CN114745099A - FPGA-based poseidon hash algorithm optimization method - Google Patents
FPGA-based poseidon hash algorithm optimization method Download PDFInfo
- Publication number
- CN114745099A CN114745099A CN202210410309.2A CN202210410309A CN114745099A CN 114745099 A CN114745099 A CN 114745099A CN 202210410309 A CN202210410309 A CN 202210410309A CN 114745099 A CN114745099 A CN 114745099A
- Authority
- CN
- China
- Prior art keywords
- montgomery
- algorithm
- poseidon
- calculation
- matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Complex Calculations (AREA)
Abstract
The invention discloses an optimization method of a poseidon hash algorithm based on an FPGA, which comprises the following steps: optimizing parameters and flow optimization of a poseidon algorithm and optimizing bottom Montgomery modular multiplication in an FPGA; wherein constant calculation, matrix calculation, constant and matrix selection and algorithm flow optimization are carried out in the poseidon hash algorithm parameters and flow optimization; in the bottom Montgomery modular multiplication optimization, the input value of the Montgomery algorithm is converted into a Montgomery form from a standard value, and the division operation with high calculation cost in modular multiplication and power-mode operation is converted into shift and multiplication with low calculation cost, so that the calculation efficiency is improved. The Poseidon Hash algorithm is realized based on the FPGA, parameters, algorithm flows and the like are optimized, the algorithm efficiency is improved, and the Poseidon Hash algorithm can be applied to scenes such as zero-knowledge proof, block chains, distributed storage calculation and the like under the support of hardware equipment; the bottom Montgomery algorithm is realized based on the FPGA, optimization is performed, and the operation efficiency of large integers is improved.
Description
Technical Field
The invention relates to optimization of a hash algorithm, in particular to an optimization method of a poseidon hash algorithm based on an FPGA.
Background
The hash function used for cryptography has strict requirements, unidirectional: hashing from data is easy but cannot be, or is difficult to, reverse and theoretically infeasible. No correlation exists: it is required that in the case of a little change in input, an entirely different output is produced, so that the correlation between data cannot be seen at all from the hash value. Uniqueness: the same hash value cannot be generated from different data, which cannot be achieved substantially artificially, i.e. with a very low probability, and this characteristic can also be referred to as collision safety. In the field of distributed storage, a PoseidonHash algorithm is used for scattering and encrypting large-capacity GB-level data.
Poseidon hashing may map elements in GF (p) into a single element in GF (p) in the form ofWhere t is the input number and p is the order of the finite field. Since zero-knowledge proofs such as ZKsnark, zkstark, bullletproof, etc. use a lot of pedersen hashes, sha256, etc. hash algorithms to ensure integrity, but the efficiency is low in proofs and verifications, while poseidon hashes are based on traditional hash design methods (SPN-like structures), are more efficient hash algorithms over finite domains, and support most curves used in zero-knowledge proofs (BN, BLS, Ed 25519).
Poseidon hashing may be used for the following scenarios: a commitment function in a zero knowledge proof, in which protocol a secret value is typically encrypted by the commitment function and a zero knowledge proof is generated; mapping a plurality of finite field elements into one element or variable length hash; existence proof for leaf nodes in merkle trees, e.g., proof that a certain node belongs to a certain tree.
Disclosure of Invention
The invention aims to solve the technical problems that the calculation workload of Poseidon hash algorithm on PFGA at present is huge, the existing hardware level cannot keep up with large-scale data amount calculation, and an optimized calculation mode is needed, so that the existing PFGA can be processed.
The invention is realized by the following technical scheme:
an FPGA-based poseidon hash algorithm optimization method comprises the following steps: optimizing parameters and flow optimization of a poseidon algorithm and optimizing bottom Montgomery modular multiplication in an FPGA; wherein constant calculation, matrix calculation, constant and matrix selection and algorithm flow optimization are carried out in the poseidon Hash algorithm parameters and flow optimization; in the bottom Montgomery modular multiplication optimization, the input value of the Montgomery algorithm is converted into a Montgomery form from a standard value, and the division operation with high calculation cost in modular multiplication and power-mode operation is converted into shift and multiplication with low calculation cost, so that the calculation efficiency is improved.
At present, Poseidon hash mainly comprises a plurality of round functions, and the round functions mainly comprise three parts:
AddRoundContents, denoted ARC (), i.e. added to a constant;
SubWords, denoted S-Box () or SB (), contains a nonlinear transformation;
MixLayer, denoted M (), the confusion function, typically the product of a constant MDS matrix.
There are two types of round functions: the input of each round of Full S-Box and Partial S-Box, the Full S-Box round function needs to calculate the S-Box value, namely the ARC () → SB () → M () complete process needs to be calculated, and the Partial S-Box only needs to calculate the S-Box of one input value for each round.
The Poseido hash algorithm flow comprises the following steps:
first, R is carried outfRound Full S-Box, then RpThe Partial S-Box round, and finally RfRound Full S-Box, consensus calculation (2 tR)f+tRp) sub-ARC (), M () operations, (2 tR)f+Rp) sub-SB () operation, where t is the number of input elements plus 1.
Further, in the SPN structure adopted for constant calculation in the above steps, since both the swap linear transformation stage and the constant calculation are linear, the equivalent transformation is performed by swapping the calculation order. Constant c for each roundiAfter transformation is represented asWhere MC is the ith round of linear transformation (Mixlayer).
This property can be used to permute the constant computation portion from the last round of the loop to the beginning portion in the Partial S-Box phase. Therefore, it is necessary toThe constant is divided into two parts, one part is used for the calculation of the Partial S-Box with the S-Box, and the other part is used for the calculation of the Partial S-Box without the S-Box. By this form, except for the original RfAfter the round is finished, a constant is needed to be added, and the rest of constants can be added after the output of the S-Box.
Furthermore, in the exchange linear transformation stage in the matrix calculation in the steps, when the product of the matrix and the MDS matrix is calculated, multithreading and parallel calculation are used, and the matrix operation efficiency is improved. The product of the MDS matrix is calculated, and the t × tMDS matrix is recorded as
WhereinA MDS matrix of (t-1) × (t-1), v is a 1 × matrix (t-1), and ω is a vector of (t-1) × 1. By translation, the matrix M can be represented as:
According to the conclusion in constant calculation, the Partial S-Box and the Mixlayer (the part of the product with M ') can be sequentially exchanged, and after the exchange, each linear transformation (Mixlayer) becomes the product with the matrix M' in the Partial S-Box stage. Due to M' (t-1)2-(t-1)=t2The-3 t +2 elements are 0, and thus are sparse matrices, which can reduce the number of multiplications in the linear transform (Mixlayer) stage.
In addition, the current software implementation of matrix multiplication adopts a two-layer loop nesting mode, and the complexity is O (n)2) Therefore, a multi-thread or parallel computing mode can be used, and the matrix operation efficiency is improved.
Further, when the algorithm flow in the step is optimized, the input of the poseidon hash algorithm is determined as 11 big 256-bit integers, the output is determined as 1 big 256-bit integer, and the implementation and optimization are carried out, wherein the algorithm flow is as follows:
s1: expanding 11 input values into 12 256-bit large integers;
s2: adding the first 12 constants to the 12 input values;
s3: 4 rounds of Full S-Box are carried out, each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s4: performing 57 rounds of Partial S-Box, wherein each round of Partial S-Box comprises 1 exponential operation, 1 addition operation and sparse matrix multiplication, and returning 12 large integers;
s5: performing 3 rounds of Full S-Box, wherein each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s6: performing a last round of Full S-Box, including 12 exponential operations and matrix multiplication, and returning 12 large integers;
s7: the second element is output as a256 bit large integer.
Further, the montgomery algorithm in the step includes modular multiplication, reduction and power-mode operation, and the input value of the montgomery algorithm is converted into the montgomery form and then expressed as X ═ xRmodN, where X is a standard value, X is a montgomery representation, R is a montgomery parameter, and mod is a remainder function.
The Montgomery algorithm is one of algorithms which are high in efficiency for calculating large number modular multiplication and power modular at present, and the main idea is to convert division operation with high calculation cost in modular multiplication and power modular operation into shift and multiplication with low calculation cost, so that the calculation efficiency is improved.
The Montgomery algorithm mainly comprises modular multiplication, reduction and power-mode operation, wherein an input value of the Montgomery algorithm needs to be converted from a standard value into a Montgomery form, namely X (X Rmod N), wherein X is the standard value, X is a Montgomery representation method, and R is a Montgomery parameter.
Montgomery modular multiplication: calculation of XYR-1modN
Montgomery reduction: calculating XR-1modN
Montgomery power modulo: calculating XymodN
When calculating large integer multiplication (such as 256-bit large integer), the large integer is usually expressed as a word in several computers according to the operating system and the number of bits of the CPU, for example, one word is 64-bit in a 64-bit system, so that 256-bit can be expressed as 4 64-bit (words) for easy storage and calculation.
For the Montgomery algorithm, the calculations may also be performed by expressing 256-bit large integers as 4 multiplications of 64-bit large integers. Montgomery modular multiplication requires a large integer multiplication to be performed first and a Montgomery reduction to be performed again. If a 256-bit large integer is represented as 4 64-bit integers, the multiplication z is calculated as xy, where x is x0+x1a+x2a2+x3a3,y=y0+y1a+y2a2+y3a3,a=264Time can be generally calculated as follows
Wherein z is0,...,z7For 64bit integers, the correlation relationship is shown in fig. 18 below, and the above process is embodied in the montgomery modular multiplication step 1, when calculating the square,
z=x0 2+2x0x1a+(x1 2+2x0x2)a2+2(x1x2+x0x3)a3+(x2 2+2x1x3)a4+2x2x3a5+x3 2a6
the number of computations for multiplication can be reduced, and is slightly more efficient than ordinary multiplication, so that the square computation and ordinary multiplication are usually implemented separately.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the Poseidon hash algorithm optimization method based on the FPGA realizes the Poseidon hash algorithm based on the FPGA, optimizes parameters, algorithm flows and the like, improves algorithm efficiency, and can be applied to scenes such as zero knowledge certification, block chains, distributed storage calculation and the like under the support of hardware equipment;
2. the optimization method of the poseidon hash algorithm based on the FPGA realizes the bottom Montgomery algorithm based on the FPGA, optimizes the algorithm and improves the operation efficiency of large integers;
drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a logic diagram of a Montgomery reduction hardware implementation of the present invention.
FIG. 2 is a modulo operation diagram under reduction hardware.
Figure 3 is a graph of a single multiplier output under reduction hardware.
Fig. 4 is a graph of the total multiplier output under reduction hardware.
FIG. 5 is a diagram of adder output under reduction hardware.
FIG. 6 is a diagram of divider output under reduced hardware.
Fig. 7 is a graph of the subtractor output under reduction hardware.
FIG. 8 is a logic diagram of a Montgomery modular squaring hardware implementation of the present invention.
FIG. 9 is an operation diagram under squaring hardware.
Fig. 10 is a truncated diagram under squaring hardware.
Fig. 11 is a diagram of an adder under squaring hardware.
Fig. 12 is a diagram of a subtractor under squaring hardware.
FIG. 13 is a logic diagram of a Montgomery modular multiplication operation hardware implementation according to the present invention.
Fig. 14 is a diagram of an adder-multiplier under modular multiplication hardware.
FIG. 15 is a modular diagram in modular multiplication hardware.
FIG. 16 is a diagram of an adder under modular multiplication hardware.
Fig. 17 is a diagram of a subtractor under modular multiplication hardware.
FIG. 18 is a schematic diagram of large integer multiplication.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Examples
According to the optimization method of the Poseidon hash algorithm based on the FPGA, when optimization is carried out, as the input bit width of the xilinx DSP ip is 27x18bits, the minimum unit multiplication operation is further disassembled into 16bits in width, namely 256-bit large integers are expressed as 16-bit integers, and the circuit implementation is facilitated. The Montgomery algorithm is realized and optimized as shown in figures 1-7: montgomery reduction: calculating XR-1modN, where X is a standard value, X is a Montgomery representation, and R is a Montgomery parameter (typically 2 may be selected)256) The parameter ω ═ N needs to be calculated in advance-1mod264。
The 4 by 64bit montgomery reduction process is as follows:
as shown in FIGS. 8-12, Montgomery modulus squared: calculating X2R-1modN, where X is a standard value, X is Montgomery notation, and R is Montgomery parameter (typically 2 is preferred)256) The parameter ω ═ N needs to be calculated in advance- 1mod264. When calculating, firstly, T is calculated as X2Once more, calculateThe montgomery reduction is achieved by a 4 by 64bit montgomery modular squaring process as follows:
as shown in FIGS. 13-17, Montgomery modular multiplication can also be viewed as a large integer multiplication and a Montgomery reduction calculation, calculating XYR-1modN, where X ═ xRmodN and Y ═ yRmodN, where X and Y are standard values, X and Y are montgomery notation, and R is montgomery parameter (typically, 2 may be taken)256) The parameter ω ═ N needs to be calculated in advance-1mod264。
The Montgomery multiplication can be optimized by a CIOS method, and the main idea is to perform Montgomery reduction while performing multiplication, namely to perform one round of large integer multiplication (4 groups of 64-bit multiplication) and then perform one round of Montgomery reduction, and the main flow is as follows:
the above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (5)
1. An FPGA-based poseidon hash algorithm optimization method is characterized by comprising the following steps:
optimizing parameters and flow optimization of a poseidon algorithm and optimizing bottom Montgomery modular multiplication in an FPGA; wherein constant calculation, matrix calculation, constant and matrix selection and algorithm flow optimization are carried out in the poseidon Hash algorithm parameters and flow optimization;
in the bottom Montgomery modular multiplication optimization, the input value of the Montgomery algorithm is converted into a Montgomery form from a standard value, and the division operation with high calculation cost in modular multiplication and power-mode operation is converted into shift and multiplication with low calculation cost, so that the calculation efficiency is improved.
