عنوان انگلیسی مقاله:
Balancing elliptic curve coprocessors from bottom to top
ترجمه فارسی عنوان مقاله:
متعادل کننده پردازشگرهای منحنی بیضوی از پایین به بالا
Sciencedirect - Elsevier - Microprocessors and Microsystems, 71 (2019) 102866: doi:10:1016/j:micpro:2019:102866
Niels Pirotte a , Jo Vliegen a , Lejla Batina b , Nele Mentens a , ∗
In 2016, Renes et al. were the first to propose complete addition formulas for Elliptic Curve Cryptogra- phy (ECC) on Weierstrass curves. With these formulas, the same set of equations can be used for point addition and point doubling, which makes software and hardware implementations less vulnerable to side-channel (SCA) attacks. Further, all inputs are valid, so there is no need for conditional statements handling special cases such as the point at infinity. This paper presents the first ASIC design of the complete addition formulas of Renes et al. Each com- putation layer in the design is balanced, from the field arithmetic to the point multiplication. The design explores two datapaths: a full-width Montgomery Multiplier ALU (MMALU) with a built-in adder and a serialized version of the MMALU. The interface sizes of the MMALU are optimized through an explo- ration of the design parameters. The register file size is minimized through an optimal scheduling of the modular operations. The top-level point multiplication is implemented using the Montgomery ladder algorithm, with the additional option of randomizing the execution order of the point operations as a countermeasure against SCA attacks. The implementation results after synthesis are generated using the open source NANGATE45 library.
Keywords: ASIC Weierstrass curve | Complete addition formulas | Elliptic curve cryptography (ECC) | Side-channel analysis (SCA) | Simple power analysis (SPA)| Differential power analysis (DPA) | Montgomery ladder