Fast and flexible hardware support for elliptic curve cryptography over multiple standard prime finite fields




Alrimeih, Hamad

Journal Title

Journal ISSN

Volume Title



Exchange of private information over a public medium must incorporate a method for data protection against unauthorized access. Elliptic curve cryptography (ECC) has become widely accepted as an efficient mechanism to secure private data using public-key protocols. Scalar multiplication (which translates into a sequence of point operations each involving several modular arithmetic operations) is the main ECC computation, where the scalar value is secret and must be secured. In this dissertation, we consider ECC over five standard prime finite fields recommended by the National Institute of Standard and Technology (NIST), with the corresponding prime sizes of 192, 224, 256, 384, and 521 bits. This dissertation presents our general hardware-software approach and technical details of our novel hardware processor design, aimed at accelerating scalar multiplications with flexible security-performance tradeoffs. To enhance performance, our processor exploits parallelism by pipelining modular arithmetic computations and associated input/output data transfers. To enhance security, modular arithmetic computations and associated data transfers are grouped into atomically executed computational blocks, in order to make curve point operations indistinguishable and thus mask the scalar value. The flexibility of our processor is achieved through the software-controlled hardware programmability, which allows for different scenarios of computing atomic block sequences. Each scenario is characterized by a certain trade-off between the processor’s security and performance. As the best trade-off scenario is specific to the user and/or application requirements, our approach allows for such a scenario to be chosen dynamically by the system software, thus facilitating system adaptation to dynamically changing requirements. Since modular multiplications are the most critical low-level operation in ECC computations, we also propose a novel modular multiplier specifically optimized to take full advantage of the fast reduction algorithms associated with the five NIST primes. The proposed architecture has been prototyped on a Xilinx Virtex-6 FPGA and takes between 0.30 ms and 3.91 ms to perform a typical scalar multiplication. Such performance figures demonstrate both flexibility and efficiency of our proposed design and compares favourably against other systems reported in the literature.



Elliptic Curve Cryptography, Programmable Hardware, Parallel Atomic Computations, Security-Performance Tradeoffs