2. The method according to claim 1, wherein in the SPN structure used for constant computation in the step, since the switching linear transformation stage and the constant computation are linear, the equivalent transformation is performed by switching the computation order.
3. The optimization method of the poseidon hash algorithm based on the FPGA of claim 1, wherein in the step of the matrix calculation, the product of the matrix calculation and the MDS matrix is calculated in a linear transformation stage by using multithreading and parallel calculation, thereby improving the matrix operation efficiency.
4. The optimization method of the poseidon hash algorithm based on the FPGA of claim 1, wherein when the algorithm flow in the step is optimized, the input of the poseidon hash algorithm is determined as 11 big 256-bit integers, and the output is determined as 1 big 256-bit integer, so as to implement and optimize, wherein the algorithm flow is as follows:
s1: expanding 11 input values into 12 256-bit large integers;
s2: adding the first 12 constants to the 12 input values;
s3: 4 rounds of Full S-Box are carried out, each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s4: performing 57 rounds of Partial S-Box, wherein each round of Partial S-Box comprises 1 exponential operation, 1 addition operation and sparse matrix multiplication, and returning 12 large integers;
s5: performing 3 rounds of Full S-Box, wherein each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s6: performing a last round of Full S-Box, including 12 exponential operations and matrix multiplication, and returning 12 large integers;
s7: the second element is output as a256 bit large integer.
5. The method of claim 1, wherein the Montgomery algorithm in the step (A) comprises modular multiplication, reduction and power-mode operations, and the Montgomery algorithm input values are converted into Montgomery form and expressed as X-xRmod N, where X is a standard value, X is a Montgomery representation, R is a Montgomery parameter, and mod is a remainder function.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210410309.2A CN114745099B (en) | 2022-04-19 | 2022-04-19 | FPGA-based poseidon hash algorithm optimization method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210410309.2A CN114745099B (en) | 2022-04-19 | 2022-04-19 | FPGA-based poseidon hash algorithm optimization method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114745099A true CN114745099A (en) | 2022-07-12 |
CN114745099B CN114745099B (en) | 2023-04-04 |
Family
ID=82280722
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210410309.2A Active CN114745099B (en) | 2022-04-19 | 2022-04-19 | FPGA-based poseidon hash algorithm optimization method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114745099B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114757034A (en) * | 2022-04-20 | 2022-07-15 | 麦田云网(杭州)信息技术有限公司 | FPGA-based poseidon hash algorithm optimization system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109933304A (en) * | 2019-03-20 | 2019-06-25 | 四川卫士通信息安全平台技术有限公司 | Quick Montgomery modular multiplier operation optimization method suitable for the close sm2p256v1 algorithm of state |
CN110351087A (en) * | 2019-09-06 | 2019-10-18 | 南京秉速科技有限公司 | The montgomery modulo multiplication operation method and computing device of pipeline-type |
CN112787799A (en) * | 2020-12-30 | 2021-05-11 | 浙江萤火虫区块链科技有限公司 | Poseidon Hash algorithm implementation circuit and implementation method thereof |
CN113296705A (en) * | 2021-05-27 | 2021-08-24 | 浙江萤火虫区块链科技有限公司 | Architecture system for parallel computing Poseidon Hash in Filecin |
CN114138235A (en) * | 2021-12-06 | 2022-03-04 | 南京大学 | Soft and hard cooperative segmented scanning Montgomery modular exponentiation computing system and readable storage medium |
-
2022
- 2022-04-19 CN CN202210410309.2A patent/CN114745099B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109933304A (en) * | 2019-03-20 | 2019-06-25 | 四川卫士通信息安全平台技术有限公司 | Quick Montgomery modular multiplier operation optimization method suitable for the close sm2p256v1 algorithm of state |
CN110351087A (en) * | 2019-09-06 | 2019-10-18 | 南京秉速科技有限公司 | The montgomery modulo multiplication operation method and computing device of pipeline-type |
CN112787799A (en) * | 2020-12-30 | 2021-05-11 | 浙江萤火虫区块链科技有限公司 | Poseidon Hash algorithm implementation circuit and implementation method thereof |
CN113296705A (en) * | 2021-05-27 | 2021-08-24 | 浙江萤火虫区块链科技有限公司 | Architecture system for parallel computing Poseidon Hash in Filecin |
CN114138235A (en) * | 2021-12-06 | 2022-03-04 | 南京大学 | Soft and hard cooperative segmented scanning Montgomery modular exponentiation computing system and readable storage medium |
Non-Patent Citations (1)
Title |
---|
满程程: ""基于区块链的电子艺术交易品交易系统设计与实现"", 《中国优秀硕士学位论文全文数据库 信息科技辑 (月刊)》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114757034A (en) * | 2022-04-20 | 2022-07-15 | 麦田云网(杭州)信息技术有限公司 | FPGA-based poseidon hash algorithm optimization system |
Also Published As
Publication number | Publication date |
---|---|
CN114745099B (en) | 2023-04-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Mert et al. | Design and implementation of encryption/decryption architectures for BFV homomorphic encryption scheme | |
Yaman et al. | A hardware accelerator for polynomial multiplication operation of CRYSTALS-KYBER PQC scheme | |
Okada et al. | Implementation of Elliptic Curve Cryptographic Coprocessor over GF (2 m) on an FPGA | |
US7027598B1 (en) | Residue number system based pre-computation and dual-pass arithmetic modular operation approach to implement encryption protocols efficiently in electronic integrated circuits | |
Gueron et al. | Efficient implementation of the Galois Counter Mode using a carry-less multiplier and a fast reduction algorithm | |
WO2020006692A1 (en) | Fully homomorphic encryption method and device and computer readable storage medium | |
WO2010048719A1 (en) | Method and apparatus for modulus reduction | |
Koch | Increasing the size of a network by a constant factor can increase performance by more than a constant factor | |
CN114745099B (en) | FPGA-based poseidon hash algorithm optimization method | |
Zhang et al. | Efficient prime-field arithmetic for elliptic curve cryptography on wireless sensor nodes | |
JP3302043B2 (en) | Encryption communication method and system | |
CN114757034A (en) | FPGA-based poseidon hash algorithm optimization system | |
CN112564890B (en) | Method, device, processor and electronic equipment for accelerating SM4 algorithm | |
CN113467754A (en) | Lattice encryption modular multiplication operation method and framework based on decomposition reduction | |
Moon et al. | Fast VLSI arithmetic algorithms for high-security elliptic curve cryptographic applications | |
CN111865559B (en) | Rapid realization method and device for SM4 algorithm | |
Yeniaras et al. | Faster characteristic three polynomial multiplication and its application to NTRU Prime decapsulation | |
WO2023236899A1 (en) | Data processing method, apparatus, device and storage medium | |
CN116527274B (en) | Elliptic curve signature verification method and system based on multi-scalar multiplication rapid calculation | |
CN115270155A (en) | Method for obtaining maximum common divisor of big number expansion and hardware architecture | |
Rahman et al. | Highly area-efficient implementation of modular multiplication for elliptic curve cryptography | |
Yanlong | Cryptanalysis of the cryptosystems based on the generalized hidden discrete logarithm problem | |
Atighehchi | A precise non-asymptotic complexity analysis of parallel hash functions without tree topology constraints | |
CN114650135B (en) | Software and hardware cooperated SM2 elliptic curve cryptography algorithm implementation method | |
Zhang et al. | Meet-in-the-middle attack with splice-and-cut technique and a general automatic framework |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |