CN115913556B - Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation - Google Patents

Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation Download PDF

Info

Publication number
CN115913556B
CN115913556B CN202211702753.8A CN202211702753A CN115913556B CN 115913556 B CN115913556 B CN 115913556B CN 202211702753 A CN202211702753 A CN 202211702753A CN 115913556 B CN115913556 B CN 115913556B
Authority
CN
China
Prior art keywords
elliptic curve
point
coefficient
segment
points
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211702753.8A
Other languages
Chinese (zh)
Other versions
CN115913556A (en
Inventor
汪福全
刘明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenglong Singapore Pte Ltd
Original Assignee
Shenglong Singapore Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenglong Singapore Pte Ltd filed Critical Shenglong Singapore Pte Ltd
Priority to CN202211702753.8A priority Critical patent/CN115913556B/en
Publication of CN115913556A publication Critical patent/CN115913556A/en
Application granted granted Critical
Publication of CN115913556B publication Critical patent/CN115913556B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Image Processing (AREA)

Abstract

Herein, a textAn apparatus, method and storage medium for accelerating elliptic curve scalar point multiplication calculations are disclosed. The device comprises: the data storage is used for storing a plurality of elliptic curve middle point sets in advance; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curve intermediate points are elliptic curve reference points P 0 Is a multiple of the point(s); an encoder for binary-encoding the input elliptic curve coefficients; the divider is used for dividing the elliptic curve coefficient binary codes into N sections according to a preset bit width W; and the scalar point multiplication calculator is used for obtaining elliptic curve intermediate points from the corresponding elliptic curve intermediate point set according to the coded values of the elliptic curve coefficient binary codes segment by segment from the lowest bit segment of the elliptic curve coefficient binary codes, and carrying out point-by-point accumulation on the obtained elliptic curve intermediate points to carry out addition operation or subtraction operation on elliptic curve points to obtain a final output point. The scheme can improve the calculation efficiency of the algorithm.

Description

Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation
Technical Field
The embodiment of the application relates to the technical field of cryptography, in particular to a device, a method and a storage medium for accelerating elliptic curve scalar point multiplication calculation.
Background
Elliptic curve cryptosystem (Elliptic Curve Cryptography, ECC) is a public key cryptosystem based on elliptic curve math. The use of elliptic curves in cryptography was independently proposed in 1985 by NealKoblitz and Victor Miller, respectively. Elliptic curve discrete logarithm problem based on elliptic curve cryptosystem is more difficult than large integer factorization and discrete logarithm problem, and has remarkable advantages compared with traditional public key cryptosystem: (1) The anti-attack strength is higher, and the known effective attack means are less. (2) The key length required by ECC is much smaller under the same security strength, thus greatly reducing the required calculation amount, energy expenditure, storage space and data flow.
Scalar point multiplication calculation of elliptic curves is widely used in the fields of homomorphic encryption, polynomial promise algorithm, privacy calculation, elliptic curve signature and the like in the current zero knowledge proof field.
In the conventional elliptic curve scalar point multiplication calculation method, q=kp is calculated, k is a coefficient, P is a known reference point on the elliptic curve, and since k is usually large, the calculation amount is very large, which is unfavorable for rapid calculation.
Disclosure of Invention
The embodiment of the application provides a device for accelerating scalar point multiplication calculation of an elliptic curve, which comprises the following components:
the data storage is used for storing a plurality of elliptic curve middle point sets in advance; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curve intermediate points are elliptic curve reference points P 0 Is a multiple of the point(s);
the coder is used for binary coding the input elliptic curve coefficients to obtain elliptic curve coefficient binary codes;
the divider is used for dividing the elliptic curve coefficient binary codes into N sections according to a preset bit width W;l is the length of the elliptic curve coefficient binary code; />Rounding up the symbol;
and the scalar point multiplication calculator is used for obtaining elliptic curve intermediate points from the corresponding elliptic curve intermediate point set according to the coded values of the elliptic curve coefficient binary codes segment by segment from the lowest bit segment of the elliptic curve coefficient binary codes, and carrying out point-by-point accumulation on the obtained elliptic curve intermediate points to carry out addition operation or subtraction operation on elliptic curve points to obtain a final output point.
The embodiment of the application provides a method for accelerating scalar point multiplication calculation of an elliptic curve, which comprises the following steps:
pre-storing a plurality of elliptic curve middle point sets; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curve intermediate points are elliptic curve reference points P 0 Is a multiple of the point(s);
binary encoding is performed on the input elliptic curve coefficients,obtaining an elliptic curve coefficient binary code; dividing the elliptic curve coefficient binary code into N sections according to a preset bit width W;l is the length of the elliptic curve coefficient binary code; />Rounding up the symbol;
and starting from the lowest bit segment of the elliptic curve coefficient binary code, obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set according to the coding value of the elliptic curve coefficient binary code segment by segment, and carrying out addition operation or subtraction operation of elliptic curve points on the obtained elliptic curve intermediate points point by point in a cumulative way to obtain a final output point.
The embodiments of the present application provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method for accelerating elliptic curve scalar point multiplication calculation described above.
The device, the method and the storage medium for accelerating elliptic curve scalar point multiplication calculation are provided by the embodiment of the application, and a plurality of elliptic curve intermediate point sets are stored in the data storage in advance; the encoder performs binary coding on the input elliptic curve coefficients to obtain elliptic curve coefficient binary coding; dividing the elliptic curve coefficient binary code into N sections according to a preset bit width W by a divider; and the scalar point multiplication calculator starts from the lowest bit segment of the elliptic curve coefficient binary code, acquires elliptic curve intermediate points from the corresponding elliptic curve intermediate point set according to the coded value of the elliptic curve coefficient binary code segment by segment, and performs addition operation or subtraction operation of elliptic curve points on the point-by-point accumulation of the acquired elliptic curve intermediate points to obtain a final output point. The device and the method for accelerating the scalar point multiplication calculation of the elliptic curve can improve the calculation efficiency of an algorithm by encoding elliptic curve coefficients in a segmented mode and storing the intermediate points of the elliptic curve in advance.
Other aspects will become apparent upon reading and understanding the accompanying drawings and detailed description.
Drawings
The accompanying drawings are included to provide an understanding of the technical aspects of the present application, and are incorporated in and constitute a part of this specification, illustrate the technical aspects of the present application and together with the embodiments of the present application, and not constitute a limitation to the technical aspects of the present application.
FIG. 1 is a schematic diagram of an apparatus for accelerating elliptic curve scalar point multiplication calculation according to an embodiment of the present application;
FIG. 2 is a flow chart of a method of accelerating elliptic curve scalar point multiplication calculations according to an embodiment of the present application.
Detailed Description
The present application describes a number of embodiments, but the description is illustrative and not limiting and it will be apparent to those of ordinary skill in the art that many more embodiments and implementations are possible within the scope of the embodiments described herein. Although many possible combinations of features are shown in the drawings and discussed in the detailed description, many other combinations of the disclosed features are possible. Any feature or element of any embodiment may be used in combination with or in place of any other feature or element of any other embodiment unless specifically limited.
The present application includes and contemplates combinations of features and elements known to those of ordinary skill in the art. The embodiments, features and elements disclosed in the present application may also be combined with any conventional features or elements to form a unique inventive arrangement as defined in the appended claims. Any feature or element of any embodiment may also be combined with features or elements from other inventive arrangements to form another unique inventive arrangement as defined in the appended claims. Thus, it should be understood that any of the features shown and/or discussed in this application may be implemented alone or in any suitable combination. Accordingly, the embodiments are not to be restricted except in light of the attached claims and their equivalents. Further, various modifications and changes may be made within the scope of the appended claims.
The embodiment of the application provides a device for accelerating scalar point multiplication calculation of an elliptic curve. As shown in fig. 1, an apparatus for accelerating scalar point multiplication calculation of an elliptic curve, comprising:
a data memory 10 for storing a plurality of elliptic curve middle point sets in advance; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curve intermediate points are elliptic curve reference points P 0 Is a multiple of the point(s);
an encoder 20 for binary-encoding the input elliptic curve coefficients to obtain elliptic curve coefficient binary codes;
a divider 30 for dividing the elliptic curve coefficient binary codes into N segments according to a preset bit width W;l is the length of the elliptic curve coefficient binary code; />Rounding up the symbol;
and the scalar point multiplication calculator 40 is configured to obtain elliptic curve intermediate points from the corresponding elliptic curve intermediate point set according to the encoded values of the binary encoding of the elliptic curve coefficients segment by segment from the lowest bit segment of the binary encoding of the elliptic curve coefficients, and perform addition or subtraction of elliptic curve points on the obtained elliptic curve intermediate points in a point-by-point accumulation manner to obtain a final output point.
The device for accelerating the scalar point multiplication calculation of the elliptic curve provided by the embodiment of the application comprises a data memory, an encoder, a divider and a scalar point multiplication calculator. The data storage stores a plurality of elliptic curve middle point sets in advance; the encoder performs binary coding on the input elliptic curve coefficients to obtain elliptic curve coefficient binary coding; dividing the elliptic curve coefficient binary code into N sections according to a preset bit width W by a divider; and the scalar point multiplication calculator starts from the lowest bit segment of the elliptic curve coefficient binary code, acquires elliptic curve intermediate points from the corresponding elliptic curve intermediate point set according to the coded value of the elliptic curve coefficient binary code segment by segment, and performs addition operation or subtraction operation of elliptic curve points on the point-by-point accumulation of the acquired elliptic curve intermediate points to obtain a final output point. The device for accelerating the scalar point multiplication calculation of the elliptic curve provided by the embodiment can improve the calculation efficiency of an algorithm by sectionally encoding the elliptic curve coefficients and storing the intermediate points of the elliptic curve in advance.
In some exemplary embodiments, the preset bit width W is determined according to the calculation speed requirement and the storage capacity of the data storage. Dividing the binary code of the elliptic curve coefficient into N segments according to a preset bit width W, and assuming W=8, the length of the binary code of the input elliptic curve coefficient is 20 bits, then
In some exemplary embodiments, the j-th elliptic curve midpoint P of the i-th elliptic curve midpoint set ij Is an elliptic curve reference point P 0 K of (2) ij Doubling points; p (P) ij =k ij P 0 ;k ij =j*2 (i-1)W The method comprises the steps of carrying out a first treatment on the surface of the i and j are natural numbers.
In some exemplary embodiments, the divider is configured to divide the elliptic curve coefficient binary code k into N segments according to a preset bit width W by:
wherein n is i Is the coding value of the binary coding of the coefficient of the ith elliptic curve; n is n i ≤2 W -1, all n i Is a non-negative integer, n N Is not zero.
In some exemplary embodiments, each elliptic curve midpoint set comprises 2 W -1 elliptic curve midpoint;
the scalar point multiplication calculator is configured to obtain elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points according to a coded value of the binary coding of the elliptic curve coefficient segment by segment from a lowest bit segment of the binary coding of the elliptic curve coefficient segment by using the following manner, and perform addition operation or subtraction operation of elliptic curve points on point-by-point accumulation of the obtained elliptic curve intermediate points to obtain a final output point:
for the ith segment of elliptic curve coefficient binary coding, if the segment of elliptic curve coefficient binary coding has a coding value n i If the value is not 0, the nth value is obtained from the ith elliptic curve middle point set i A middle point of elliptic curve, if the elliptic curve coefficient of the segment is binary coded with a coding value n i If the value is 0, directly skipping the ith elliptic curve middle point set; i is more than or equal to 1 and less than or equal to N;
accumulating all the obtained elliptic curve intermediate points point by point to perform addition operation of elliptic curve points to obtain a final output point P out ;P out =∑P i ;P i Is the mid-point of the obtained elliptic curve.
Each elliptic curve middle point set comprises 2 W -1 elliptic curve intermediate points, some elliptic curve intermediate points P are listed in table 1 below ij Is an example of (a).
TABLE 1
In some exemplary embodiments, each elliptic curve midpoint set comprises 2 W-1 A middle point of each elliptic curve;
the scalar point multiplication calculator is configured to obtain elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points according to a coded value of the binary coding of the elliptic curve coefficient segment by segment from a lowest bit segment of the binary coding of the elliptic curve coefficient segment by using the following manner, and perform addition operation or subtraction operation of elliptic curve points on point-by-point accumulation of the obtained elliptic curve intermediate points to obtain a final output point:
for the elliptic curve coefficient binary coding of the lowest-order segment, directly or indirectly acquiring an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set according to the coding value of the elliptic curve coefficient binary coding of the segment, and generating a carry to an adjacent high-order segment when indirectly acquiring the elliptic curve intermediate point from the corresponding elliptic curve intermediate point set; for the binary codes of the elliptic curve coefficients of the ith section except the lowest-order section, when the adjacent low-order section carries to the current-order section, adding 1 to the coding value of the binary code of the elliptic curve coefficient of the current-order section to be used as the final coding value of the binary code of the elliptic curve coefficient of the current-order section, when the adjacent low-order section does not carry to the current-order section, taking the coding value of the binary code of the elliptic curve coefficient of the current-order section as the final coding value of the binary code of the elliptic curve coefficient of the current-order section, directly or indirectly acquiring an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set according to the final coding value of the binary code of the elliptic curve coefficient of the current-order section, and generating a carry to the adjacent high-order section when the elliptic curve intermediate point is indirectly acquired from the corresponding elliptic curve intermediate point set;
if the highest bit section generates a carry, directly acquiring a 1 st elliptic curve intermediate point from the n+1st elliptic curve intermediate point set;
accumulating all the obtained elliptic curve intermediate points point by point to perform addition operation or subtraction operation of elliptic curve points to obtain a final output point P out ;P out =∑a i P i ;P i Is the middle point of the obtained elliptic curve, when P i A is obtained directly from the corresponding elliptic curve middle point set i =1, when P i Is indirectly obtained from the corresponding elliptic curve middle point set i =-1。
In some exemplary embodiments, the scalar point multiplication calculator is configured to obtain elliptic curve intermediate points directly or indirectly from a corresponding set of elliptic curve intermediate points from the binary coded values of the segment of elliptic curve coefficients in the following manner:
if the segment of elliptic curve coefficient is binary coded with a coded value n 1 If the value is 0, directly skipping the 1 st elliptic curve middle point set; if the segment of elliptic curve coefficient is binary coded with a coded value n 1 Satisfy 0<n 1 ≤2 W-1 Then the nth elliptic curve is obtained from the 1 st elliptic curve middle point set 1 A middle point of each elliptic curve; if the segment of elliptic curve coefficient is binary coded with a coded value n 1 Satisfy 2 W-1 <n 1 ≤2 W -1, then obtain 2 from the 1 st elliptic curve midpoint set W -n 1 An elliptic curve midpoint.
In some exemplary embodiments, the scalar point multiplication calculator is configured to binary-encode the final encoded value n 'according to the segment of elliptic curve coefficients in the following manner' i Directly or indirectly obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set:
if the final code value n' i Satisfy n' i =0, then skip the i-th elliptic curve middle point set directly; if the final code value i' i Satisfy 0<n′ i ≤2 W-1 Then the nth 'is obtained from the ith elliptic curve intermediate point set' i A middle point of each elliptic curve; if the final code value n' i Satisfy 2 W-1 <n′ i ≤2 W -1, then obtain 2 from the i-th elliptic curve midpoint set W -n′ i A middle point of each elliptic curve; i is more than or equal to 1 and N is more than or equal to N.
Each elliptic curve middle point set comprises 2 W-1 Intermediate points of the elliptic curves are shown in Table 2 below ij Is an example of (a).
TABLE 2
j=1 j=2 j=3 j=4 …… j=2 W-1
i=1 P 0 2P 0 3P 0 4P 0 …… 2 W-1 P 0
i=2 2 W P 0 2*2 W P 0 3*2 W P 0 4*2 W P 0 …… (2 W-1 )*2 W P 0
i=3 2 2W P 0 2*2 2W P 0 3*2 2W P 0 4*2 2W P 0 …… (2 W-1 )*2 2W P 0
i=4 2 3W P 0 2*2 3W P 0 3*2 3W P 0 4*2 3W P 0 …… (2 W-1 )*2 3W P 0
Each elliptic curve middle point set comprises 2 W-1 A set of elliptic curve intermediate points each comprising 2 W 1 elliptic curve middle point, the data storage amount is reduced by half, and the cost of storage resources can be greatly reduced. For example, when w=8, each elliptic curve midpoint set includes 2 7 (128) A set of elliptic curve intermediate points each comprising 2 8 1 (255) elliptic curve middle points, the data storage quantity is reduced by half, and the cost of storage resources can be greatly reduced.
The embodiment of the application provides a method for accelerating scalar point multiplication calculation of an elliptic curve. As shown in fig. 2, a method for accelerating scalar point multiplication calculation of an elliptic curve includes:
step S10, a plurality of elliptic curve middle point sets are stored in advance; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curve intermediate points are elliptic curve reference points P 0 Is a multiple of the point(s);
s20, performing binary coding on the input elliptic curve coefficients to obtain elliptic curve coefficient binary codes; dividing the elliptic curve coefficient binary code into N sections according to a preset bit width W;l is the length of the elliptic curve coefficient binary code; />Rounding up the symbol;
step S30, starting from the lowest bit segment of the elliptic curve coefficient binary code, obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set according to the coded value of the elliptic curve coefficient binary code segment by segment, and performing addition operation or subtraction operation of elliptic curve points on the obtained elliptic curve intermediate points in a point-by-point accumulation mode to obtain a final output point.
The method for accelerating scalar point multiplication calculation of elliptic curves, provided by the embodiment of the application, stores a plurality of elliptic curve intermediate point sets in advance; binary coding is carried out on the input elliptic curve coefficients, and elliptic curve coefficient binary coding is obtained; dividing the elliptic curve coefficient binary code into N sections according to a preset bit width W; and starting from the lowest bit segment of the elliptic curve coefficient binary code, obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set according to the coding value of the elliptic curve coefficient binary code segment by segment, and carrying out addition operation or subtraction operation of elliptic curve points on the obtained elliptic curve intermediate points point by point in a cumulative way to obtain a final output point. The method for accelerating the scalar point multiplication calculation of the elliptic curve provided by the embodiment can improve the calculation efficiency of an algorithm by sectionally encoding the elliptic curve coefficients and storing the intermediate points of the elliptic curve in advance.
In some exemplary embodiments, the j-th elliptic curve midpoint P of the i-th elliptic curve midpoint set ij Is an elliptic curve reference point P 0 K of (2) ij Doubling points; p (P) ij =k ij P 0 ;k ij =j*2 (i-1)W The method comprises the steps of carrying out a first treatment on the surface of the i and j are natural numbers.
In some exemplary embodiments, the elliptic curve coefficient binary codes k are divided into N segments according to a preset bit width W, including segmentation in the following manner:
wherein n is i Is the coding value of the binary coding of the coefficient of the ith elliptic curve; n is n i ≤2 W -1, all n i Is a non-negative integer, n N Is not zero.
In some exemplary embodiments, each elliptic curve midpoint set comprises 2 W -1 elliptic curve midpoint;
obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set according to the segment of the binary coded values of the elliptic curve coefficients from the lowest bit segment of the binary coded elliptic curve coefficients, and performing addition operation or subtraction operation of elliptic curve points on the obtained elliptic curve intermediate points in a point-by-point accumulation manner to obtain a final output point, wherein the method comprises the following steps:
for the ith segment of elliptic curve coefficient binary coding, if the segment of elliptic curve coefficient binary coding has a coding value n i If the value is not 0, the nth value is obtained from the ith elliptic curve middle point set i A middle point of elliptic curve, if the elliptic curve coefficient of the segment is binary coded with a coding value n i If the value is 0, directly skipping the ith elliptic curve middle point set; i is more than or equal to 1 and less than or equal to N;
accumulating all the obtained elliptic curve intermediate points point by point to perform addition operation of elliptic curve points to obtain a final output point P out ;P out =∑P i ;P i Is the mid-point of the obtained elliptic curve.
In some exemplary embodiments, each elliptic curve midpoint set comprises 2 W-1 A middle point of each elliptic curve;
obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set according to the segment of the binary coded values of the elliptic curve coefficients from the lowest bit segment of the binary coded elliptic curve coefficients, and performing addition operation or subtraction operation of elliptic curve points on the obtained elliptic curve intermediate points in a point-by-point accumulation manner to obtain a final output point, wherein the method comprises the following steps:
for the elliptic curve coefficient binary coding of the lowest-order segment, directly or indirectly acquiring an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set according to the coding value of the elliptic curve coefficient binary coding of the segment, and generating a carry to an adjacent high-order segment when indirectly acquiring the elliptic curve intermediate point from the corresponding elliptic curve intermediate point set; for the binary codes of the elliptic curve coefficients of the ith section except the lowest-order section, when the adjacent low-order section carries to the current-order section, adding 1 to the coding value of the binary code of the elliptic curve coefficient of the current-order section to be used as the final coding value of the binary code of the elliptic curve coefficient of the current-order section, when the adjacent low-order section does not carry to the current-order section, taking the coding value of the binary code of the elliptic curve coefficient of the current-order section as the final coding value of the binary code of the elliptic curve coefficient of the current-order section, directly or indirectly acquiring an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set according to the final coding value of the binary code of the elliptic curve coefficient of the current-order section, and generating a carry to the adjacent high-order section when the elliptic curve intermediate point is indirectly acquired from the corresponding elliptic curve intermediate point set;
if the highest bit section generates a carry, directly acquiring a 1 st elliptic curve intermediate point from the n+1st elliptic curve intermediate point set;
accumulating all the obtained elliptic curve intermediate points point by point to perform addition operation or subtraction operation of elliptic curve points to obtain a final output point P out ;P out =∑a i P i ;P i Is the middle point of the obtained elliptic curve, when P i A is obtained directly from the corresponding elliptic curve middle point set i =1, when P i Is indirectly obtained from the corresponding elliptic curve middle point set i =-1。
In some exemplary embodiments, obtaining elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points directly or indirectly from the segment of binary-coded values of the elliptic curve coefficients comprises:
if the segment of elliptic curve coefficient is binary coded with a coded value n 1 If the value is 0, directly skipping the 1 st elliptic curve middle point set; if the segment of elliptic curve coefficient is binary coded with a coded value n 1 Satisfy 0<n 1 ≤2 W-1 Then the nth elliptic curve is obtained from the 1 st elliptic curve middle point set 1 A middle point of each elliptic curve; if the segment of elliptic curve coefficient is binary coded with a coded value n 1 Satisfy 2 W-1 <n 1 ≤2 W -1, then obtain 2 from the 1 st elliptic curve midpoint set W -n 1 An elliptic curve midpoint.
In some exemplary embodiments, the final encoded value n is binary-encoded according to the segment of elliptic curve coefficients i ' directly or indirectly obtaining elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points, comprising:
if the final code value n i ' satisfy n i ' 0, directly skipping the ith elliptic curve middle point set; if the final code value n i i satisfies 0<n i ′≤2 W-1 Acquiring the nth point from the ith elliptic curve middle point set i ' elliptic curve middle points; if the final code value n ' satisfy 2 W-1 <n i ′≤2 W -1, then obtain 2 from the i-th elliptic curve midpoint set W -n i ' elliptic curve middle points; i is more than or equal to 1 and N is more than or equal to N.
Each elliptic curve middle point set comprises 2 W-1 A set of elliptic curve intermediate points each comprising 2 W 1 elliptic curve middle point, the data storage amount is reduced by half, and the cost of storage resources can be greatly reduced.
The embodiments of the present application provide a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method for accelerating elliptic curve scalar point multiplication calculation described above.
Those of ordinary skill in the art will appreciate that the functional modules/units in the apparatus disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between the functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed cooperatively by several physical components. Some or all of the components may be implemented as software executed by a processor, such as a digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as known to those skilled in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer. Furthermore, as is well known to those of ordinary skill in the art, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.

Claims (7)

1. An apparatus for accelerating elliptic curve scalar point multiplication calculations, comprising:
the data storage is used for storing a plurality of elliptic curve middle point sets in advance; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curves are formed byThe point between the two points is the elliptic curve reference point P 0 Is a multiple of the point(s); wherein, the j-th elliptic curve intermediate point P in the i-th elliptic curve intermediate point set ij Is an elliptic curve reference point P 0 K of (2) ij Doubling points; p (P) ij =k ij P 0 ;k ij =j*2 (i-1)W The method comprises the steps of carrying out a first treatment on the surface of the i and j are natural numbers; w is a preset bit width;
the coder is used for binary coding the input elliptic curve coefficients to obtain elliptic curve coefficient binary codes;
the divider is used for dividing the elliptic curve coefficient binary code k into N sections according to a preset bit width W:wherein (1)>L is the length of the elliptic curve coefficient binary code; />Rounding up the symbol; n is n i Is the coding value of the binary coding of the coefficient of the ith elliptic curve; n is n i ≤2 W -1, all n i Is a non-negative integer, n N Is not zero;
a scalar point multiplication calculator, configured to obtain, from a lowest-order segment of the elliptic curve coefficient binary code, elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points according to a coded value of the segment of the elliptic curve coefficient binary code, and perform addition or subtraction of elliptic curve points on the obtained elliptic curve intermediate points in a point-by-point manner to obtain a final output point; wherein the bit segment of the binary coding of the i-th segment elliptic curve coefficient corresponds to the i-th elliptic curve midpoint set.
2. The apparatus of claim 1, wherein:
each elliptic curve middle point set comprises 2 W -1 elliptic curveA line intermediate point;
the scalar point multiplication calculator is configured to obtain elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points according to a coded value of the binary coding of the elliptic curve coefficient segment by segment from a lowest bit segment of the binary coding of the elliptic curve coefficient segment by using the following manner, and perform addition operation or subtraction operation of elliptic curve points on point-by-point accumulation of the obtained elliptic curve intermediate points to obtain a final output point:
for the ith segment of elliptic curve coefficient binary coding, if the segment of elliptic curve coefficient binary coding has a coding value n i If the value is not 0, the nth value is obtained from the ith elliptic curve middle point set i A middle point of elliptic curve, if the elliptic curve coefficient of the segment is binary coded with a coding value n i If the value is 0, directly skipping the ith elliptic curve middle point set; i is more than or equal to 1 and less than or equal to N;
accumulating all the obtained elliptic curve intermediate points point by point to perform addition operation of elliptic curve points to obtain a final output point P out ;P out =∑P i ;P i Is the mid-point of the obtained elliptic curve.
3. The apparatus of claim 1, wherein:
each elliptic curve middle point set comprises 2 W-1 A middle point of each elliptic curve;
the scalar point multiplication calculator is configured to obtain elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points according to a coded value of the binary coding of the elliptic curve coefficient segment by segment from a lowest bit segment of the binary coding of the elliptic curve coefficient segment by using the following manner, and perform addition operation or subtraction operation of elliptic curve points on point-by-point accumulation of the obtained elliptic curve intermediate points to obtain a final output point:
for the elliptic curve coefficient binary coding of the lowest-order segment, directly or indirectly acquiring an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set according to the coding value of the elliptic curve coefficient binary coding of the segment, and generating a carry to an adjacent high-order segment when indirectly acquiring the elliptic curve intermediate point from the corresponding elliptic curve intermediate point set; for the binary codes of the elliptic curve coefficients of the ith section except the lowest-order section, when the adjacent low-order section carries to the current-order section, adding 1 to the coding value of the binary code of the elliptic curve coefficient of the current-order section to be used as the final coding value of the binary code of the elliptic curve coefficient of the current-order section, when the adjacent low-order section does not carry to the current-order section, taking the coding value of the binary code of the elliptic curve coefficient of the current-order section as the final coding value of the binary code of the elliptic curve coefficient of the current-order section, directly or indirectly acquiring an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set according to the final coding value of the binary code of the elliptic curve coefficient of the current-order section, and generating a carry to the adjacent high-order section when the elliptic curve intermediate point is indirectly acquired from the corresponding elliptic curve intermediate point set; if the highest bit section generates a carry, directly acquiring a 1 st elliptic curve intermediate point from the n+1st elliptic curve intermediate point set;
accumulating all the obtained elliptic curve intermediate points point by point to perform addition operation or subtraction operation of elliptic curve points to obtain a final output point P out ;P out =∑a i P i ;P i Is the middle point of the obtained elliptic curve, when P i A is obtained directly from the corresponding elliptic curve middle point set i =1, when P i Is indirectly obtained from the corresponding elliptic curve middle point set i =-1;
When the encoding value or the final encoding value of the binary encoding of the elliptic curve coefficient of the segment directly obtains an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set, the encoding value or the final encoding value can be directly used for obtaining the elliptic curve intermediate point from the corresponding elliptic curve intermediate point set;
when the coded value n is binary coded according to the segment of elliptic curve coefficient 1 Indirectly obtaining the elliptic curve intermediate points from the corresponding elliptic curve intermediate point sets, the coding value n 1 Conversion to 2 W -n 1 Later, the method is used for obtaining an elliptic curve intermediate point from a corresponding elliptic curve intermediate point set;
when the final code value n is binary coded according to the elliptic curve coefficient of the segment i i the final code value n when the elliptic curve intermediate points are indirectly obtained from the corresponding elliptic curve intermediate point set i i conversion to 2 W -n i The method is used for acquiring the elliptic curve middle points from the corresponding elliptic curve middle point set.
4. A device as claimed in claim 3, wherein:
the scalar point multiplication calculator is used for directly or indirectly obtaining elliptic curve intermediate points from corresponding elliptic curve intermediate point sets according to the binary coded coding values of the elliptic curve coefficients in the following manner:
if the segment of elliptic curve coefficient is binary coded with a coded value n 1 If the value is 0, directly skipping the 1 st elliptic curve middle point set; if the segment of elliptic curve coefficient is binary coded with a coded value n 1 Satisfy 0<n 1 ≤2 W-1 Then the nth elliptic curve is obtained from the 1 st elliptic curve middle point set 1 A middle point of each elliptic curve; if the segment of elliptic curve coefficient is binary coded with a coded value n 1 Satisfy 2 W-1 <n 1 ≤2 W -1, then obtain 2 from the 1 st elliptic curve midpoint set W -n 1 An elliptic curve midpoint.
5. A device as claimed in claim 3, wherein:
the scalar point multiplication calculator is used for binary coding the final coding value n according to the elliptic curve coefficient of the segment in the following way i ' directly or indirectly obtaining elliptic curve intermediate points from a corresponding set of elliptic curve intermediate points:
if the final code value n i i satisfies n i i=0, then directly skipping the i-th elliptic curve middle point set; if the final code value n i ' satisfy 0<n i i≤2 W-1 Acquiring the nth point from the ith elliptic curve middle point set i i elliptic curve middle points; if finally encodedValue n i i satisfies 2 Q-1 <n i ′≤2 W -1, then obtain 2 from the i-th elliptic curve midpoint set W -n i ' elliptic curve middle points; i is more than or equal to 2 and N is more than or equal to N.
6. A method of accelerating elliptic curve scalar point multiplication calculations, comprising:
pre-storing a plurality of elliptic curve middle point sets; each elliptic curve intermediate point set comprises at least one elliptic curve intermediate point, and the elliptic curve intermediate points are elliptic curve reference points P 0 Is a multiple of the point(s); wherein, the j-th elliptic curve intermediate point P in the i-th elliptic curve intermediate point set ij Is an elliptic curve reference point P 0 K of (2) ij Doubling points; p (P) ij =k ij P 0 ;k ij =j*2 (i-1)W The method comprises the steps of carrying out a first treatment on the surface of the i and j are natural numbers; w is a preset bit width;
binary coding is carried out on the input elliptic curve coefficients, and an elliptic curve coefficient binary code k is obtained; dividing the elliptic curve coefficient binary code k into N sections according to a preset bit width W: wherein; />L is the length of the elliptic curve coefficient binary code; />Rounding up the symbol; n is n i Is the coding value of the binary coding of the coefficient of the ith elliptic curve; n is n i ≤2 W -1, all n i Is a non-negative integer, n N Is not zero;
starting from the lowest bit section of the elliptic curve coefficient binary code, obtaining elliptic curve intermediate points from a corresponding elliptic curve intermediate point set according to the coding value of the elliptic curve coefficient binary code section by section, and accumulating the obtained elliptic curve intermediate points point by point to perform addition operation or subtraction operation of elliptic curve points to obtain a final output point; wherein the bit segment of the binary coding of the i-th segment elliptic curve coefficient corresponds to the i-th elliptic curve midpoint set.
7. A computer readable storage medium storing a computer program which when executed by a processor performs the steps of the method of accelerating elliptic curve scalar point multiplication calculations of claim 6.
CN202211702753.8A 2022-12-28 2022-12-28 Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation Active CN115913556B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211702753.8A CN115913556B (en) 2022-12-28 2022-12-28 Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211702753.8A CN115913556B (en) 2022-12-28 2022-12-28 Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation

Publications (2)

Publication Number Publication Date
CN115913556A CN115913556A (en) 2023-04-04
CN115913556B true CN115913556B (en) 2024-01-26

Family

ID=86492428

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211702753.8A Active CN115913556B (en) 2022-12-28 2022-12-28 Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation

Country Status (1)

Country Link
CN (1) CN115913556B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103942031A (en) * 2014-04-28 2014-07-23 山东华芯半导体有限公司 Elliptic domain curve operational method and elliptic domain curve arithmetic unit
CN104298646A (en) * 2014-09-29 2015-01-21 北京宏思电子技术有限责任公司 Method and device for obtaining point multiplication operation result of elliptic curve cryptograph

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103942031A (en) * 2014-04-28 2014-07-23 山东华芯半导体有限公司 Elliptic domain curve operational method and elliptic domain curve arithmetic unit
CN104298646A (en) * 2014-09-29 2015-01-21 北京宏思电子技术有限责任公司 Method and device for obtaining point multiplication operation result of elliptic curve cryptograph

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Montgomery形式椭圆曲线的标量乘法运算;周晚 等;硅谷;全文 *

Also Published As

Publication number Publication date
CN115913556A (en) 2023-04-04

Similar Documents

Publication Publication Date Title
JP3391251B2 (en) Adaptive probability estimation method, adaptive encoding method, and adaptive decoding method
EP1995974B1 (en) Method for realizing arithmetic coding
JP4155539B2 (en) Information transmission method and apparatus, and storage medium
CN101902228B (en) Rapid cyclic redundancy check encoding method and device
CN110635807A (en) Data coding method and decoding method
CN107070463B (en) Efficient construction method of polarization code
Lai et al. Communicating with chaos using two-dimensional symbolic dynamics
Chee et al. Deciding the confusability of words under tandem repeats in linear time
CN110545162B (en) Multivariate LDPC decoding method and device based on code element reliability dominance degree node subset partition criterion
CN115913556B (en) Device, method and storage medium for accelerating elliptic curve scalar point multiplication calculation
Rifà-Pous et al. Product perfect codes and steganography
KR101698875B1 (en) Apparatus and method for decoding of ldpc code
CN115862653A (en) Audio denoising method and device, computer equipment and storage medium
US8150899B2 (en) Method for finding minimal signed digit with variable multi-bit coding based on booth&#39;s algorithm
US7193542B2 (en) Digital data compression robust relative to transmission noise
CN115765755A (en) ANS coding and decoding method, equipment and medium based on finite field multiplication
US20150143197A1 (en) Codes for Enhancing the Repeated Use of Flash Memory
CN107026652B (en) Partition-based positive integer sequence compression method
CN113114276B (en) Network coding and decoding method and device based on cyclic shift and related components
Yacobi Fast exponentiation using data compression
Knezevic et al. Modular reduction without precomputational phase
Greig Design techniques for efficient sparse regression codes
Noma et al. Iterative sliding window method for shorter number of operations in modular exponentiation and scalar multiplication
CN112272923B (en) Construction of punctured polarization codes
US10523474B1 (en) Approximate enumerative sphere shaping

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant