithmetic control module PMC comprises a Data Precomputation unit Data Precomputation, a coordinate exchange unit Coordinates Switch, a point addition and point multiplication calculation unit Madd/mdoluble under projective Coordinates, and a coordinate conversion unit Mxy, and the arithmetic control module PMC gives specific calculation instructions required by the finite field arithmetic module according to a calculation formula of the point multiplication calculation unit Madd/mdoluble, and also incorporates a counter to calculate the number of shifts of the random number k.
6. The elliptic curve cryptography coprocessor of claim 1 wherein the data storage module Reg _ Array comprises three types of registers, respectively Reg _ k, Reg _ c, Reg _ x, Reg _ y, that store elliptic curve point multiplication parameters; storing the initial values and the result REG _ A, REG _ B, REG _ C, REG _ D and REG _ T of the elliptic curve point multiplication operation; REG _ T1, REG _ T2 storing elliptic curve calculation operation temporary variables; the elliptic curve point multiplication operation parameter is imported by a data input module AHBInterface interface through a 32bits write data bus HWDATA, the source operands of the finite field operation module FFAU are provided by REG _ A and REG _ B, and the final calculation result is returned by a read data bus HRDATA.
7. The elliptic curve cryptoprocessor of claim 1 wherein the finite field arithmetic module FFAU comprises three basic computational units, modulo plus add, modulo multiply mul, and modulo square sqr; the finite field operation module FFAU has the input of two source operands input _ A and input _ B, a calculation enable signal comp _ en and an operation code operator _ code.
CN201910940603.2A 2019-09-30 2019-09-30 Elliptic curve password coprocessor Active CN110704109B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910940603.2A CN110704109B (en) 2019-09-30 2019-09-30 Elliptic curve password coprocessor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910940603.2A CN110704109B (en) 2019-09-30 2019-09-30 Elliptic curve password coprocessor

Publications (2)

Publication Number Publication Date
CN110704109A true CN110704109A (en) 2020-01-17
CN110704109B CN110704109B (en) 2021-10-08

Family

ID=69197910

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910940603.2A Active CN110704109B (en) 2019-09-30 2019-09-30 Elliptic curve password coprocessor

Country Status (1)

Country Link
CN (1) CN110704109B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111865560A (en) * 2020-06-23 2020-10-30 华中科技大学 AES password coprocessor and terminal equipment
CN114489571A (en) * 2022-04-15 2022-05-13 广州万协通信息技术有限公司 Asymmetric algorithm calculation circuit
CN116186794A (en) * 2022-12-30 2023-05-30 海光信息技术股份有限公司 Cryptographic coprocessor, cryptographic processing method, chip and computer device

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070185950A1 (en) * 2006-02-09 2007-08-09 Masayuki Yoshino Modular multiplication processing apparatus
CN101826142A (en) * 2010-04-19 2010-09-08 中国人民解放军信息工程大学 Reconfigurable elliptic curve cipher processor
CN102156836A (en) * 2011-04-25 2011-08-17 天津大学 Elliptic curve cipher processor
CN102279725A (en) * 2011-09-01 2011-12-14 北京华大信安科技有限公司 Elliptic curve cipher (ECC) co-processor
CN102307090A (en) * 2011-06-21 2012-01-04 西安电子科技大学 Elliptic curve password coprocessor based on optimal normal basis of II-type
EP2521024A1 (en) * 2011-05-04 2012-11-07 Giesecke & Devrient GmbH Accelerated cryptographic calculation, in particular ECC calculation, in processor with Montgomery coprocessor
CN103903047A (en) * 2014-03-27 2014-07-02 华中科技大学 Elliptic curve encryption coprocessor suitable for RFID security communication

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070185950A1 (en) * 2006-02-09 2007-08-09 Masayuki Yoshino Modular multiplication processing apparatus
CN101826142A (en) * 2010-04-19 2010-09-08 中国人民解放军信息工程大学 Reconfigurable elliptic curve cipher processor
CN102156836A (en) * 2011-04-25 2011-08-17 天津大学 Elliptic curve cipher processor
EP2521024A1 (en) * 2011-05-04 2012-11-07 Giesecke & Devrient GmbH Accelerated cryptographic calculation, in particular ECC calculation, in processor with Montgomery coprocessor
CN102307090A (en) * 2011-06-21 2012-01-04 西安电子科技大学 Elliptic curve password coprocessor based on optimal normal basis of II-type
CN102279725A (en) * 2011-09-01 2011-12-14 北京华大信安科技有限公司 Elliptic curve cipher (ECC) co-processor
CN103903047A (en) * 2014-03-27 2014-07-02 华中科技大学 Elliptic curve encryption coprocessor suitable for RFID security communication

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
JIAWANG HU 等: "A Novel Architecture of ECC Coprocessor for STT-MRAM Based Smart Card Chip", 《2018 IEEE INTERNATIONAL CONFERENCE ON INTEGRATED CIRCUITS, TECHNOLOGIES AND APPLICATIONS (ICTA)》 *
JIAWANG HU 等: "Design and Hardware Implementation of a STT-MRAM Based SoC Architecture for Smart Card Chip", 《2018 IEEE ASIA PACIFIC CONFERENCE ON CIRCUITS AND SYSTEMS (APCCAS)》 *
曾晓洋 等: "一种新型椭圆曲线密码系统协处理器的VLSI设计", 《系统工程与电子技术》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111865560A (en) * 2020-06-23 2020-10-30 华中科技大学 AES password coprocessor and terminal equipment
CN111865560B (en) * 2020-06-23 2021-07-27 华中科技大学 AES password coprocessor and terminal equipment
CN114489571A (en) * 2022-04-15 2022-05-13 广州万协通信息技术有限公司 Asymmetric algorithm calculation circuit
CN116186794A (en) * 2022-12-30 2023-05-30 海光信息技术股份有限公司 Cryptographic coprocessor, cryptographic processing method, chip and computer device
CN116186794B (en) * 2022-12-30 2024-04-16 海光信息技术股份有限公司 Cryptographic coprocessor, cryptographic processing method, chip and computer device

Also Published As

Publication number Publication date
CN110704109B (en) 2021-10-08

Similar Documents

Publication Publication Date Title
CN110704109B (en) Elliptic curve password coprocessor
Lee et al. Elliptic-curve-based security processor for RFID
Düll et al. High-speed Curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers
US6035317A (en) Modular arithmetic coprocessor comprising two multiplication circuits working in parallel
CN101170406B (en) A realization method for calculation coprocessor based on dual core public key password algorithm
Kocabaş et al. Implementation of binary Edwards curves for very-constrained devices
CN103942031B (en) Elliptic domain curve operations method
Knežević et al. Low-latency ECDSA signature verification—A road toward safer traffic
CN104579656A (en) Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm
JPH09274560A (en) Power remainder operation circuit, power remainder operation system and operation method for power remainder operation
CN102043916B (en) High-performance extensible public key password coprocessor structure
CN101834723A (en) RSA (Rivest-Shamirh-Adleman) algorithm and IP core
CN103903047B (en) Elliptic curve encryption coprocessor suitable for RFID security communication
CN100583757C (en) ECC/RSA encryption/decryption coprocessor
WO2000076119A1 (en) Cryptographic processing system
Liu et al. Design and implementation of an ECC-based digital baseband controller for RFID tag chip
Yang et al. Poseidon: Practical homomorphic encryption accelerator
CN109214213A (en) A kind of the realization circuit and method of big integer modular multiplication computation system
US8781112B2 (en) Signed montgomery arithmetic
CN114371829A (en) Data processing method in polynomial multiplier, polynomial multiplier and processor
CN114579078A (en) Accelerator, acceleration method and electronic equipment
CN101819519B (en) Multifunctional digital signing circuit
CN111079934A (en) Number theory transformation unit and method applied to error learning encryption algorithm on ring domain
CN114371828A (en) Polynomial multiplier and processor with same
Bie et al. An energy-efficient reconfigurable asymmetric modular cryptographic operation unit for RSA and ECC

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant