CN114489571A - Asymmetric algorithm calculation circuit - Google Patents

Asymmetric algorithm calculation circuit Download PDF

Info

Publication number
CN114489571A
CN114489571A CN202210392670.7A CN202210392670A CN114489571A CN 114489571 A CN114489571 A CN 114489571A CN 202210392670 A CN202210392670 A CN 202210392670A CN 114489571 A CN114489571 A CN 114489571A
Authority
CN
China
Prior art keywords
unit
modular
multiplication unit
calculation
modular multiplication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210392670.7A
Other languages
Chinese (zh)
Other versions
CN114489571B (en
Inventor
刘曼
王立峰
张奇惠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Wise Security Technology Co Ltd
Original Assignee
Guangzhou Wise Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Wise Security Technology Co Ltd filed Critical Guangzhou Wise Security Technology Co Ltd
Priority to CN202210392670.7A priority Critical patent/CN114489571B/en
Publication of CN114489571A publication Critical patent/CN114489571A/en
Application granted granted Critical
Publication of CN114489571B publication Critical patent/CN114489571B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/724Finite field arithmetic
    • G06F7/725Finite field arithmetic over elliptic curves
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Complex Calculations (AREA)

Abstract

The embodiment of the invention discloses an asymmetric algorithm calculation circuit, which divides an asymmetric algorithm into a plurality of calculation levels according to the priority sequence of calculation symbols in a corresponding calculation formula, adopts a calculation module for calculation of each calculation level, the connection mode of a calculation unit in each calculation module corresponds to the data transmission relation in the corresponding calculation level, and the connection relation between each calculation module corresponds to the data transmission relation between the corresponding calculation levels. According to the embodiment of the invention, through the mutual cooperation of the computing modules, the parallel computing of a plurality of computing formulas in the asymmetric algorithm can be realized, the computing speed and the computing efficiency of the asymmetric algorithm are improved, and the technical problem of low computing speed in the computing of the asymmetric algorithm in the prior art is solved.

Description

Asymmetric algorithm calculation circuit
Technical Field
The embodiment of the application relates to the field of digital IC circuit design, in particular to an asymmetric algorithm calculation circuit.
Background
At present, an elliptic curve encryption algorithm is usually used in an asymmetric cryptographic chip, a public key cipher of an elliptic curve is composed of operations of point multiplication, point addition and modular exponentiation based on curve calculation, and the public key cipher can be finally decomposed into operation modes of modular multiplication, modular addition and modular subtraction; the modulo addition and the modulo subtraction are less difficult to operate, the operation time is short, and the operation difficulty of the modulo multiplication is large, so that the operation time is long.
In the prior art, the point multiplication calculation is mainly realized by dividing the point multiplication into a point addition and a double point for calculation,
however, since the point addition and double point calculation is limited by the formula, the intermediate calculation result has a sequential calculation order, which greatly affects the calculation speed of the point addition and double point, resulting in a low calculation speed when the elliptic curve calculation method is used to realize the signature, signature verification, encryption, decryption and key generation of the asymmetric algorithm chip.
Disclosure of Invention
The embodiment of the invention provides an asymmetric algorithm calculation circuit, which can improve the speed of dot product calculation in an asymmetric algorithm and solve the technical problem of low operation speed in the calculation of the asymmetric algorithm in the prior art.
In a first aspect, an embodiment of the present invention provides an asymmetric algorithm calculation circuit, including multiple calculation units, where the multiple calculation units are configured to implement calculation of an asymmetric algorithm according to an input elliptic curve parameter, and the calculation units are configured to implement calculation of modular multiplication, modular addition, or modular subtraction;
the calculation units are divided into a plurality of calculation modules, each calculation module is used for calculating a corresponding calculation level in the asymmetric algorithm, the connection mode of the calculation units in each calculation module corresponds to the data transmission relation in the corresponding calculation level, the connection relation between the calculation modules corresponds to the data transmission relation between the corresponding calculation levels, and the asymmetric algorithm is divided into a plurality of calculation levels according to the priority sequence of calculation symbols in the corresponding calculation formula.
Preferably, the asymmetric algorithm is divided into six calculation levels according to a priority order of calculation symbols in a point-and-add calculation formula, and the plurality of calculation units are divided into a first calculation module, a second calculation module, a third calculation module, a fourth calculation module, a fifth calculation module and a sixth calculation module.
Preferably, the calculating unit of the first calculating module comprises a first modular multiplication unit, and the calculating unit of the second calculating module comprises a second modular multiplication unit, a third modular multiplication unit and a first modular subtraction unit; a first input and a second input of the first modular multiplication unit are used for receiving the elliptic curve parameters, the output end of the first modular multiplication unit is respectively connected with the first input end of the second modular multiplication unit and the first input end of the third modular multiplication unit, the second input end of the second modular multiplication unit is used for receiving the elliptic curve parameters, the output end of the second modular multiplication unit is connected with the input port of the third calculation module, the second input end of the third modular multiplication unit is used for receiving the elliptic curve parameters, the output end of the third modular multiplication unit is connected with the first input end of the first modulo reduction unit, the second input end of the first modulo reduction unit is used for receiving the elliptic curve parameters, and the output end of the first modulo reduction unit is respectively connected with the input port of the third calculation module and the input port of the fourth calculation module.
Preferably, the calculating unit of the third calculating module comprises a fourth modular multiplying unit, a second modular subtracting unit, a fifth modular multiplying unit and a sixth modular multiplying unit; a first input end of the fourth modular multiplication unit is connected with an output end of the second modular multiplication unit, a second input end of the fourth modular multiplication unit is used for receiving the elliptic curve parameters, an output end of the fourth modular multiplication unit is connected with a first input end of the second modular subtraction unit, a second input end of the second modular subtraction unit is used for receiving the elliptic curve parameters, an output end of the second modular subtraction unit is connected with an input port of the fourth calculation module and an input port of the Sovix sixth calculation module, a first input end and a second input end of the fifth modular multiplication unit are both connected with an output end of the first modular subtraction unit, an output end of the fifth modular multiplication unit is connected with an input port of the fourth calculation module, and a first input end of the sixth modular multiplication unit is connected with an output end of the first modular subtraction unit, and the second input end of the sixth modular multiplication unit is used for receiving the elliptic curve parameters.
Preferably, the calculating unit of the fourth calculating module comprises a seventh modular multiplying unit, an eighth modular multiplying unit and a ninth modular multiplying unit; the first input end and the second input end of the seventh modular multiplication unit are both connected with the output end of the second modular subtraction unit, the output end of the seventh modular multiplication unit is connected with the input port of the fifth calculation module, the first input end and the second input end of the eighth modular multiplication unit are respectively connected with the output end of the fifth modular multiplication unit and the output end of the first modular subtraction unit, the output end of the eighth modular multiplication unit is connected with the input port of the fifth calculation module, the first input end of the ninth modular multiplication unit is connected with the output end of the fifth modular multiplication unit, the second input end of the ninth modular multiplication unit is used for receiving the elliptic curve parameter, and the output end of the ninth modular multiplication unit is connected with the input port of the fifth calculation module and the input port of the sixth calculation module.
Preferably, the calculating unit of the fifth calculating module comprises a third modulo reduction unit, a tenth modulo multiplication unit, a first modulo addition unit and a second modulo addition unit; a first input terminal and a second input terminal of the third modulo reduction unit are respectively connected with an output terminal of the seventh modulo multiplication unit and an output terminal of the second modulo addition unit, the output end of the third modulo reduction unit is connected with the input port of the sixth calculation module, the first input end of the tenth modulo multiplication unit is connected with the output end of the eighth modulo multiplication unit, a second input end of the tenth modular multiplication unit is used for receiving the elliptic curve parameters, an output end of the tenth modular multiplication unit is connected with an input port of the sixth calculation module, the first input end and the second input end of the first modular adding unit are connected with the output end of the ninth modular multiplying unit, the output end of the first modulo unit is connected with the first input end of the second modulo unit, and a second input end of the second modulo addition unit is connected with an output end of the eighth modulo multiplication unit.
Preferably, the calculating unit of the sixth calculating module includes a fourth modulo reduction unit, an eleventh modulo multiplication unit, and a fifth modulo reduction unit, a first input end and a second input end of the fourth modulo reduction unit are respectively connected to an output end of the ninth modulo reduction unit and an output end of the third modulo reduction unit, a first input end and a second input end of the eleventh modulo multiplication unit are respectively connected to an output end of the fourth modulo reduction unit and an output end of the second modulo reduction unit, an output end of the eleventh modulo multiplication unit is connected to a first input end of the fifth modulo reduction unit, and a second input end of the fifth modulo reduction unit is connected to an output end of the tenth modulo reduction unit.
Preferably, the asymmetric algorithm is divided into five calculation levels according to a priority order of calculation symbols in a double-dot calculation formula, and the plurality of calculation units are divided into a seventh calculation module, an eighth calculation module, a ninth calculation module, a tenth calculation module, and an eleventh calculation module.
Preferably, the calculating unit of the seventh calculating module includes a twelfth modular multiplying unit, a thirteenth modular multiplying unit, a fourteenth modular multiplying unit and a fifteenth modular multiplying unit, an input end of the twelfth modular multiplying unit, an input end of the thirteenth modular multiplying unit, an input end of the fourteenth modular multiplying unit and an input end of the fifteenth modular multiplying unit are all used for receiving elliptic curve parameters, and an output end of the twelfth modular multiplying unit, an output end of the thirteenth modular multiplying unit, an output end of the fourteenth modular multiplying unit and an output end of the fifteenth modular multiplying unit are all connected with the input port of the eighth calculating module.
Preferably, the calculating unit of the eighth calculating module comprises a sixteenth modular multiplying unit, a seventeenth modular multiplying unit, an eighteenth modular multiplying unit and a nineteenth modular multiplying unit, a first input end of the sixteenth modular multiplying unit is connected with an output end of the twelfth modular multiplying unit, a second input end of the sixteenth modular multiplying unit is used for receiving the elliptic curve parameter, an output end of the sixteenth modular multiplying unit is connected with an input port of the tenth calculating module, a first input end and a second input end of the seventeenth modular multiplying unit are both connected with an output end of the thirteenth modular multiplying unit, an output end of the seventeenth modular multiplying unit is connected with an input port of the ninth calculating module, a first input end and a second input end of the eighteenth modular multiplying unit are respectively connected with an output end of the thirteenth modular multiplying unit and an output end of the fourteenth modular multiplying unit, the output end of the eighteenth modular multiplication unit is connected with the input port of the ninth calculation module and the input port of the tenth calculation module respectively, the first input end and the second input end of the nineteenth modular multiplication unit are connected with the output end of the fifteenth modular multiplication unit, and the output end of the nineteenth modular multiplication unit is connected with the input port of the ninth calculation module.
Preferably, the calculating unit of the ninth calculating module comprises a twentieth modular multiplying unit, a third modular adding unit and a twenty-first modular multiplying unit, a first input end of the twentieth modular multiplying unit is connected with an output end of the seventeenth modular multiplying unit, a second input end of the twentieth modular multiplying unit is used for receiving the elliptic curve parameter, an output end of the twentieth modular multiplying unit is connected with an input port of the eleventh calculating module, a first input end and a second input end of the third modular adding unit are both connected with an output end of the eighteenth modular multiplying unit, an output end of the third modular adding unit is connected with an input port of the tenth calculating module, a first input end of the twenty-first modular multiplying unit is connected with an output end of the nineteenth modular multiplying unit, a second input end of the twenty-first modular multiplying unit is used for receiving the elliptic curve parameter, and the output end of the twenty-one modular multiplication unit is connected with the input port of the tenth calculation module.
Preferably, the calculating unit of the tenth calculating module comprises a twenty-second modular multiplying unit, a fourth modular adding unit, a twenty-third modular multiplying unit, a sixth modular subtracting unit and a seventh modular subtracting unit; the input end of the twenty-second modular multiplication unit is used for receiving the elliptic curve parameter, the output end of the twenty-second modular multiplication unit is connected with the input port of the eleventh calculation module, the first input end and the second input end of the fourth modular addition unit are respectively connected with the output end of the sixteenth modular multiplication unit and the output end of the twenty-first modular multiplication unit, the output end of the fourth modular addition unit is connected with the input port of the eleventh calculation module, the first input end and the second input end of the twenty-third modular multiplication unit, the output end of the twenty-third modular multiplication unit is connected with the first input end of the sixth modular subtraction unit, the second input end of the sixth modular subtraction unit is connected with the output end of the third modular addition unit, and the output end of the sixth modular subtraction unit is connected with the first input end of the seventh modular subtraction unit, a second input end of the seventh modulo reduction unit is connected with an output end of the eighteenth modulo multiplication unit, and an output end of the seventh modulo reduction unit is connected with an input port of the eleventh calculation module.
Preferably, the computing unit of the eleventh computing module comprises a twenty-fourth modular multiplication unit, a twenty-fifth modular multiplication unit and an eighth modular subtraction unit; the first input end of the twenty-fourth modular multiplication unit is connected with the output end of the twenty-second modular multiplication unit, the second input end of the twenty-fourth modular multiplication unit is used for receiving the elliptic curve parameters, the first input end and the second input end of the twenty-fifth modular multiplication unit are respectively connected with the output end of the fourth modular addition unit and the output end of the seventh modular subtraction unit, the output end of the twenty-fifth modular multiplication unit is connected with the first input end of the eighth modular subtraction unit, and the second input end of the eighth modular subtraction unit is connected with the output end of the twenty-second modular multiplication unit.
In the foregoing, the asymmetric algorithm is divided into a plurality of computation levels according to the priority order of the computation symbols in the corresponding computation formula, and one computation module is used for computing each computation level, and the connection manner of the computation unit in each computation module corresponds to the data transmission relationship in the corresponding computation level, and the connection relationship between each computation module corresponds to the data transmission relationship between the corresponding computation levels. According to the embodiment of the invention, through the mutual cooperation of the computing modules, the parallel computing of a plurality of computing formulas in the asymmetric algorithm can be realized, the computing speed and the computing efficiency of the asymmetric algorithm are improved, and the technical problem of low computing speed in the computing of the asymmetric algorithm in the prior art is solved.
Drawings
Fig. 1 is a schematic structural diagram of an asymmetric algorithm calculation circuit according to an embodiment of the present invention.
Fig. 2 is a schematic structural diagram of another asymmetric algorithm calculation circuit according to an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a further asymmetric algorithm calculation circuit according to an embodiment of the present invention.
Reference numerals:
the calculation unit 1, the calculation module 2, the first modular multiplication unit U1, the second modular multiplication unit U2, the third modular multiplication unit U3, the first modular subtraction unit U4, the fourth modular multiplication unit U5, the second modular subtraction unit U6, the fifth modular multiplication unit U7, the sixth modular multiplication unit U8, the seventh modular multiplication unit U9, the eighth modular multiplication unit U10, the ninth modular multiplication unit U10, the third modular subtraction unit U10, the tenth modular multiplication unit U10, the first modular multiplication unit U10, the second modular multiplication unit U10, the fourth modular subtraction unit U10, the eleventh modular multiplication unit U10, the fifth modular subtraction unit U10, the twelfth modular multiplication unit U10, the thirteenth modular multiplication unit U10, the fourteenth modular multiplication unit U10, the fifteenth modular multiplication unit U10, the sixteenth modular multiplication unit U10, the twenty-th modular multiplication unit U10, the twenty-eighth modular multiplication unit U10, the twenty-ninth modular multiplication unit U10, the twenty-ninth unit U10, the twenty-ninth modular multiplication unit U10, the fifth modular multiplication unit U10, A fourth modulo addition unit U31, a twenty-third modulo multiplication unit U32, a sixth modulo subtraction unit U33, a seventh modulo subtraction unit U34, a twenty-fourth modulo multiplication unit U35, a twenty-fifth modulo multiplication unit U36, and an eighth modulo subtraction unit U37.
Detailed Description
The following description and the annexed drawings set forth in detail certain illustrative embodiments of the application so as to enable those skilled in the art to practice them. The examples merely typify possible variations. Individual components and functions are optional unless explicitly required, and the sequence of operations may vary. Portions and features of some embodiments may be included in or substituted for those of others. The scope of the embodiments of the present application includes the full ambit of the claims, as well as all available equivalents of the claims. Embodiments may be referred to herein, individually or collectively, by the term "invention" merely for convenience and without intending to voluntarily limit the scope of this application to any single invention or inventive concept if more than one is in fact disclosed. Herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, or terminal apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed. The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the structures, products and the like disclosed by the embodiments, the description is relatively simple because the structures, the products and the like correspond to the parts disclosed by the embodiments, and the relevant parts can be just described by referring to the method part.
As shown in fig. 1, fig. 1 is a schematic structural diagram of an asymmetric algorithm calculation circuit provided in an embodiment of the present invention, and includes multiple calculation units, where the multiple calculation units are configured to implement calculation of an asymmetric algorithm according to an input elliptic curve parameter, and the calculation units are configured to implement calculation of modular multiplication, modular addition, or modular subtraction.
The asymmetric algorithm calculation circuit provided in the present embodiment is composed of a plurality of calculation units 1, wherein each calculation unit 1 is used for performing one of a modulo multiplication, a modulo addition, or a modulo subtraction. In this embodiment, the connection relationship between the computing units 1 and the computing units 1 may be configured in advance according to the computation logic of the asymmetric algorithm to form an asymmetric algorithm computing circuit, so that after the elliptic curve parameters are input to the asymmetric algorithm computing circuit, each computing unit 1 in the asymmetric algorithm computing circuit may perform the computation of modular multiplication, modular addition or modular subtraction according to the input elliptic curve parameters, and input the computation result into the next computing unit 1 according to the connection relationship to implement the computation of the asymmetric algorithm.
The calculation units are divided into a plurality of calculation modules, each calculation module is used for calculating a corresponding calculation level in the asymmetric algorithm, the connection mode of the calculation units in each calculation module corresponds to the data transmission relation in the corresponding calculation level, the connection relation between the calculation modules corresponds to the data transmission relation between the corresponding calculation levels, and the asymmetric algorithm is divided into a plurality of calculation levels according to the priority sequence of the calculation symbols in the corresponding calculation formula.
In the present embodiment, the asymmetric algorithm is divided into a plurality of calculation levels according to the priority order of the calculation symbols in the corresponding calculation formula. For example, to briefly illustrate, for a calculation formula
Figure 313630DEST_PATH_IMAGE001
Wherein the brackets have the highest priority, the multiplication numbers have the highest priority and the addition numbers have the lowest priority, so that the calculation formula can be divided into 3 calculation levels according to the priority order of the calculation symbols, wherein the calculation levels are respectively
Figure 570168DEST_PATH_IMAGE002
Figure 502352DEST_PATH_IMAGE003
And
Figure 269582DEST_PATH_IMAGE004
. Similarly, in this embodiment, the calculation formula of the asymmetric algorithm may be divided into a plurality of calculation levels according to the priority order of the calculation symbols in the calculation formula of the asymmetric algorithm.
After the calculation formula of the asymmetric algorithm is divided into a plurality of calculation levels, the plurality of calculation units 1 can be divided into a plurality of calculation modules 2 according to the divided calculation levels, wherein each calculation module 2 is used for calculating a corresponding calculation level in the asymmetric algorithm. For example, in one embodiment, the method may compriseThe plurality of computing units 1 are divided into 3 computing modules 2, the first computing module being used to implement
Figure 705243DEST_PATH_IMAGE005
The second computing module is used for realizing
Figure 398261DEST_PATH_IMAGE006
A third computing module for implementing
Figure 286583DEST_PATH_IMAGE007
And (4) calculating. It can be understood that when there are multiple calculation formulas, one calculation module 2 can be used to calculate the calculation levels in different calculation formulas. For example, when there is also a formula
Figure 123083DEST_PATH_IMAGE008
Equation of time
Figure 413250DEST_PATH_IMAGE009
Are respectively two computation levels, respectively
Figure 277169DEST_PATH_IMAGE010
And
Figure 449525DEST_PATH_IMAGE011
at this time, the first computing module is also used for realizing
Figure 558557DEST_PATH_IMAGE012
The second computing module is also used for realizing
Figure 968810DEST_PATH_IMAGE013
The parallel computation of different computation formulas can be realized, and the computation speed is improved.
It should be further noted that, for the computing units 1 in each computing module 2, the connection mode between the computing units 1 corresponds to the data transmission relationship in the corresponding computing hierarchy, for example, for the computing units 1 in the first computing module, the connection mode between the computing units 1 and the computing unit 1Formula (II)
Figure 472473DEST_PATH_IMAGE014
Data transmission relationship of and
Figure 335386DEST_PATH_IMAGE015
the data transmission relations are corresponding, so that the first calculation module can calculate the corresponding formula. In addition, the connection relationship between the calculation module 2 and the calculation module 2 corresponds to the data transmission relationship between the calculation levels, for example, the connection relationship between the first calculation module and the third calculation module is respectively related to the formula
Figure 271547DEST_PATH_IMAGE016
And formula
Figure 536307DEST_PATH_IMAGE017
The transmission relationship between them, and the formula
Figure 7608DEST_PATH_IMAGE018
And
Figure 685714DEST_PATH_IMAGE011
the transmission relations between the two calculation units are corresponding, so that the calculation processes of the asymmetric algorithm can be completely realized by the plurality of calculation units 1. After each calculation module 2 is configured, the elliptic curve parameters in the asymmetric algorithm are input into the asymmetric algorithm calculation circuit, so that the asymmetric algorithm can be calculated, and the final calculation result is obtained.
In the foregoing, the asymmetric algorithm is divided into a plurality of computation levels according to the priority order of the computation symbols in the corresponding computation formula, and one computation module is used for computing each computation level, and the connection manner of the computation unit in each computation module corresponds to the data transmission relationship in the corresponding computation level, and the connection relationship between each computation module corresponds to the data transmission relationship between the corresponding computation levels. According to the embodiment of the invention, through the mutual cooperation of the computing modules, the parallel computing of a plurality of computing formulas in the asymmetric algorithm can be realized, the computing speed and the computing efficiency of the asymmetric algorithm are improved, and the technical problem of low computing speed in the computing of the asymmetric algorithm in the prior art is solved.
In one embodiment, the asymmetric algorithm is divided into six calculation levels according to the priority order of calculation symbols in the point-and-add calculation formula, and the plurality of calculation units 1 are divided into a first calculation module, a second calculation module, a third calculation module, a fourth calculation module, a fifth calculation module, and a sixth calculation module.
In one embodiment, the asymmetric algorithm calculation circuit is used for realizing point addition calculation in the asymmetric algorithm, wherein the calculation formula of the point addition calculation of the asymmetric algorithm is as follows:
Figure 651396DEST_PATH_IMAGE019
Figure 521394DEST_PATH_IMAGE020
Figure 570122DEST_PATH_IMAGE021
Figure 735524DEST_PATH_IMAGE022
Figure 504897DEST_PATH_IMAGE023
wherein, X1、Y1、Z1、X2、Y2For input elliptic curve parameters, X1、Y1、Z1Is the coordinate of a point on an elliptic curve, X2、Y2As coordinates of another point on the elliptic curve, X3、Y3、Z3The coordinates of the points on the calculated elliptic curve are added to the points.
In this embodiment, the calculation formula of the point addition calculation of the asymmetric algorithm is divided into six calculation levels, which are respectively as follows:
first hierarchy of computations A = Z1*Z1
Second hierarchy of computations B = Z1*A,C=X2*A,E=C-X1
Third calculation level D = Y2*B, F=D-Y1,G=E*E,Z3=Z1E and obtaining output result coordinates Z3
The fourth calculation level J = F × F, H = G × E, I = X1*G;
The fifth calculation level 2I = I + I, H' = H +2I, X3=J-H`,K=Y1H, and obtaining output result coordinate X3
Sixth calculation level L = I-X3, F`=L*F, Y3= F' -K and obtains the output result coordinate Y3
After dividing the calculation formula of point-and-point calculation into six calculation levels, dividing the plurality of calculation units 1 into six calculation modules 2, which are a first calculation module, a second calculation module, a third calculation module, a fourth calculation module, a fifth calculation module and a sixth calculation module respectively, wherein the first computing module is used for realizing the computation of the first computing level, the second computing module is used for realizing the computation of the second computing level, … …, the sixth computing module is used for realizing the computation of the sixth computing level, moreover, the connection relationship of the computing units 1 in each computing module 2 is set according to the data transmission relationship of the corresponding computing hierarchy, the connection relationship between each computing module 2 is set according to the data transmission relationship between the corresponding computing hierarchies, thereby enabling the asymmetric algorithm calculation circuit to implement the calculations of equations (1) - (5).
On the basis of the above embodiment, as shown in fig. 2, the calculating unit of the first calculating module includes a first modular multiplying unit, and the calculating unit of the second calculating module includes a second modular multiplying unit, a third modular multiplying unit and a first modular subtracting unit; the first input end and the second input end of the first modular multiplication unit are used for receiving elliptic curve parameters, the output end of the first modular multiplication unit is respectively connected with the first input end of the second modular multiplication unit and the first input end of the third modular multiplication unit, the second input end of the second modular multiplication unit is used for receiving elliptic curve parameters, the output end of the second modular multiplication unit is connected with the input port of the third calculation module, the second input end of the third modular multiplication unit is used for receiving elliptic curve parameters, the output end of the third modular multiplication unit is connected with the first input end of the first modular subtraction unit, the second input end of the first modular subtraction unit is used for receiving elliptic curve parameters, and the output end of the first modular subtraction unit is respectively connected with the input port of the third calculation module and the input port of the fourth calculation module.
In this embodiment, the first computing module comprises a first modular multiplication unit U1, and the elliptic curve parameters inputted to the first input terminal and the second input terminal of the first modular multiplication unit U1 are both Z1First modular multiplication unit U1 receives input Z1Then performing modular multiplication calculation to obtain A = Z1*Z1Therefore, the calculation of the first calculation level is completed, and the calculated A is transmitted to the second calculation module.
The second calculation module comprises a second modular multiplication unit U2, a third modular multiplication unit U3 and a first modular subtraction unit U4, wherein a first input end of the second modular multiplication unit U2 is used for receiving A output by the first modular multiplication unit U1, and a second input end is used for receiving an input elliptic curve parameter Z1Then, the second modular multiplication unit U2 performs modular multiplication calculation to obtain B = Z1And A, and transmitting the B obtained by calculation to a third calculation module. The third modular multiplication unit U3 has a first input terminal for receiving A output from the first modular multiplication unit U1, and a second input terminal for receiving input elliptic curve parameter X2Then, the third modular multiplication unit U3 performs modular multiplication calculation to obtain C = X2A, and transmits the calculated C to a first modulo reduction unit U4, a first input end of the first modulo reduction unit U4 is used for receiving C output by the third modulo multiplication unit U3, and a second input end is used for receiving an input elliptic curve parameter X1Then the first modulo reduction unit U4 performs a modulo reduction calculation, resulting in E = C-X1And transmitting the calculated E to a third calculation module anda fourth calculating module. To this end, the computation process of the second computation level is completed.
On the basis of the above embodiment, as shown in fig. 2, the calculating unit of the third calculating module includes a fourth modular multiplying unit, a second modular subtracting unit, a fifth modular multiplying unit and a sixth modular multiplying unit; the first input end of the fourth modular multiplication unit is connected with the output end of the second modular multiplication unit, the second input end of the fourth modular multiplication unit is used for receiving elliptic curve parameters, the output end of the fourth modular multiplication unit is connected with the first input end of the second modular subtraction unit, the second input end of the second modular subtraction unit is used for receiving elliptic curve parameters, the output end of the second modular subtraction unit is connected with the input port of the fourth calculation module and the input port of the sixth calculation module, the first input end and the second input end of the fifth modular multiplication unit are both connected with the output end of the first modular subtraction unit, the output end of the fifth modular multiplication unit is connected with the input port of the fourth calculation module, the first input end of the sixth modular multiplication unit is connected with the output end of the first modular subtraction unit, and the second input end of the sixth modular multiplication unit is used for receiving elliptic curve parameters.
In this embodiment, the calculating unit of the third calculating module includes a fourth modular multiplication unit U5, a second modulo reduction unit U6, a fifth modular multiplication unit U7 and a sixth modular multiplication unit U8; a first input end of the fourth modular multiplication unit U5 is used for receiving the B output by the second modular multiplication unit U2, and a second input end of the fourth modular multiplication unit U5 is used for receiving the input elliptic curve parameter Y2Then, the fourth modular multiplication unit U5 performs modular multiplication calculation to obtain D = Y2B and transmits the resulting D to a second modulo reduction unit U6; the second modulo reduction unit U6 has a first input terminal for receiving D output from the fourth modulo multiplication unit U5, and a second input terminal for receiving elliptic curve parameter Y1And then the second modulo reduction unit U6 performs modulo reduction calculation to obtain F = D-Y1And transmitting F to a fourth calculation module and a sixth calculation module; the first input end and the second input end of the fifth modular multiplication unit U7 are both used for receiving E output by the first modular subtraction unit U4, and then the fifth modular multiplication unit U7 performs modular multiplication calculation to obtain G = E × E, and transmits G to the fourth calculation module; the first input terminal of the sixth modular multiplication unit U8 is used for being connected withE output by the first modulo reduction unit U4, and a second input for receiving the elliptic curve parameter Z1And then a sixth modular multiplication unit U8 is used for carrying out modular multiplication calculation to obtain Z3=Z1E, obtaining output result coordinates Z3
On the basis of the above embodiment, as shown in fig. 2, the calculating unit of the fourth calculating module includes a seventh modular multiplying unit, an eighth modular multiplying unit and a ninth modular multiplying unit; the first input end and the second input end of the seventh modular multiplication unit are connected with the output end of the second modular subtraction unit, the output end of the seventh modular multiplication unit is connected with the input port of the fifth calculation module, the first input end and the second input end of the eighth modular multiplication unit are respectively connected with the output end of the fifth modular multiplication unit and the output end of the first modular subtraction unit, the output end of the eighth modular multiplication unit is connected with the input port of the fifth calculation module, the first input end of the ninth modular multiplication unit is connected with the output end of the fifth modular multiplication unit, the second input end of the ninth modular multiplication unit is used for receiving elliptic curve parameters, and the output end of the ninth modular multiplication unit is connected with the input port of the fifth calculation module and the input port of the sixth calculation module.
In this embodiment, the fourth calculating module includes a seventh modular multiplying unit U9, an eighth modular multiplying unit U10, and a ninth modular multiplying unit U11, wherein a first input end and a second input end of the seventh modular multiplying unit U9 are both configured to receive the output F of the second modular subtracting unit U6, and then the seventh modular multiplying unit U9 performs modular multiplying calculation to obtain J = F × F, and outputs J to the fifth calculating module; a first input end of the eighth modular multiplication unit U10 is configured to receive G output by the fifth modular multiplication unit U7, a second input end is configured to receive E output by the first modular subtraction unit U4, and then the eighth modular multiplication unit U10 performs modular multiplication calculation to obtain H = G × E, and transmits H to the fifth calculation module; the ninth modular multiplication unit U11 has a first input terminal for receiving G output from the fifth modular multiplication unit U7, and a second input terminal for receiving input elliptic curve parameter X1Then, the ninth modular multiplication unit U11 performs modular multiplication calculation to obtain I = X1G, and outputting the obtained I to a fifth calculation module and a sixth calculation module to finish the calculation process of the fourth calculation level.
On the basis of the above embodiment, as shown in fig. 2, the calculating unit of the fifth calculating module includes a third modulo reduction unit, a tenth modulo multiplication unit, a first modulo addition unit, and a second modulo addition unit; the first input end and the second input end of the third modular subtraction unit are respectively connected with the output end of the seventh modular multiplication unit and the output end of the second modular addition unit, the output end of the third modular subtraction unit is connected with the input port of the sixth calculation module, the first input end of the tenth modular multiplication unit is connected with the output end of the eighth modular multiplication unit, the second input end of the tenth modular multiplication unit is used for receiving the elliptic curve parameters, the output end of the tenth modular multiplication unit is connected with the input port of the sixth calculation module, the first input end and the second input end of the first modular addition unit are both connected with the output end of the ninth modular multiplication unit, the output end of the first modular addition unit is connected with the first input end of the second modular addition unit, and the second input end of the second modular addition unit is connected with the output end of the eighth modular multiplication unit.
In the present embodiment, the fifth calculation module includes a third modulo reduction unit U12, a tenth modulo multiplication unit U13, a first modulo addition unit U14, and a second modulo addition unit U15. The first input end of the third modulo reduction unit U12 is configured to receive the J output by the seventh modulo multiplication unit U9, the second input end is configured to receive the H' output by the second modulo addition unit U15, and then the third modulo reduction unit U12 performs modulo reduction calculation to obtain X3= J-H', and converting X3Transmitting to a sixth computing module; the tenth modular multiplication unit U13 has a first input terminal for receiving H output from the eighth modular multiplication unit U10, and a second input terminal for receiving input elliptic curve parameter Y1Then, the tenth modular multiplication unit U13 performs modular multiplication calculation to obtain K = Y1H, and outputting the obtained K to a sixth calculation module; a first input end and a second input end of the first modulo addition unit U14 are both used for receiving I output by the ninth modulo multiplication unit U11, and then the first modulo addition unit U14 performs modulo addition calculation to obtain 2I, and transmits the 2I to the second modulo addition unit U15; a first input end of the second modulo addition unit U15 is configured to receive the 2I output by the first modulo addition unit U14, a second input end is configured to receive the H output by the eighth modulo multiplication unit, and then modulo addition calculation is performed to obtain H' = HH +2I, and transmitting the output H' to a second input end of a third modulo reduction unit U12, so that the calculation process of the fifth calculation level is finished, and simultaneously, the output result coordinate X is obtained through calculation3
On the basis of the above embodiment, as shown in fig. 2, the calculating unit of the sixth calculating module includes a fourth modulo reduction unit, an eleventh modulo multiplication unit, and a fifth modulo reduction unit, wherein a first input end and a second input end of the fourth modulo reduction unit are respectively connected to an output end of the ninth modulo reduction unit and an output end of the third modulo reduction unit, a first input end and a second input end of the eleventh modulo reduction unit are respectively connected to an output end of the fourth modulo reduction unit and an output end of the second modulo reduction unit, an output end of the eleventh modulo multiplication unit is connected to a first input end of the fifth modulo reduction unit, and a second input end of the fifth modulo reduction unit is connected to an output end of the tenth modulo reduction unit.
In this embodiment, the sixth calculating module includes a fourth modulo reduction unit U16, an eleventh modulo multiplication unit U17, and a fifth modulo reduction unit U18; wherein, the first input terminal of the fourth modulo reduction unit U16 is used for receiving I output by the ninth modulo multiplication unit U11, and the second input terminal is used for receiving X output by the third modulo reduction unit U123And then the fourth modulo reduction unit U16 performs modulo reduction calculation to obtain L = I-X3L is transmitted to a first input terminal of an eleventh modular multiplication unit U17, a second input terminal of the eleventh modular multiplication unit U17 is configured to receive F output by the second modular subtraction unit U6, then the eleventh modular multiplication unit U17 performs modular multiplication to obtain F '= L × F, and transmits the obtained F' to a first input terminal of a fifth modular subtraction unit U18, a second input terminal of a fifth modular subtraction unit U18 is configured to receive K output by the tenth modular multiplication unit U13, then the fifth modular subtraction unit U18 performs modular subtraction to obtain Y3= F' -K, obtaining the output result coordinate Y3And at this moment, finishing the calculation of the sixth calculation level, finishing the point addition calculation process of the asymmetric algorithm, and solving the needed output result coordinate X3、Y3、Z3
As described above, in the embodiment of the present invention, the point addition calculation is divided into six calculation levels according to the calculation formula of the point addition calculation in the asymmetric algorithm, the asymmetric algorithm calculation circuit is divided into six calculation modules according to the six calculation levels, and each calculation module corresponds to one calculation level, so that parallel calculation of multiple calculation formulas can be implemented when the point addition calculation is performed, and the operation speed and the operation efficiency of the point addition calculation are improved.
In another embodiment, the asymmetric algorithm is divided into five calculation levels according to the priority order of the calculation symbols in the double-dot calculation formula, and the plurality of calculation units 1 are divided into a seventh calculation module, an eighth calculation module, a ninth calculation module, a tenth calculation module, and an eleventh calculation module.
In another embodiment, the asymmetric algorithm calculation circuit is configured to implement a point-and-add calculation in an asymmetric algorithm, wherein the point-and-add calculation of the asymmetric algorithm is calculated as follows:
Figure 494981DEST_PATH_IMAGE024
Figure 793238DEST_PATH_IMAGE025
Figure 367307DEST_PATH_IMAGE026
Figure 409213DEST_PATH_IMAGE027
Figure 253803DEST_PATH_IMAGE028
wherein, X4、Y4、Z4A is the input elliptic curve parameter, X4、Y4、Z4Is the coordinate of a point on the elliptic curve, a is the elliptic hyperbolic parameter, X5、Y5、Z5Coordinates of points on an elliptic curve calculated for double points。
Then, the calculation formula of the double dot calculation is further divided, in this embodiment, the calculation formula of the double dot calculation is divided into five calculation levels, which are respectively as follows:
a first computation level: g = X4*X4,A=Y4*Y4,H=Z4*Z4,B`=4*X4
The second calculation level: d ' =3 × G, B = B ' × a, C ' = a, I = H
Third calculation level: c =8 × C', F = a × I, 2B = B + B
The fourth calculation level: e =2 x Y4,D=D`+F,J=D*D,X5=J-2B,K`=B-X5And obtaining output result coordinate X5
A fifth computation level: fifth step Z5=E*Z4,K=D*K, Y5K-C and obtaining output result coordinate Z5And Y5
After dividing the calculation formula of the double-point calculation into five calculation levels, dividing the plurality of calculation units 1 into five calculation modules 2, namely a seventh calculation module, an eighth calculation module, a ninth calculation module, a tenth calculation module and an eleventh calculation module, wherein, the seventh computation module is used for realizing the computation of the first computation level, the eighth computation module is used for realizing the computation of the second computation level, … …, the eleventh computation module is used for realizing the computation of the fifth computation level, moreover, the connection relationship of the computing units 1 in each computing module 2 is set according to the data transmission relationship of the corresponding computing hierarchy, the connection relationship between each computing module 2 is set according to the data transmission relationship between the corresponding computing hierarchies, thereby enabling the asymmetric algorithm computation circuit to implement the computations of equations (6) - (10).
On the basis of the above embodiment, as shown in fig. 3, the calculating unit of the seventh calculating module includes a twelfth modular multiplying unit, a thirteenth modular multiplying unit, a fourteenth modular multiplying unit and a fifteenth modular multiplying unit, an input end of the twelfth modular multiplying unit, an input end of the thirteenth modular multiplying unit, an input end of the fourteenth modular multiplying unit and an input end of the fifteenth modular multiplying unit are all used for receiving the elliptic curve parameter, and an output end of the twelfth modular multiplying unit, an output end of the thirteenth modular multiplying unit, an output end of the fourteenth modular multiplying unit and an output end of the fifteenth modular multiplying unit are all connected to an input port of the eighth calculating module.
In this embodiment, the seventh calculating module includes a twelfth modular multiplication unit U19, a thirteenth modular multiplication unit U20, a fourteenth modular multiplication unit U21 and a fifteenth modular multiplication unit U22, wherein a first input end and a second input end of the twelfth modular multiplication unit U19 are both used for receiving the elliptic curve parameter X4Then, the twelfth modular multiplication unit U19 performs modular multiplication calculation to obtain G = X4*X4And transmitting G to the eighth computing module; the first input end and the second end of the thirteenth modular multiplication unit U20 are used for receiving the elliptic curve parameter Y4Then, the thirteenth modular multiplication unit U20 performs modular multiplication calculation to obtain a = Y4*Y4And A is transmitted to the eighth computing module, and the first input end of the fourteenth modular multiplication unit U21 is used for receiving the elliptic curve parameter X4The second input end is used for receiving the constant 4, and then the modulus multiplication calculation is carried out to obtain B' = 4X X4And B' is transmitted to an eighth computing module, and a first input end and a second input end of a fifteenth modular multiplication unit U22 are used for receiving the elliptic curve parameter Z4Then, the fifteenth modular multiplication unit U22 performs modular multiplication calculation to obtain H = Z4*Z4And transmitting H to the eighth computing module, so that the computation of the first computing level is completed.
On the basis of the above embodiment, as shown in fig. 3, the calculating unit of the eighth calculating module includes a sixteenth modular multiplying unit, a seventeenth modular multiplying unit, an eighteenth modular multiplying unit and a nineteenth modular multiplying unit, a first input end of the sixteenth modular multiplying unit is connected to an output end of the twelfth modular multiplying unit, a second input end of the sixteenth modular multiplying unit is used for receiving the elliptic curve parameter, an output end of the sixteenth modular multiplying unit is connected to an input port of the tenth calculating module, a first input end and a second input end of the seventeenth modular multiplying unit are both connected to an output end of the thirteenth modular multiplying unit, an output end of the seventeenth modular multiplying unit is connected to an input port of the ninth calculating module, a first input end and a second input end of the eighteenth modular multiplying unit are respectively connected to an output end of the thirteenth modular multiplying unit and an output end of the fourteenth modular multiplying unit, and an output end of the eighteenth modular multiplying unit is respectively connected to an input port of the ninth calculating module and an input port of the tenth calculating module The first input end and the second input end of the nineteenth modular multiplication unit are connected with the output end of the fifteenth modular multiplication unit, and the output end of the nineteenth modular multiplication unit is connected with the input port of the ninth calculation module.
In this embodiment, the eighth calculating module includes a sixteenth modular multiplication unit U23, a seventeenth modular multiplication unit U24, an eighteenth modular multiplication unit U25 and a nineteenth modular multiplication unit U26. The first input end of the sixteenth modular multiplication unit U23 is configured to receive G output by the twelfth modular multiplication unit U19, the second input end is configured to receive a constant 3, then the sixteenth modular multiplication unit U23 performs modular multiplication to obtain D '= 3 × G, and outputs D' to the tenth calculation module. The first input end and the second input end of the seventeenth modular multiplication unit U24 are both used for receiving a output by the thirteenth modular multiplication unit U20, and then the seventeenth modular multiplication unit U24 performs modular multiplication calculation to obtain C '= a × a, and outputs C' to the tenth calculation module. The eighteenth modular multiplication unit U25 has a first input end for receiving a output from the thirteenth modular multiplication unit U20, and a second input end for receiving B 'output from the fourteenth modular multiplication unit U21, and then performs modular multiplication to obtain B = B' a, and outputs B to the ninth calculation module and the tenth calculation module. The first input end and the second input end of the nineteenth modular multiplication unit U26 are both used for receiving H output by the fifteenth modular multiplication unit U22, and then modular multiplication calculation is performed to obtain I = H × H, and I is output to the ninth calculation module. At this point, the computation of the second computation level is completed.
On the basis of the above-described embodiment, as shown in fig. 3, the calculation unit of the ninth calculation module includes a twentieth modular multiplication unit, the first input end of the twenty-first modular multiplication unit is connected with the output end of the seventeenth modular multiplication unit, the second input end of the twenty-second modular multiplication unit is used for receiving the elliptic curve parameters, the output end of the twentieth modular multiplication unit is connected with the input port of the eleventh calculation module, the first input end and the second input end of the third modular multiplication unit are both connected with the output end of the eighteenth modular multiplication unit, the output end of the third modular multiplication unit is connected with the input port of the tenth calculation module, the first input end of the twenty-first modular multiplication unit is connected with the output end of the nineteenth modular multiplication unit, the second input end of the twenty-first modular multiplication unit is used for receiving the elliptic curve parameters, and the output end of the twenty-first modular multiplication unit is connected with the input port of the tenth calculation module.
In this embodiment, the calculating units of the ninth calculating module include a twentieth modular multiplication unit U27, a third modular addition unit U28, and a twenty-first modular multiplication unit U29. The twenty-first modular multiplication unit U27 has a first input end for receiving C output by the seventeenth modular multiplication unit U24, a second input end for receiving the constant 8, and then the twentieth modular multiplication unit U27 performs modular multiplication to obtain C =8 × C', and outputs C to the eleventh calculation module. The first input end and the second input end of the third modulo addition unit U28 are both used for receiving B output by the eighteenth modulo multiplication unit U25, then perform modulo addition calculation to obtain 2B, and output the 2B to the tenth calculation module. The twenty-first modular multiplication unit U29 has a first input terminal for receiving I output from the nineteenth modular multiplication unit, and a second input terminal for receiving the elliptic hyperbolic parameter a, and then performs modular multiplication to obtain F = a × I, and outputs F to the tenth calculation module. To this end, the computation of the third computation level is completed.
On the basis of the above embodiment, as shown in fig. 3, the calculating unit of the tenth calculating module includes a twenty-second modular multiplying unit, a fourth modular adding unit, a twenty-third modular multiplying unit, a sixth modular subtracting unit and a seventh modular subtracting unit; the input end of a twenty-second modular multiplication unit is used for receiving elliptic curve parameters, the output end of the twenty-second modular multiplication unit is connected with the input port of an eleventh calculation module, the first input end and the second input end of a fourth modular addition unit are respectively connected with the output end of a sixteenth modular multiplication unit and the output end of a twenty-first modular multiplication unit, the output end of the fourth modular addition unit is connected with the input port of the eleventh calculation module, the first input end and the second input end of a twenty-third modular multiplication unit, the output end of the twenty-third modular multiplication unit is connected with the first input end of a sixth modular subtraction unit, the second input end of the sixth modular subtraction unit is connected with the output end of a third modular addition unit, the output end of the sixth modular subtraction unit is connected with the first input end of a seventh modular subtraction unit, the second input end of the seventh modular subtraction unit is connected with the output end of an eighteenth modular multiplication unit, and the output end of the seventh modulo reduction unit is connected with the input port of the eleventh calculation module.
In the present embodiment, the tenth calculation module includes a twenty-second modulo multiplication unit U30, a fourth modulo addition unit U31, a twenty-third modulo multiplication unit U32, a sixth modulo subtraction unit U33, and a seventh modulo subtraction unit U34. Wherein, the first input end of the twenty-second modular multiplication unit U30 is used for receiving the elliptic curve parameter Y4The second input end is used for receiving a constant 2, and then modular multiplication calculation is carried out to obtain E = 2Y4And transmits E to the eleventh calculation module. The first input end of the fourth modulo addition unit U31 is configured to receive D 'output from the sixteenth modulo multiplication unit U23, the second input end is configured to receive F output from the twenty-first modulo multiplication unit U29, and then perform modulo addition calculation to obtain D = D' + F, and transmit D to the first input end, the second input end, and the eleventh calculation module of the twenty-third modulo multiplication unit U32. A first input end and a second input end of the twenty-third modulo unit U32 are both used for receiving D output by the fourth modulo addition unit U31, and then modulo multiplication calculation is performed to obtain J = D × D, and J is output to a first input end of the sixth modulo subtraction unit U33, a second input end of the sixth modulo subtraction unit U33 is used for receiving 2B output by the third modulo addition unit U28, and then modulo subtraction calculation is performed by the sixth modulo subtraction unit U33 to obtain X5= J-2B, and mixing X5The first input end of the seventh modulo reduction unit U34 is connected to the second input end of the seventh modulo reduction unit U34 for receiving B output by the eighteenth modulo multiplication unit U25, and then modulo reduction is performed to obtain K' = B-X5And outputting K' to the eleventh calculation module to complete the calculation of the fourth calculation level and obtain the output result coordinate X5
On the basis of the above embodiment, as shown in fig. 3, the computing unit of the eleventh computing module includes a twenty-fourth modular multiplication unit, a twenty-fifth modular multiplication unit, and an eighth modular subtraction unit; the first input end of the twenty-fourth modular multiplication unit is connected with the output end of the twenty-second modular multiplication unit, the second input end of the twenty-fourth modular multiplication unit is used for receiving the elliptic curve parameters, the first input end and the second input end of the twenty-fifth modular multiplication unit are respectively connected with the output end of the fourth modular addition unit and the output end of the seventh modular subtraction unit, the output end of the twenty-fifth modular multiplication unit is connected with the first input end of the eighth modular subtraction unit, and the second input end of the eighth modular subtraction unit is connected with the output end of the twenty-second modular multiplication unit.
In this embodiment, the eleventh calculating module includes a twenty-fourth modular multiplication unit U35, a twenty-fifth modular multiplication unit U36, and an eighth modulo reduction unit U37. Wherein, the first input end of the twenty-fourth modular multiplication unit U35 is used for receiving the E output by the twenty-second modular multiplication unit U30, and the second input end is used for receiving the elliptic curve parameter Z4Then the twenty-fourth modular multiplication unit U35 carries out modular multiplication calculation to obtain Z5=E*Z4. A first input terminal of the twenty-fifth modulo unit U36 is configured to receive D output by the fourth modulo addition unit U31, a second input terminal is configured to receive K 'output by the seventh modulo subtraction unit U34, and then perform modulo multiplication calculation to obtain K = D × K', and output K to a first input terminal of the eighth modulo subtraction unit U37, a second input terminal of the eighth modulo subtraction unit U37 is configured to receive C output by the twentieth modulo multiplication unit U27, and then perform modulo subtraction calculation to obtain Y5= K-C, finishing the calculation process of the sixth calculation level and obtaining an output result coordinate Y5And Z5
As described above, in the embodiment of the present invention, the double-point calculation is divided into five calculation levels according to the calculation formula of the double-point calculation in the asymmetric algorithm, the asymmetric algorithm calculation circuit is divided into five calculation modules according to the five calculation levels, and each calculation module corresponds to one calculation level, so that parallel calculation of multiple calculation formulas can be implemented when the double-point calculation is performed, and the operation speed and the operation efficiency of the double-point calculation are improved.
It should be noted that the foregoing is only a preferred embodiment of the present invention and the technical principles applied. Those skilled in the art will appreciate that the embodiments of the present invention are not limited to the specific embodiments described herein, and that various obvious changes, adaptations, and substitutions are possible, without departing from the scope of the embodiments of the present invention. Therefore, although the embodiments of the present invention have been described in more detail through the above embodiments, the embodiments of the present invention are not limited to the above embodiments, and many other equivalent embodiments may be included without departing from the concept of the embodiments of the present invention, and the scope of the embodiments of the present invention is determined by the scope of the appended claims.

Claims (13)

1. An asymmetric algorithm calculation circuit is characterized by comprising a plurality of calculation units, wherein the calculation units are used for realizing the calculation of an asymmetric algorithm according to input elliptic curve parameters, and the calculation units are used for realizing the calculation of modular multiplication, modular addition or modular subtraction;
the calculation units are divided into a plurality of calculation modules, each calculation module is used for calculating a corresponding calculation level in the asymmetric algorithm, the connection mode of the calculation units in each calculation module corresponds to the data transmission relation in the corresponding calculation level, the connection relation between the calculation modules corresponds to the data transmission relation between the corresponding calculation levels, and the asymmetric algorithm is divided into a plurality of calculation levels according to the priority sequence of calculation symbols in the corresponding calculation formula.
2. The asymmetric algorithm calculation circuit according to claim 1, wherein the asymmetric algorithm is divided into six calculation levels according to the priority order of calculation symbols in the point-and-add calculation formula, and the plurality of calculation units are divided into a first calculation module, a second calculation module, a third calculation module, a fourth calculation module, a fifth calculation module, and a sixth calculation module.
3. The asymmetric-algorithm computing circuit as claimed in claim 2, wherein the computing unit of the first computing module comprises a first modular multiplication unit, and the computing unit of the second computing module comprises a second modular multiplication unit, a third modular multiplication unit and a first modular subtraction unit; the first input and the second input of the first modular multiplication unit are used for receiving the elliptic curve parameters, the output end of the first modular multiplication unit is respectively connected with the first input end of the second modular multiplication unit and the first input end of the third modular multiplication unit, the second input end of the second modular multiplication unit is used for receiving the elliptic curve parameters, the output end of the second modular multiplication unit is connected with the input port of the third calculation module, the second input end of the third modular multiplication unit is used for receiving the elliptic curve parameters, the output end of the third modular multiplication unit is connected with the first input end of the first modulo reduction unit, the second input end of the first modulo reduction unit is used for receiving the elliptic curve parameters, and the output end of the first modulo reduction unit is respectively connected with the input port of the third calculation module and the input port of the fourth calculation module.
4. The asymmetric algorithm computing circuit of claim 3, wherein the computing unit of the third computing module comprises a fourth modular multiplication unit, a second modular subtraction unit, a fifth modular multiplication unit and a sixth modular multiplication unit; a first input end of the fourth modular multiplication unit is connected with an output end of the second modular multiplication unit, a second input end of the fourth modular multiplication unit is used for receiving the elliptic curve parameter, an output end of the fourth modular multiplication unit is connected with a first input end of the second modular subtraction unit, a second input end of the second modular subtraction unit is used for receiving the elliptic curve parameter, an output end of the second modular subtraction unit is connected with an input port of the fourth calculation module and an input port of the sixth calculation module of Sovix, a first input end and a second input end of the fifth modular multiplication unit are both connected with an output end of the first modular subtraction unit, an output end of the fifth modular multiplication unit is connected with an input port of the fourth calculation module, and a first input end of the sixth modular multiplication unit is connected with an output end of the first modular subtraction unit, and the second input end of the sixth modular multiplication unit is used for receiving the elliptic curve parameters.
5. The asymmetric algorithm computing circuit of claim 4, wherein the computing units of the fourth computing module comprise a seventh modular multiplication unit, an eighth modular multiplication unit, and a ninth modular multiplication unit; the first input end and the second input end of the seventh modular multiplication unit are both connected with the output end of the second modular subtraction unit, the output end of the seventh modular multiplication unit is connected with the input port of the fifth calculation module, the first input end and the second input end of the eighth modular multiplication unit are respectively connected with the output end of the fifth modular multiplication unit and the output end of the first modular subtraction unit, the output end of the eighth modular multiplication unit is connected with the input port of the fifth calculation module, the first input end of the ninth modular multiplication unit is connected with the output end of the fifth modular multiplication unit, the second input end of the ninth modular multiplication unit is used for receiving the elliptic curve parameter, and the output end of the ninth modular multiplication unit is connected with the input port of the fifth calculation module and the input port of the sixth calculation module.
6. The asymmetric-algorithm computation circuit of claim 5, wherein the computation unit of the fifth computation module comprises a third modulo-subtraction unit, a tenth modulo-multiplication unit, a first modulo-addition unit, and a second modulo-addition unit; a first input terminal and a second input terminal of the third modulo reduction unit are respectively connected with an output terminal of the seventh modulo multiplication unit and an output terminal of the second modulo addition unit, the output end of the third modulo reduction unit is connected with the input port of the sixth calculation module, the first input end of the tenth modulo multiplication unit is connected with the output end of the eighth modulo multiplication unit, a second input end of the tenth modular multiplication unit is used for receiving the elliptic curve parameters, an output end of the tenth modular multiplication unit is connected with an input port of the sixth calculation module, the first input end and the second input end of the first modular adding unit are both connected with the output end of the ninth modular multiplying unit, the output end of the first modulo unit is connected with the first input end of the second modulo unit, and a second input end of the second modulo addition unit is connected with an output end of the eighth modulo multiplication unit.
7. The asymmetric-algorithm calculating circuit as claimed in claim 6, wherein the calculating unit of the sixth calculating module comprises a fourth modulo reduction unit, an eleventh modulo multiplication unit and a fifth modulo reduction unit, a first input and a second input of the fourth modulo reduction unit are respectively connected to the output of the ninth modulo reduction unit and the output of the third modulo reduction unit, a first input and a second input of the eleventh modulo multiplication unit are respectively connected to the output of the fourth modulo reduction unit and the output of the second modulo reduction unit, an output of the eleventh modulo multiplication unit is connected to a first input of the fifth modulo reduction unit, and a second input of the fifth modulo reduction unit is connected to the output of the tenth modulo reduction unit.
8. An asymmetric algorithm calculation circuit as claimed in claim 1, wherein the asymmetric algorithm is divided into five calculation levels according to the priority order of calculation symbols in the double-dot calculation formula, and the plurality of calculation units are divided into a seventh calculation module, an eighth calculation module, a ninth calculation module, a tenth calculation module and an eleventh calculation module.
9. The asymmetric-algorithm computation circuit of claim 8, wherein the computation unit of the seventh computation module comprises a twelfth modular multiplication unit, a thirteenth modular multiplication unit, a fourteenth modular multiplication unit and a fifteenth modular multiplication unit, an input terminal of the twelfth modular multiplication unit, an input terminal of the thirteenth modular multiplication unit, an input terminal of the fourteenth modular multiplication unit and an input terminal of the fifteenth modular multiplication unit are all configured to receive elliptic curve parameters, and an output terminal of the twelfth modular multiplication unit, an output terminal of the thirteenth modular multiplication unit, an output terminal of the fourteenth modular multiplication unit and an output terminal of the fifteenth modular multiplication unit are all connected to the input port of the eighth computation module.
10. The asymmetric algorithm calculation circuit of claim 9, wherein the calculation unit of the eighth calculation module comprises a sixteenth modular multiplication unit, a seventeenth modular multiplication unit, an eighteenth modular multiplication unit and a nineteenth modular multiplication unit, a first input terminal of the sixteenth modular multiplication unit is connected to the output terminal of the twelfth modular multiplication unit, a second input terminal of the sixteenth modular multiplication unit is configured to receive the elliptic curve parameter, an output terminal of the sixteenth modular multiplication unit is connected to the input port of the tenth calculation module, a first input terminal and a second input terminal of the seventeenth modular multiplication unit are both connected to the output terminal of the thirteenth modular multiplication unit, an output terminal of the seventeenth modular multiplication unit is connected to the input port of the ninth calculation module, and a first input terminal and a second input terminal of the eighteenth modular multiplication unit are respectively connected to the output terminal of the thirteenth modular multiplication unit and the output terminal of the fourteenth modular multiplication unit The output ends of the eighteenth modular multiplication unit are connected with the input port of the ninth calculation module and the input port of the tenth calculation module respectively, the first input end and the second input end of the nineteenth modular multiplication unit are connected with the output end of the fifteenth modular multiplication unit, and the output end of the nineteenth modular multiplication unit is connected with the input port of the ninth calculation module.
11. An asymmetric arithmetic calculation circuit as claimed in claim 10, wherein the calculation unit of the ninth calculation module comprises a twentieth module multiplication unit, a third module addition unit and a twenty-first module multiplication unit, a first input terminal of the twentieth module multiplication unit is connected to the output terminal of the seventeenth module multiplication unit, a second input terminal of the twentieth module multiplication unit is used for receiving the elliptic curve parameter, an output terminal of the twentieth module multiplication unit is connected to the input port of the eleventh calculation module, a first input terminal and a second input terminal of the third module addition unit are both connected to the output terminal of the eighteenth module multiplication unit, an output terminal of the third module addition unit is connected to the input port of the tenth calculation module, a first input terminal of the twenty-first module multiplication unit is connected to the output terminal of the nineteenth module multiplication unit, and a second input end of the twenty-first modular multiplication unit is used for receiving the elliptic curve parameters, and an output end of the twenty-first modular multiplication unit is connected with an input port of the tenth calculation module.
12. The asymmetric-algorithm computation circuit of claim 11, wherein the computation unit of the tenth computation module comprises a twenty-second modulo multiplication unit, a fourth modulo addition unit, a twenty-third modulo multiplication unit, a sixth modulo reduction unit, and a seventh modulo reduction unit; the input end of the twenty-second modular multiplication unit is used for receiving the elliptic curve parameter, the output end of the twenty-second modular multiplication unit is connected with the input port of the eleventh calculation module, the first input end and the second input end of the fourth modular addition unit are respectively connected with the output end of the sixteenth modular multiplication unit and the output end of the twenty-first modular multiplication unit, the output end of the fourth modular addition unit is connected with the input port of the eleventh calculation module, the first input end and the second input end of the twenty-third modular multiplication unit, the output end of the twenty-third modular multiplication unit is connected with the first input end of the sixth modular subtraction unit, the second input end of the sixth modular subtraction unit is connected with the output end of the third modular addition unit, and the output end of the sixth modular subtraction unit is connected with the first input end of the seventh modular subtraction unit, a second input end of the seventh modulo reduction unit is connected with an output end of the eighteenth modulo multiplication unit, and an output end of the seventh modulo reduction unit is connected with an input port of the eleventh calculation module.
13. The asymmetric algorithm computing circuit of claim 12, wherein the computing units of the eleventh computing module comprise a twenty-fourth modular multiplication unit, a twenty-fifth modular multiplication unit, and an eighth modular subtraction unit; the first input end of the twenty-fourth modular multiplication unit is connected with the output end of the twenty-second modular multiplication unit, the second input end of the twenty-fourth modular multiplication unit is used for receiving the elliptic curve parameters, the first input end and the second input end of the twenty-fifth modular multiplication unit are respectively connected with the output end of the fourth modular addition unit and the output end of the seventh modular subtraction unit, the output end of the twenty-fifth modular multiplication unit is connected with the first input end of the eighth modular subtraction unit, and the second input end of the eighth modular subtraction unit is connected with the output end of the twenty-second modular multiplication unit.
CN202210392670.7A 2022-04-15 2022-04-15 Asymmetric algorithm calculation circuit Active CN114489571B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210392670.7A CN114489571B (en) 2022-04-15 2022-04-15 Asymmetric algorithm calculation circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210392670.7A CN114489571B (en) 2022-04-15 2022-04-15 Asymmetric algorithm calculation circuit

Publications (2)

Publication Number Publication Date
CN114489571A true CN114489571A (en) 2022-05-13
CN114489571B CN114489571B (en) 2022-07-15

Family

ID=81488121

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210392670.7A Active CN114489571B (en) 2022-04-15 2022-04-15 Asymmetric algorithm calculation circuit

Country Status (1)

Country Link
CN (1) CN114489571B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060153371A1 (en) * 2005-01-07 2006-07-13 Beeson Curtis L Generating digital signatures using ephemeral cryptographic key
CN101221491A (en) * 2008-01-04 2008-07-16 清华大学 Point addition system of elliptic curve cipher system
CN102043760A (en) * 2010-12-27 2011-05-04 上海华为技术有限公司 Data processing method and system
CN105450398A (en) * 2014-09-23 2016-03-30 德克萨斯仪器股份有限公司 Homogeneous atomic pattern for double, add, and subtract operations for digital authentication using elliptic curve cryptography
CN107040362A (en) * 2015-12-29 2017-08-11 智能Ic卡公司 Modular multiplication apparatus and method
CN108306735A (en) * 2017-12-29 2018-07-20 成都锐成芯微科技股份有限公司 The hardware implementation method and its system of elliptic curve point multiplication operation
CN110460443A (en) * 2019-08-09 2019-11-15 南京秉速科技有限公司 The high speed point add operation method and apparatus of elliptic curve cipher
CN110704109A (en) * 2019-09-30 2020-01-17 华中科技大学 Elliptic curve password coprocessor
CN112417522A (en) * 2020-12-01 2021-02-26 北京华大智宝电子系统有限公司 Data processing method, security chip device and embedded system
CN113055165A (en) * 2021-03-11 2021-06-29 湖南国科微电子股份有限公司 Asymmetric cryptographic algorithm device, method, equipment and storage medium

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060153371A1 (en) * 2005-01-07 2006-07-13 Beeson Curtis L Generating digital signatures using ephemeral cryptographic key
CN101221491A (en) * 2008-01-04 2008-07-16 清华大学 Point addition system of elliptic curve cipher system
CN102043760A (en) * 2010-12-27 2011-05-04 上海华为技术有限公司 Data processing method and system
CN105450398A (en) * 2014-09-23 2016-03-30 德克萨斯仪器股份有限公司 Homogeneous atomic pattern for double, add, and subtract operations for digital authentication using elliptic curve cryptography
CN107040362A (en) * 2015-12-29 2017-08-11 智能Ic卡公司 Modular multiplication apparatus and method
CN108306735A (en) * 2017-12-29 2018-07-20 成都锐成芯微科技股份有限公司 The hardware implementation method and its system of elliptic curve point multiplication operation
CN110460443A (en) * 2019-08-09 2019-11-15 南京秉速科技有限公司 The high speed point add operation method and apparatus of elliptic curve cipher
CN110704109A (en) * 2019-09-30 2020-01-17 华中科技大学 Elliptic curve password coprocessor
CN112417522A (en) * 2020-12-01 2021-02-26 北京华大智宝电子系统有限公司 Data processing method, security chip device and embedded system
CN113055165A (en) * 2021-03-11 2021-06-29 湖南国科微电子股份有限公司 Asymmetric cryptographic algorithm device, method, equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
尹玲: "二元域椭圆曲线密码算法的高性能标量乘法器设计", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Also Published As

Publication number Publication date
CN114489571B (en) 2022-07-15

Similar Documents

Publication Publication Date Title
CN106936593B (en) Certificateless multi-receiver signcryption method based on elliptic curve efficient anonymity
Liu et al. MoTE-ECC: Energy-scalable elliptic curve cryptography for wireless sensor networks
CN101753306B (en) Digital signature authentication method for applying Montgomery elliptic curve
JP2012014203A5 (en)
JP2009537025A5 (en)
SG174833A1 (en) Implicit certificate verification
CN100428140C (en) Implement method of elliptic curve cipher system coprocessor
CN113535122B (en) Safe and efficient mathematical logarithm calculation optimization method based on secret sharing protocol
US7062043B1 (en) Method of elliptic curve digital signature using coefficient splitting
Fournaris et al. Residue number system as a side channel and fault injection attack countermeasure in elliptic curve cryptography
CN114489571B (en) Asymmetric algorithm calculation circuit
CN114614970A (en) Privacy data security processing method based on multi-calculator and homomorphic encryption
Nair et al. Analysis of ECC for application specific WSN security
Xue et al. Secure and privacy-preserving decision tree classification with lower complexity
CN112099760B (en) Single multiplier seamless scheduling method for point addition and doubling in SM2 cryptographic algorithm
US7024559B1 (en) Method of elliptic curve digital signature using expansion in joint sparse form
CN116451805A (en) Privacy protection federal learning method based on blockchain anti-poisoning attack
JP6457911B2 (en) Scalar multiplier
Wang et al. Side-channel masking with common shares
Bessalov et al. 3-and 5-isogenies of supersingular Edwards curves
Dąbrowski et al. Generation and Implementation of Cryptographically Strong Elliptic Curves
Aoki et al. Efficient Word Size Modular Multiplication over Signed Integers
Cohen et al. Odd harmonic numbers exceed 10²⁴
JPH11161169A (en) Accelerating method of finite field arithmetic operations on elliptic curve
Birkner et al. Faster halvings in genus 2

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant