Implementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware (original) (raw)
Related papers
15th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM 2007), 2007
Currently, the best known algorithm for factorizing modulus of the RSA public key cryptosystem is the Number Field Sieve. One of its important phases usually combines a sieving technique and a method for checking smoothness of mid-size numbers. For this factorization, the Elliptic Curve Method (ECM) is an attractive solution. As ECM is highly regular and many parallel computations are required, hardware-based platforms were shown to be more cost-effective than software solutions.
Hardware Factorization Based on Elliptic Curve Method
13th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM'05)
The security of the most popular asymmetric cryptographic scheme RSA depends on the hardness of factoring large numbers. The best known method for factorization large integers is the General Number Field Sieve (GNFS). Recently, architectures for special purpose hardware for the GNFS have been proposed [5, 12]. One important step within the GNFS is the factorization of mid-size numbers for smoothness testing, an efficient algorithm for which is the Elliptic Curve Method (ECM). Since the smoothness testing is also suitable for parallelization, it is promising to improve ECM via special-purpose hardware. We show that massive parallel and cost efficient ECM hardware engines can improve the cost-time product of the RSA moduli factorization via the GNFS considerably. The computation of ECM is a classical example for an algorithm that can be significantly accelerated through special-purpose hardware. In this work, we present an efficient hardware implementation of ECM to factor numbers up to 200 bits, which is also scalable to other bit lengths. For proof-ofconcept purposes, ECM is realized as a softwarehardware co-design on an FPGA and an embedded microcontroller. This appears to be the first publication of a realized hardware implementation of ECM, and the first description of GNFS acceleration through hardware-based ECM.
An FPGA implementation of an elliptic curve processor GF (2 m)
Proceedings of the 14th ACM Great …, 2004
This paper describes a hardware implementation of an arithmetic processor which is efficient for elliptic curve (EC) cryptosystems, which are becoming increasingly popular as an alternative for public key cryptosystems based on factoring. The modular multiplication is implemented using a Montgomery modular multiplication in a systolic array architecture, which has the advantage that the clock frequency becomes independent of the bit length m.
High-Performance Integer Factoring with Reconfigurable Devices
We present a novel FPGA-based implementation of the Elliptic Curve Method (ECM) for the factorization of medium-sized composite integers. More precisely, we demonstrate an ECM implementation capable to determine prime factors of up to 2,424 151-bit integers per second using a single Xilinx Virtex-4 SX35 FPGA. Using this implementation on a cluster like the COPACOBANA is beneficial for attacking cryptographic primitives like the well-known RSA cryptosystem with advanced methods such as the Number Field Sieve (NFS).
An FPGA implementation of an elliptic curve processor GF(2 m )
2004
This paper describes a hardware implementation of an arithmetic processor which is efficient for elliptic curve (EC) cryptosystems, which are becoming increasingly popular as an alternative for public key cryptosystems based on factoring. The modular multiplication is implemented using a Montgomery modular multiplication in a systolic array architecture, which has the advantage that the clock frequency becomes independent of the bit length m.
Reconfigurable Architecture for Elliptic Curve Cryptography Using FPGA
Mathematical Problems in Engineering, 2013
The high performance of an elliptic curve (EC) crypto system depends efficiently on the arithmetic in the underlying finite field. We have to propose and compare three levels of Galois Field GF(2 163), GF(2 193), and GF(2 256). The proposed architecture is based on Lopez-Dahab elliptic curve point multiplication algorithm, which uses Gaussian normal basis for GF(2 163) field arithmetic. The proposed GF(2 193) is based on an efficient Montgomery add and double algorithm, also the Karatsuba-Ofman multiplier and Itoh-Tsujii algorithm are used as the inverse component. The hardware design is based on optimized finite state machine (FSM), with a single cycle 193 bits multiplier, field adder, and field squarer. The another proposed architecture GF(2 256) is based on applications for which compactness is more important than speed. The FPGA's dedicated multipliers and carry-chain logic are used to obtain the small data path. The different optimization at the hardware level improves the acceleration of the ECC scalar multiplication, increases frequency and the speed of operation such as key generation, encryption, and decryption. Finally, we have to implement our design using Xilinx XC4VLX200 FPGA device.
A microcoded elliptic curve processor using FPGA technology
IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 2002
The implementation of a microcoded elliptic curve processor using field-programmable gate array technology is described. This processor implements optimal normal basis field operations in 2. The design is synthesized by a parameterized module generator, which can accommodate arbitrary and also produce field multipliers with different speed/area tradeoffs. The control part of the processor is microcoded, enabling curve operations to be incorporated into the processor and hence reducing the chip's I/O requirements. The microcoded approach also facilitates rapid development and algorithmic optimization: for example, projective and affine coordinates were supported using different microcode. The design was successfully tested on a Xilinx Virtex XCV1000-6 device and could perform an elliptic curve multiplication over the field 2 using affine and projective coordinates for = 113 155 and 173.
Journal of Signal Processing Systems, 2010
This paper presents a processor architecture for elliptic curve cryptography computations over GF(p). The speed to compute the Elliptic-curve point multiplication over the prime fields GF(p) is increased by using the maximum degree of parallelism, and by carefully selecting the most appropriate coordinates system. The proposed Elliptic Curve processor is implemented using FPGAs. The time, area and throughput results are obtained, analyzed, and compared with previously proposed designs showing interesting performance and features.
A compact FPGA-based architecture for elliptic curve cryptography over prime fields
Proceedings of the 21st IEEE International Conference on Application-specific Systems, Architectures and Processors (ASAP 2010), 2010
This paper proposes an FPGA-based applicationspecific elliptic curve processor over a prime field. This research targets applications for which compactness is more important than speed. To obtain a small datapath, the FPGA's dedicated multipliers and carry-chain logic are used and no parallellism is introduced. A small control unit is obtained by following a microcode approach, in which the instructions are stored in the FPGA's Block RAM. The use of algorithms that prevent Simple Power Analysis (SPA) attacks creates an extra cost in latency. Nevertheless, the created processor is flexible in the sense that it can handle all finite field operations over 256-bit prime fields and all elliptic curves of a specified form. The comparison with other implementations on the same generation of FPGAs learns that our design occupies the smallest area.