CN114745099A - FPGA-based poseidon hash algorithm optimization method - Google Patents

FPGA-based poseidon hash algorithm optimization method Download PDF

Info

Publication number
CN114745099A
CN114745099A CN202210410309.2A CN202210410309A CN114745099A CN 114745099 A CN114745099 A CN 114745099A CN 202210410309 A CN202210410309 A CN 202210410309A CN 114745099 A CN114745099 A CN 114745099A
Authority
CN
China
Prior art keywords
montgomery
algorithm
poseidon
calculation
matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210410309.2A
Other languages
Chinese (zh)
Other versions
CN114745099B (en
Inventor
王伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Maitian Cloud Hangzhou Information Technology Co ltd
Original Assignee
Maitian Cloud Hangzhou Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maitian Cloud Hangzhou Information Technology Co ltd filed Critical Maitian Cloud Hangzhou Information Technology Co ltd
Priority to CN202210410309.2A priority Critical patent/CN114745099B/en
Publication of CN114745099A publication Critical patent/CN114745099A/en
Application granted granted Critical
Publication of CN114745099B publication Critical patent/CN114745099B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Complex Calculations (AREA)

Abstract

The invention discloses an optimization method of a poseidon hash algorithm based on an FPGA, which comprises the following steps: optimizing parameters and flow optimization of a poseidon algorithm and optimizing bottom Montgomery modular multiplication in an FPGA; wherein constant calculation, matrix calculation, constant and matrix selection and algorithm flow optimization are carried out in the poseidon hash algorithm parameters and flow optimization; in the bottom Montgomery modular multiplication optimization, the input value of the Montgomery algorithm is converted into a Montgomery form from a standard value, and the division operation with high calculation cost in modular multiplication and power-mode operation is converted into shift and multiplication with low calculation cost, so that the calculation efficiency is improved. The Poseidon Hash algorithm is realized based on the FPGA, parameters, algorithm flows and the like are optimized, the algorithm efficiency is improved, and the Poseidon Hash algorithm can be applied to scenes such as zero-knowledge proof, block chains, distributed storage calculation and the like under the support of hardware equipment; the bottom Montgomery algorithm is realized based on the FPGA, optimization is performed, and the operation efficiency of large integers is improved.

Description

FPGA-based poseidon hash algorithm optimization method
Technical Field
The invention relates to optimization of a hash algorithm, in particular to an optimization method of a poseidon hash algorithm based on an FPGA.
Background
The hash function used for cryptography has strict requirements, unidirectional: hashing from data is easy but cannot be, or is difficult to, reverse and theoretically infeasible. No correlation exists: it is required that in the case of a little change in input, an entirely different output is produced, so that the correlation between data cannot be seen at all from the hash value. Uniqueness: the same hash value cannot be generated from different data, which cannot be achieved substantially artificially, i.e. with a very low probability, and this characteristic can also be referred to as collision safety. In the field of distributed storage, a PoseidonHash algorithm is used for scattering and encrypting large-capacity GB-level data.
Poseidon hashing may map elements in GF (p) into a single element in GF (p) in the form of
Figure BDA0003603415320000011
Where t is the input number and p is the order of the finite field. Since zero-knowledge proofs such as ZKsnark, zkstark, bullletproof, etc. use a lot of pedersen hashes, sha256, etc. hash algorithms to ensure integrity, but the efficiency is low in proofs and verifications, while poseidon hashes are based on traditional hash design methods (SPN-like structures), are more efficient hash algorithms over finite domains, and support most curves used in zero-knowledge proofs (BN, BLS, Ed 25519).
Poseidon hashing may be used for the following scenarios: a commitment function in a zero knowledge proof, in which protocol a secret value is typically encrypted by the commitment function and a zero knowledge proof is generated; mapping a plurality of finite field elements into one element or variable length hash; existence proof for leaf nodes in merkle trees, e.g., proof that a certain node belongs to a certain tree.
Disclosure of Invention
The invention aims to solve the technical problems that the calculation workload of Poseidon hash algorithm on PFGA at present is huge, the existing hardware level cannot keep up with large-scale data amount calculation, and an optimized calculation mode is needed, so that the existing PFGA can be processed.
The invention is realized by the following technical scheme:
an FPGA-based poseidon hash algorithm optimization method comprises the following steps: optimizing parameters and flow optimization of a poseidon algorithm and optimizing bottom Montgomery modular multiplication in an FPGA; wherein constant calculation, matrix calculation, constant and matrix selection and algorithm flow optimization are carried out in the poseidon Hash algorithm parameters and flow optimization; in the bottom Montgomery modular multiplication optimization, the input value of the Montgomery algorithm is converted into a Montgomery form from a standard value, and the division operation with high calculation cost in modular multiplication and power-mode operation is converted into shift and multiplication with low calculation cost, so that the calculation efficiency is improved.
At present, Poseidon hash mainly comprises a plurality of round functions, and the round functions mainly comprise three parts:
AddRoundContents, denoted ARC (), i.e. added to a constant;
SubWords, denoted S-Box () or SB (), contains a nonlinear transformation;
MixLayer, denoted M (), the confusion function, typically the product of a constant MDS matrix.
There are two types of round functions: the input of each round of Full S-Box and Partial S-Box, the Full S-Box round function needs to calculate the S-Box value, namely the ARC () → SB () → M () complete process needs to be calculated, and the Partial S-Box only needs to calculate the S-Box of one input value for each round.
The Poseido hash algorithm flow comprises the following steps:
first, R is carried outfRound Full S-Box, then RpThe Partial S-Box round, and finally RfRound Full S-Box, consensus calculation (2 tR)f+tRp) sub-ARC (), M () operations, (2 tR)f+Rp) sub-SB () operation, where t is the number of input elements plus 1.
Further, in the SPN structure adopted for constant calculation in the above steps, since both the swap linear transformation stage and the constant calculation are linear, the equivalent transformation is performed by swapping the calculation order. Constant c for each roundiAfter transformation is represented as
Figure BDA0003603415320000024
Where MC is the ith round of linear transformation (Mixlayer).
This property can be used to permute the constant computation portion from the last round of the loop to the beginning portion in the Partial S-Box phase. Therefore, it is necessary toThe constant is divided into two parts, one part is used for the calculation of the Partial S-Box with the S-Box, and the other part is used for the calculation of the Partial S-Box without the S-Box. By this form, except for the original RfAfter the round is finished, a constant is needed to be added, and the rest of constants can be added after the output of the S-Box.
Furthermore, in the exchange linear transformation stage in the matrix calculation in the steps, when the product of the matrix and the MDS matrix is calculated, multithreading and parallel calculation are used, and the matrix operation efficiency is improved. The product of the MDS matrix is calculated, and the t × tMDS matrix is recorded as
Figure BDA0003603415320000021
Wherein
Figure BDA0003603415320000022
A MDS matrix of (t-1) × (t-1), v is a 1 × matrix (t-1), and ω is a vector of (t-1) × 1. By translation, the matrix M can be represented as:
Figure BDA0003603415320000023
wherein
Figure BDA0003603415320000031
I is an identity matrix of (t-1) × (t-1).
According to the conclusion in constant calculation, the Partial S-Box and the Mixlayer (the part of the product with M ') can be sequentially exchanged, and after the exchange, each linear transformation (Mixlayer) becomes the product with the matrix M' in the Partial S-Box stage. Due to M' (t-1)2-(t-1)=t2The-3 t +2 elements are 0, and thus are sparse matrices, which can reduce the number of multiplications in the linear transform (Mixlayer) stage.
In addition, the current software implementation of matrix multiplication adopts a two-layer loop nesting mode, and the complexity is O (n)2) Therefore, a multi-thread or parallel computing mode can be used, and the matrix operation efficiency is improved.
Further, when the algorithm flow in the step is optimized, the input of the poseidon hash algorithm is determined as 11 big 256-bit integers, the output is determined as 1 big 256-bit integer, and the implementation and optimization are carried out, wherein the algorithm flow is as follows:
s1: expanding 11 input values into 12 256-bit large integers;
s2: adding the first 12 constants to the 12 input values;
s3: 4 rounds of Full S-Box are carried out, each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s4: performing 57 rounds of Partial S-Box, wherein each round of Partial S-Box comprises 1 exponential operation, 1 addition operation and sparse matrix multiplication, and returning 12 large integers;
s5: performing 3 rounds of Full S-Box, wherein each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s6: performing a last round of Full S-Box, including 12 exponential operations and matrix multiplication, and returning 12 large integers;
s7: the second element is output as a256 bit large integer.
Further, the montgomery algorithm in the step includes modular multiplication, reduction and power-mode operation, and the input value of the montgomery algorithm is converted into the montgomery form and then expressed as X ═ xRmodN, where X is a standard value, X is a montgomery representation, R is a montgomery parameter, and mod is a remainder function.
The Montgomery algorithm is one of algorithms which are high in efficiency for calculating large number modular multiplication and power modular at present, and the main idea is to convert division operation with high calculation cost in modular multiplication and power modular operation into shift and multiplication with low calculation cost, so that the calculation efficiency is improved.
The Montgomery algorithm mainly comprises modular multiplication, reduction and power-mode operation, wherein an input value of the Montgomery algorithm needs to be converted from a standard value into a Montgomery form, namely X (X Rmod N), wherein X is the standard value, X is a Montgomery representation method, and R is a Montgomery parameter.
Montgomery modular multiplication: calculation of XYR-1modN
Montgomery reduction: calculating XR-1modN
Montgomery power modulo: calculating XymodN
When calculating large integer multiplication (such as 256-bit large integer), the large integer is usually expressed as a word in several computers according to the operating system and the number of bits of the CPU, for example, one word is 64-bit in a 64-bit system, so that 256-bit can be expressed as 4 64-bit (words) for easy storage and calculation.
For the Montgomery algorithm, the calculations may also be performed by expressing 256-bit large integers as 4 multiplications of 64-bit large integers. Montgomery modular multiplication requires a large integer multiplication to be performed first and a Montgomery reduction to be performed again. If a 256-bit large integer is represented as 4 64-bit integers, the multiplication z is calculated as xy, where x is x0+x1a+x2a2+x3a3,y=y0+y1a+y2a2+y3a3,a=264Time can be generally calculated as follows
Figure BDA0003603415320000041
Wherein z is0,...,z7For 64bit integers, the correlation relationship is shown in fig. 18 below, and the above process is embodied in the montgomery modular multiplication step 1, when calculating the square,
z=x0 2+2x0x1a+(x1 2+2x0x2)a2+2(x1x2+x0x3)a3+(x2 2+2x1x3)a4+2x2x3a5+x3 2a6
the number of computations for multiplication can be reduced, and is slightly more efficient than ordinary multiplication, so that the square computation and ordinary multiplication are usually implemented separately.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the Poseidon hash algorithm optimization method based on the FPGA realizes the Poseidon hash algorithm based on the FPGA, optimizes parameters, algorithm flows and the like, improves algorithm efficiency, and can be applied to scenes such as zero knowledge certification, block chains, distributed storage calculation and the like under the support of hardware equipment;
2. the optimization method of the poseidon hash algorithm based on the FPGA realizes the bottom Montgomery algorithm based on the FPGA, optimizes the algorithm and improves the operation efficiency of large integers;
drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a logic diagram of a Montgomery reduction hardware implementation of the present invention.
FIG. 2 is a modulo operation diagram under reduction hardware.
Figure 3 is a graph of a single multiplier output under reduction hardware.
Fig. 4 is a graph of the total multiplier output under reduction hardware.
FIG. 5 is a diagram of adder output under reduction hardware.
FIG. 6 is a diagram of divider output under reduced hardware.
Fig. 7 is a graph of the subtractor output under reduction hardware.
FIG. 8 is a logic diagram of a Montgomery modular squaring hardware implementation of the present invention.
FIG. 9 is an operation diagram under squaring hardware.
Fig. 10 is a truncated diagram under squaring hardware.
Fig. 11 is a diagram of an adder under squaring hardware.
Fig. 12 is a diagram of a subtractor under squaring hardware.
FIG. 13 is a logic diagram of a Montgomery modular multiplication operation hardware implementation according to the present invention.
Fig. 14 is a diagram of an adder-multiplier under modular multiplication hardware.
FIG. 15 is a modular diagram in modular multiplication hardware.
FIG. 16 is a diagram of an adder under modular multiplication hardware.
Fig. 17 is a diagram of a subtractor under modular multiplication hardware.
FIG. 18 is a schematic diagram of large integer multiplication.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
Examples
According to the optimization method of the Poseidon hash algorithm based on the FPGA, when optimization is carried out, as the input bit width of the xilinx DSP ip is 27x18bits, the minimum unit multiplication operation is further disassembled into 16bits in width, namely 256-bit large integers are expressed as 16-bit integers, and the circuit implementation is facilitated. The Montgomery algorithm is realized and optimized as shown in figures 1-7: montgomery reduction: calculating XR-1modN, where X is a standard value, X is a Montgomery representation, and R is a Montgomery parameter (typically 2 may be selected)256) The parameter ω ═ N needs to be calculated in advance-1mod264
The 4 by 64bit montgomery reduction process is as follows:
Figure BDA0003603415320000051
Figure BDA0003603415320000061
as shown in FIGS. 8-12, Montgomery modulus squared: calculating X2R-1modN, where X is a standard value, X is Montgomery notation, and R is Montgomery parameter (typically 2 is preferred)256) The parameter ω ═ N needs to be calculated in advance- 1mod264. When calculating, firstly, T is calculated as X2Once more, calculateThe montgomery reduction is achieved by a 4 by 64bit montgomery modular squaring process as follows:
Figure BDA0003603415320000062
as shown in FIGS. 13-17, Montgomery modular multiplication can also be viewed as a large integer multiplication and a Montgomery reduction calculation, calculating XYR-1modN, where X ═ xRmodN and Y ═ yRmodN, where X and Y are standard values, X and Y are montgomery notation, and R is montgomery parameter (typically, 2 may be taken)256) The parameter ω ═ N needs to be calculated in advance-1mod264
The Montgomery multiplication can be optimized by a CIOS method, and the main idea is to perform Montgomery reduction while performing multiplication, namely to perform one round of large integer multiplication (4 groups of 64-bit multiplication) and then perform one round of Montgomery reduction, and the main flow is as follows:
Figure BDA0003603415320000071
the above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (5)

1. An FPGA-based poseidon hash algorithm optimization method is characterized by comprising the following steps:
optimizing parameters and flow optimization of a poseidon algorithm and optimizing bottom Montgomery modular multiplication in an FPGA; wherein constant calculation, matrix calculation, constant and matrix selection and algorithm flow optimization are carried out in the poseidon Hash algorithm parameters and flow optimization;
in the bottom Montgomery modular multiplication optimization, the input value of the Montgomery algorithm is converted into a Montgomery form from a standard value, and the division operation with high calculation cost in modular multiplication and power-mode operation is converted into shift and multiplication with low calculation cost, so that the calculation efficiency is improved.
2. The method according to claim 1, wherein in the SPN structure used for constant computation in the step, since the switching linear transformation stage and the constant computation are linear, the equivalent transformation is performed by switching the computation order.
3. The optimization method of the poseidon hash algorithm based on the FPGA of claim 1, wherein in the step of the matrix calculation, the product of the matrix calculation and the MDS matrix is calculated in a linear transformation stage by using multithreading and parallel calculation, thereby improving the matrix operation efficiency.
4. The optimization method of the poseidon hash algorithm based on the FPGA of claim 1, wherein when the algorithm flow in the step is optimized, the input of the poseidon hash algorithm is determined as 11 big 256-bit integers, and the output is determined as 1 big 256-bit integer, so as to implement and optimize, wherein the algorithm flow is as follows:
s1: expanding 11 input values into 12 256-bit large integers;
s2: adding the first 12 constants to the 12 input values;
s3: 4 rounds of Full S-Box are carried out, each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s4: performing 57 rounds of Partial S-Box, wherein each round of Partial S-Box comprises 1 exponential operation, 1 addition operation and sparse matrix multiplication, and returning 12 large integers;
s5: performing 3 rounds of Full S-Box, wherein each round of Full S-Box comprises 12 exponential operations, 12 addition operations and a matrix product, and 12 large integers are returned;
s6: performing a last round of Full S-Box, including 12 exponential operations and matrix multiplication, and returning 12 large integers;
s7: the second element is output as a256 bit large integer.
5. The method of claim 1, wherein the Montgomery algorithm in the step (A) comprises modular multiplication, reduction and power-mode operations, and the Montgomery algorithm input values are converted into Montgomery form and expressed as X-xRmod N, where X is a standard value, X is a Montgomery representation, R is a Montgomery parameter, and mod is a remainder function.
CN202210410309.2A 2022-04-19 2022-04-19 FPGA-based poseidon hash algorithm optimization method Active CN114745099B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210410309.2A CN114745099B (en) 2022-04-19 2022-04-19 FPGA-based poseidon hash algorithm optimization method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210410309.2A CN114745099B (en) 2022-04-19 2022-04-19 FPGA-based poseidon hash algorithm optimization method

Publications (2)

Publication Number Publication Date
CN114745099A true CN114745099A (en) 2022-07-12
CN114745099B CN114745099B (en) 2023-04-04

Family

ID=82280722

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210410309.2A Active CN114745099B (en) 2022-04-19 2022-04-19 FPGA-based poseidon hash algorithm optimization method

Country Status (1)

Country Link
CN (1) CN114745099B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114757034A (en) * 2022-04-20 2022-07-15 麦田云网(杭州)信息技术有限公司 FPGA-based poseidon hash algorithm optimization system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933304A (en) * 2019-03-20 2019-06-25 四川卫士通信息安全平台技术有限公司 Quick Montgomery modular multiplier operation optimization method suitable for the close sm2p256v1 algorithm of state
CN110351087A (en) * 2019-09-06 2019-10-18 南京秉速科技有限公司 The montgomery modulo multiplication operation method and computing device of pipeline-type
CN112787799A (en) * 2020-12-30 2021-05-11 浙江萤火虫区块链科技有限公司 Poseidon Hash algorithm implementation circuit and implementation method thereof
CN113296705A (en) * 2021-05-27 2021-08-24 浙江萤火虫区块链科技有限公司 Architecture system for parallel computing Poseidon Hash in Filecin
CN114138235A (en) * 2021-12-06 2022-03-04 南京大学 Soft and hard cooperative segmented scanning Montgomery modular exponentiation computing system and readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933304A (en) * 2019-03-20 2019-06-25 四川卫士通信息安全平台技术有限公司 Quick Montgomery modular multiplier operation optimization method suitable for the close sm2p256v1 algorithm of state
CN110351087A (en) * 2019-09-06 2019-10-18 南京秉速科技有限公司 The montgomery modulo multiplication operation method and computing device of pipeline-type
CN112787799A (en) * 2020-12-30 2021-05-11 浙江萤火虫区块链科技有限公司 Poseidon Hash algorithm implementation circuit and implementation method thereof
CN113296705A (en) * 2021-05-27 2021-08-24 浙江萤火虫区块链科技有限公司 Architecture system for parallel computing Poseidon Hash in Filecin
CN114138235A (en) * 2021-12-06 2022-03-04 南京大学 Soft and hard cooperative segmented scanning Montgomery modular exponentiation computing system and readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
满程程: ""基于区块链的电子艺术交易品交易系统设计与实现"", 《中国优秀硕士学位论文全文数据库 信息科技辑 (月刊)》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114757034A (en) * 2022-04-20 2022-07-15 麦田云网(杭州)信息技术有限公司 FPGA-based poseidon hash algorithm optimization system

Also Published As

Publication number Publication date
CN114745099B (en) 2023-04-04

Similar Documents

Publication Publication Date Title
Mert et al. Design and implementation of encryption/decryption architectures for BFV homomorphic encryption scheme
Yaman et al. A hardware accelerator for polynomial multiplication operation of CRYSTALS-KYBER PQC scheme
Okada et al. Implementation of Elliptic Curve Cryptographic Coprocessor over GF (2 m) on an FPGA
US7027598B1 (en) Residue number system based pre-computation and dual-pass arithmetic modular operation approach to implement encryption protocols efficiently in electronic integrated circuits
Gueron et al. Efficient implementation of the Galois Counter Mode using a carry-less multiplier and a fast reduction algorithm
WO2020006692A1 (en) Fully homomorphic encryption method and device and computer readable storage medium
WO2010048719A1 (en) Method and apparatus for modulus reduction
Koch Increasing the size of a network by a constant factor can increase performance by more than a constant factor
CN114745099B (en) FPGA-based poseidon hash algorithm optimization method
Zhang et al. Efficient prime-field arithmetic for elliptic curve cryptography on wireless sensor nodes
JP3302043B2 (en) Encryption communication method and system
CN114757034A (en) FPGA-based poseidon hash algorithm optimization system
CN112564890B (en) Method, device, processor and electronic equipment for accelerating SM4 algorithm
CN113467754A (en) Lattice encryption modular multiplication operation method and framework based on decomposition reduction
Moon et al. Fast VLSI arithmetic algorithms for high-security elliptic curve cryptographic applications
CN111865559B (en) Rapid realization method and device for SM4 algorithm
Yeniaras et al. Faster characteristic three polynomial multiplication and its application to NTRU Prime decapsulation
WO2023236899A1 (en) Data processing method, apparatus, device and storage medium
CN116527274B (en) Elliptic curve signature verification method and system based on multi-scalar multiplication rapid calculation
CN115270155A (en) Method for obtaining maximum common divisor of big number expansion and hardware architecture
Rahman et al. Highly area-efficient implementation of modular multiplication for elliptic curve cryptography
Yanlong Cryptanalysis of the cryptosystems based on the generalized hidden discrete logarithm problem
Atighehchi A precise non-asymptotic complexity analysis of parallel hash functions without tree topology constraints
CN114650135B (en) Software and hardware cooperated SM2 elliptic curve cryptography algorithm implementation method
Zhang et al. Meet-in-the-middle attack with splice-and-cut technique and a general automatic framework

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant