SECRYPT_2019_1_CR (2).rar

<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8"> <meta name="generator" content="pdf2htmlEX"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <link rel="stylesheet" href="https://static.pudn.com/base/css/base.min.css"> <link rel="stylesheet" href="https://static.pudn.com/base/css/fancy.min.css"> <link rel="stylesheet" href="https://static.pudn.com/prod/directory_preview_static/6259288892dc900e62b787bd/raw.css"> <script src="https://static.pudn.com/base/js/compatibility.min.js"></script> <script src="https://static.pudn.com/base/js/pdf2htmlEX.min.js"></script> <script> try{ pdf2htmlEX.defaultViewer = new pdf2htmlEX.Viewer({}); }catch(e){} </script> <title></title> </head> <body> <div id="sidebar" style="display: none"> <div id="outline"> </div> </div> <div id="pf1" class="pf w0 h0" data-page-no="1"><div class="pc pc1 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/6259288892dc900e62b787bd/bg1.jpg"><div class="t m0 x1 h2 y1 ff1 fs0 fc0 sc0 ls0 ws0">High-perf<span class="_ _0"></span>ormance<span class="_"> </span>Pipelined<span class="_"> </span>FPGA<span class="_"> </span>Implementation<span class="_"> </span>of<span class="_"> </span>the<span class="_"> </span>Elliptic<span class="_"> </span>Curv<span class="_ _0"></span>e</div><div class="t m0 x2 h2 y2 ff1 fs0 fc0 sc0 ls0 ws0">Cryptography<span class="_"> </span>o<span class="_ _0"></span>ver<span class="_"> </span>GF<span class="_"> </span>(<span class="ff2">2</span></div><div class="t m0 x3 h3 y3 ff3 fs1 fc0 sc0 ls0 ws0">n</div><div class="t m0 x4 h2 y2 ff1 fs0 fc0 sc0 ls0 ws0">)</div><div class="t m0 x5 h4 y4 ff2 fs2 fc0 sc0 ls0 ws0">Salah<span class="_"> </span>Harb</div><div class="t m0 x6 h5 y5 ff2 fs3 fc0 sc0 ls0 ws0">a</div><div class="t m0 x7 h4 y4 ff2 fs2 fc0 sc0 ls0 ws0">,<span class="_"> </span>M.<span class="_"> </span>Omair<span class="_"> </span>Ahmad</div><div class="t m0 x8 h5 y5 ff2 fs3 fc0 sc0 ls0 ws0">b</div><div class="t m0 x9 h4 y4 ff2 fs2 fc0 sc0 ls0 ws0">and<span class="_"> </span>M.<span class="_"> </span>N.<span class="_"> </span>S.<span class="_"> </span>Swamy</div><div class="t m0 xa h5 y5 ff2 fs3 fc0 sc0 ls0 ws0">c</div><div class="t m0 xb h6 y6 ff3 fs4 fc0 sc0 ls0 ws0">Electrical<span class="_ _1"> </span>and<span class="_ _1"> </span>Computer<span class="_ _1"> </span>Engineering<span class="_ _1"> </span>Department,<span class="_ _1"> </span>Concor<span class="_ _0"></span>dia<span class="_ _1"> </span>University<span class="_ _0"></span>,<span class="_ _1"> </span>1440<span class="_ _1"> </span>De<span class="_ _1"> </span>maisonnue<span class="_ _0"></span>ve,<span class="_ _1"> </span>Montr<span class="_ _0"></span>eal,<span class="_ _1"> </span>Canada</div><div class="t m0 xc h7 y7 ff4 fs4 fc0 sc0 ls0 ws0">{<span class="ff3">s<span class="_ _2"> </span>rb,<span class="_ _1"> </span>omair<span class="_ _3"></span>,<span class="_ _1"> </span>swamy<span class="ff4">}</span>@ece.concor<span class="_ _0"></span>dia.ca</span></div><div class="t m0 x1 h8 y8 ff2 fs4 fc0 sc0 ls0 ws0">Ke<span class="_ _0"></span>ywords:</div><div class="t m0 xd h8 y9 ff2 fs4 fc0 sc0 ls0 ws0">Cryptography<span class="_ _4"></span>,<span class="_ _2"> </span>Elliptic<span class="_ _2"> </span>Curve<span class="_ _2"> </span>Cryptography<span class="_ _4"></span>,<span class="_ _2"> </span>FPGA,<span class="_ _2"> </span>Pipelining<span class="_ _2"> </span>Architecture,<span class="_ _5"> </span>Finite<span class="_ _2"> </span>Field<span class="_ _2"> </span>Operations,<span class="_ _2"> </span>Field</div><div class="t m0 xd h8 ya ff2 fs4 fc0 sc0 ls0 ws0">Multiplications,<span class="_"> </span>Projectiv<span class="_ _0"></span>e<span class="_"> </span>Coordination,<span class="_"> </span>Ef&#64257;cienc<span class="_ _0"></span>y<span class="_ _4"></span>.</div><div class="t m0 x1 h8 yb ff2 fs4 fc0 sc0 ls0 ws0">Abstract:</div><div class="t m0 xd h8 yc ff2 fs4 fc0 sc0 ls0 ws0">In<span class="_ _6"> </span>this<span class="_ _6"> </span>paper<span class="_ _0"></span>,<span class="_ _6"> </span>a<span class="_ _6"> </span>high-performance<span class="_ _6"> </span>area-ef&#64257;cient<span class="_ _6"> </span>hardware<span class="_ _6"> </span>design<span class="_ _6"> </span>for<span class="_ _6"> </span>the<span class="_ _6"> </span>Elliptic<span class="_ _6"> </span>Curv<span class="_ _0"></span>e<span class="_ _6"> </span>Cryptography<span class="_ _6"> </span>(ECC)</div><div class="t m0 xd h8 yd ff2 fs4 fc0 sc0 ls0 ws0">is<span class="_ _7"> </span>presented,<span class="_ _7"> </span>targeting<span class="_ _7"> </span>the<span class="_ _7"> </span>area-constrained<span class="_ _7"> </span>high-bandwidth<span class="_ _7"> </span>embedded<span class="_ _7"> </span>applications.<span class="_ _8"> </span>The<span class="_ _7"> </span>high-speed<span class="_ _7"> </span>design</div><div class="t m0 xd h8 ye ff2 fs4 fc0 sc0 ls0 ws0">is<span class="_ _6"> </span>implemented<span class="_ _6"> </span>using<span class="_ _6"> </span>pipelining<span class="_ _6"> </span>architecture.<span class="_ _9"> </span>The<span class="_ _6"> </span>applied<span class="_ _6"> </span>architecture<span class="_ _6"> </span>is<span class="_ _6"> </span>performed<span class="_ _6"> </span>using<span class="_ _6"> </span>n-bit<span class="_ _6"> </span>data<span class="_"> </span>path<span class="_ _6"> </span>of</div><div class="t m0 xd h8 yf ff2 fs4 fc0 sc0 ls0 ws0">the<span class="_ _7"> </span>&#64257;nite<span class="_ _2"> </span>&#64257;eld<span class="_ _2"> </span>GF(2</div><div class="t m0 xe h9 y10 ff3 fs5 fc0 sc0 ls0 ws0">n</div><div class="t m0 xf h8 yf ff2 fs4 fc0 sc0 ls0 ws0">).<span class="_ _a"> </span>For<span class="_ _7"> </span>the<span class="_ _2"> </span>&#64257;nite<span class="_ _7"> </span>&#64257;eld<span class="_ _2"> </span>operations,<span class="_ _5"> </span>the<span class="_ _7"> </span>implementation<span class="_ _2"> </span>in<span class="_ _2"> </span>the<span class="_ _7"> </span>ECC<span class="_ _2"> </span>uses<span class="_ _2"> </span>the<span class="_ _2"> </span>bit-parallel</div><div class="t m0 xd h8 y11 ff2 fs4 fc0 sc0 ls0 ws0">recursiv<span class="_ _0"></span>e<span class="_ _2"> </span>Karatsuba-Ofman<span class="_ _2"> </span>algorithm<span class="_ _2"> </span>for<span class="_ _2"> </span>multiplication<span class="_ _2"> </span>and<span class="_ _2"> </span>Itoh-Tsuji<span class="_ _2"> </span>for<span class="_ _2"> </span>in<span class="_ _0"></span>version.<span class="_ _a"> </span>A<span class="_ _2"> </span>modi&#64257;ed<span class="_ _2"> </span>ef&#64257;cient</div><div class="t m0 xd h8 y12 ff2 fs4 fc0 sc0 ls0 ws0">montgomery<span class="_ _6"> </span>ladder<span class="_ _6"> </span>algorithm<span class="_ _6"> </span>is<span class="_ _6"> </span>utilized<span class="_ _7"> </span>for<span class="_ _6"> </span>the<span class="_ _6"> </span>scalar<span class="_ _6"> </span>multiplication<span class="_ _6"> </span>of<span class="_ _7"> </span>a<span class="_ _6"> </span>point.<span class="_ _b"> </span>The<span class="_ _6"> </span>pipelined<span class="_ _6"> </span>registers<span class="_ _6"> </span>are</div><div class="t m0 xd h8 y13 ff2 fs4 fc0 sc0 ls0 ws0">inserted<span class="_"> </span>in<span class="_ _6"> </span>ideal<span class="_"> </span>locations,<span class="_"> </span>where<span class="_ _6"> </span>balanced-e<span class="_ _0"></span>xecution<span class="_"> </span>paths<span class="_"> </span>among<span class="_ _6"> </span>computing<span class="_"> </span>components<span class="_"> </span>are<span class="_ _6"> </span>guaranteed.<span class="_ _7"> </span>A</div><div class="t m0 xd h8 y14 ff2 fs4 fc0 sc0 ls0 ws0">Memory-less<span class="_ _6"> </span>&#64257;nite<span class="_"> </span>state<span class="_ _6"> </span>machine<span class="_ _6"> </span>model<span class="_"> </span>is<span class="_ _6"> </span>dev<span class="_ _0"></span>eloped<span class="_ _6"> </span>to<span class="_ _6"> </span>control<span class="_"> </span>the<span class="_ _6"> </span>instructions<span class="_ _6"> </span>of<span class="_"> </span>computing<span class="_ _6"> </span>the<span class="_ _6"> </span>&#64257;nite<span class="_"> </span>&#64257;eld</div><div class="t m0 xd h8 y15 ff2 fs4 fc0 sc0 ls0 ws0">operations<span class="_ _6"> </span>ef&#64257;ciently<span class="_ _4"></span>.<span class="_ _b"> </span>The<span class="_ _6"> </span>high-performance<span class="_ _7"> </span>design<span class="_ _6"> </span>has<span class="_ _7"> </span>been<span class="_ _6"> </span>implemented<span class="_ _7"> </span>using<span class="_ _6"> </span>Xilinx<span class="_ _7"> </span>V<span class="_ _4"></span>irtex,<span class="_ _6"> </span>Kintex<span class="_ _6"> </span>and</div><div class="t m0 xd h8 y16 ff2 fs4 fc0 sc0 ls0 ws0">Artix<span class="_ _7"> </span>FPGA<span class="_ _7"> </span>devices.<span class="_ _8"> </span>It<span class="_ _6"> </span>can<span class="_ _7"> </span>perform<span class="_ _7"> </span>a<span class="_ _7"> </span>single<span class="_ _7"> </span>scalar<span class="_ _2"> </span>multiplication<span class="_ _7"> </span>in<span class="_ _7"> </span>226<span class="_ _7"> </span>clock<span class="_ _7"> </span>cycles<span class="_ _7"> </span>within<span class="_ _7"> </span>0.63<span class="ff3">&#181;</span>s<span class="_ _7"> </span>using</div><div class="t m0 xd h8 y17 ff2 fs4 fc0 sc0 ls0 ws0">2780<span class="_"> </span>slices<span class="_ _6"> </span>and<span class="_"> </span>360Mhz<span class="_"> </span>working<span class="_"> </span>frequency<span class="_"> </span>on<span class="_"> </span>V<span class="_ _0"></span>irtex-7<span class="_"> </span>ov<span class="_ _0"></span>er<span class="_"> </span>GF<span class="_ _6"> </span>(2</div><div class="t m0 x10 ha y18 ff2 fs5 fc0 sc0 ls0 ws0">163</div><div class="t m0 x11 h8 y17 ff2 fs4 fc0 sc0 ls0 ws0">).<span class="_ _7"> </span>In<span class="_ _6"> </span>GF<span class="_"> </span>(2</div><div class="t m0 x12 ha y18 ff2 fs5 fc0 sc0 ls0 ws0">233</div><div class="t m0 x13 h8 y17 ff2 fs4 fc0 sc0 ls0 ws0">)<span class="_"> </span>and<span class="_ _6"> </span>GF<span class="_"> </span>(2</div><div class="t m0 x14 ha y18 ff2 fs5 fc0 sc0 ls0 ws0">571</div><div class="t m0 x15 h8 y17 ff2 fs4 fc0 sc0 ls0 ws0">),<span class="_"> </span>a<span class="_ _6"> </span>scalar</div><div class="t m0 xd h8 y19 ff2 fs4 fc0 sc0 ls0 ws0">multiplication<span class="_ _c"> </span>can<span class="_ _c"> </span>be<span class="_ _c"> </span>computed<span class="_ _c"> </span>in<span class="_ _c"> </span>327<span class="_ _c"> </span>and<span class="_ _c"> </span>674<span class="_ _c"> </span>clock<span class="_ _c"> </span>cycles<span class="_ _c"> </span>within<span class="_ _c"> </span>1.05<span class="ff3">&#181;</span>s<span class="_ _c"> </span>and<span class="_ _c"> </span>2.32<span class="ff3">&#181;</span>s,<span class="_ _c"> </span>respecti<span class="_ _0"></span>vely<span class="_ _4"></span>.<span class="_ _6"> </span>Comparing</div><div class="t m0 xd h8 y1a ff2 fs4 fc0 sc0 ls0 ws0">with<span class="_"> </span>pre<span class="_ _4"></span>vious<span class="_"> </span>works,<span class="_"> </span>our<span class="_ _c"> </span>design<span class="_"> </span>requires<span class="_ _c"> </span>less<span class="_"> </span>number<span class="_"> </span>of<span class="_ _c"> </span>clock<span class="_"> </span>cycles,<span class="_ _c"> </span>and<span class="_"> </span>operates<span class="_ _c"> </span>using<span class="_"> </span>less<span class="_"> </span>FPGA<span class="_ _c"> </span>resources</div><div class="t m0 xd h8 y1b ff2 fs4 fc0 sc0 ls0 ws0">with<span class="_ _6"> </span>competitive<span class="_ _6"> </span>high<span class="_ _6"> </span>working<span class="_ _7"> </span>frequencies.<span class="_ _8"> </span>Therefore,<span class="_ _6"> </span>the<span class="_ _7"> </span>proposed<span class="_ _7"> </span>design<span class="_ _6"> </span>is<span class="_ _7"> </span>well<span class="_ _7"> </span>suited<span class="_ _7"> </span>in<span class="_ _6"> </span>the<span class="_ _7"> </span>resources-</div><div class="t m0 xd h8 y1c ff2 fs4 fc0 sc0 ls0 ws0">constrained<span class="_ _c"> </span>real<span class="_"> </span>time<span class="_ _c"> </span>cryptosystems<span class="_"> </span>like<span class="_ _c"> </span>those<span class="_"> </span>i<span class="_ _0"></span>n<span class="_"> </span>online<span class="_ _c"> </span>banking<span class="_"> </span>services,<span class="_ _c"> </span>wearable<span class="_"> </span>smart<span class="_ _c"> </span>devices<span class="_ _c"> </span>and<span class="_ _d"> </span>network</div><div class="t m0 xd h8 y1d ff2 fs4 fc0 sc0 ls0 ws0">attached<span class="_"> </span>storages.</div><div class="t m0 x1 hb y1e ff1 fs6 fc0 sc0 ls0 ws0">1<span class="_ _e"> </span>INTR<span class="_ _4"></span>ODUCTION</div><div class="t m0 x1 hc y1f ff2 fs7 fc0 sc0 ls0 ws0">Elliptic<span class="_ _8"> </span>curv<span class="_ _4"></span>e<span class="_ _8"> </span>cryptosystem<span class="_ _8"> </span>(ECC)<span class="_ _b"> </span>is<span class="_ _8"> </span>a<span class="_ _b"> </span>public-key</div><div class="t m0 x1 hc y20 ff2 fs7 fc0 sc0 ls0 ws0">cryptography<span class="_ _4"></span>,<span class="_ _f"> </span>which<span class="_ _10"> </span>was<span class="_ _10"> </span>&#64257;rst<span class="_ _10"> </span>proposed<span class="_ _10"> </span>by<span class="_ _10"> </span>Neal</div><div class="t m0 x1 hc y21 ff2 fs7 fc0 sc0 ls0 ws0">K<span class="_ _0"></span>oblitz<span class="_"> </span>and<span class="_ _6"> </span>V<span class="_ _4"></span>ictor<span class="_"> </span>Miller<span class="_ _6"> </span>in<span class="_"> </span>the<span class="_ _6"> </span>1980s<span class="_"> </span>(Kocher<span class="_"> </span>et<span class="_"> </span>al.,</div><div class="t m0 x1 hc y22 ff2 fs7 fc0 sc0 ls0 ws0">1999)<span class="_"> </span>,<span class="_"> </span>(Miller<span class="_ _0"></span>,<span class="_"> </span>1985).<span class="_ _2"> </span>Since<span class="_"> </span>then,<span class="_"> </span>many<span class="_"> </span>studies<span class="_"> </span>hav<span class="_ _0"></span>e</div><div class="t m0 x1 hc y23 ff2 fs7 fc0 sc0 ls0 ws0">been<span class="_ _2"> </span>conducted<span class="_ _2"> </span>to<span class="_ _5"> </span>explore<span class="_ _7"> </span>its<span class="_ _5"> </span>security<span class="_ _2"> </span>lev<span class="_ _0"></span>els<span class="_ _2"> </span>against</div><div class="t m0 x1 hc y24 ff2 fs7 fc0 sc0 ls0 ws0">other<span class="_ _8"> </span>public-ke<span class="_ _0"></span>y<span class="_ _8"> </span>cryptosystems<span class="_ _8"> </span>such<span class="_ _8"> </span>as<span class="_ _8"> </span>El-Gamal,</div><div class="t m0 x1 hc y25 ff2 fs7 fc0 sc0 ls0 ws0">RSA<span class="_ _7"> </span>and<span class="_ _6"> </span>Digital<span class="_ _7"> </span>Signature<span class="_ _7"> </span>Algorithm<span class="_ _7"> </span>(DSA)<span class="_ _7"> </span>(ElGa-</div><div class="t m0 x1 hc y26 ff2 fs7 fc0 sc0 ls0 ws0">mal,<span class="_ _7"> </span>1985),<span class="_ _7"> </span>(Riv<span class="_ _0"></span>est<span class="_ _7"> </span>et<span class="_ _6"> </span>al.,<span class="_ _2"> </span>1978),<span class="_ _7"> </span>which<span class="_ _7"> </span>are<span class="_ _7"> </span>based<span class="_ _6"> </span>on</div><div class="t m0 x1 hc y27 ff2 fs7 fc0 sc0 ls0 ws0">either<span class="_ _5"> </span>the<span class="_ _5"> </span>integer<span class="_ _5"> </span>factorization<span class="_ _5"> </span>or<span class="_ _5"> </span>discrete<span class="_ _9"> </span>logarithm</div><div class="t m0 x1 hc y28 ff2 fs7 fc0 sc0 ls0 ws0">problems<span class="_ _9"> </span>(McGrew<span class="_ _9"> </span>et<span class="_ _9"> </span>al.,<span class="_ _b"> </span>2011).<span class="_ _11"> </span>Equiv<span class="_ _4"></span>alent<span class="_ _9"> </span>secu-</div><div class="t m0 x1 hc y29 ff2 fs7 fc0 sc0 ls0 ws0">rity<span class="_ _2"> </span>lev<span class="_ _0"></span>els<span class="_ _2"> </span>with<span class="_ _2"> </span>smaller<span class="_ _2"> </span>sizes<span class="_ _5"> </span>of<span class="_ _7"> </span>keys,<span class="_ _2"> </span>ease<span class="_ _5"> </span>to<span class="_ _2"> </span>imple-</div><div class="t m0 x1 hc y2a ff2 fs7 fc0 sc0 ls0 ws0">ment,<span class="_ _7"> </span>and<span class="_ _7"> </span>resource<span class="_ _7"> </span>savings,<span class="_ _7"> </span>are<span class="_ _6"> </span>reasons<span class="_ _7"> </span>that<span class="_ _7"> </span>give<span class="_ _6"> </span>the</div><div class="t m0 x1 hc y2b ff2 fs7 fc0 sc0 ls0 ws0">ECC<span class="_ _b"> </span>to<span class="_ _9"> </span>be<span class="_ _b"> </span>very<span class="_ _b"> </span>appealing<span class="_ _9"> </span>and<span class="_ _b"> </span>more<span class="_ _b"> </span>dominant<span class="_ _b"> </span>be-</div><div class="t m0 x1 hc y2c ff2 fs7 fc0 sc0 ls0 ws0">tween<span class="_ _2"> </span>the<span class="_ _2"> </span>hardware<span class="_ _2"> </span>recon&#64257;gurable<span class="_ _2"> </span>implementations.</div><div class="t m0 x1 hc y2d ff2 fs7 fc0 sc0 ls0 ws0">Moreov<span class="_ _0"></span>er<span class="_ _0"></span>,<span class="_ _5"> </span>ECC<span class="_ _5"> </span>is<span class="_ _2"> </span>well<span class="_ _5"> </span>suited<span class="_ _2"> </span>to<span class="_ _5"> </span>be<span class="_ _2"> </span>implemented<span class="_ _5"> </span>in</div><div class="t m0 x1 hc y2e ff2 fs7 fc0 sc0 ls0 ws0">such<span class="_ _d"> </span>resource-constrained<span class="_ _d"> </span>embedded<span class="_ _d"> </span>systems,<span class="_"> </span>since<span class="_ _c"> </span>it</div><div class="t m0 x16 ha y2f ff2 fs5 fc0 sc0 ls0 ws0">a</div><div class="t m0 x17 h8 y30 ff2 fs4 fc0 sc0 ls0 ws0">https://orcid.org/0000-0002-5975-6537</div><div class="t m0 x16 ha y31 ff2 fs5 fc0 sc0 ls0 ws0">b</div><div class="t m0 x17 h8 y32 ff2 fs4 fc0 sc0 ls0 ws0">https://orcid.org/0000-0002-2924-6659</div><div class="t m0 x16 ha y33 ff2 fs5 fc0 sc0 ls0 ws0">c</div><div class="t m0 x17 h8 y34 ff2 fs4 fc0 sc0 ls0 ws0">https://orcid.org/0000-0002-3989-5476</div><div class="t m0 x18 hc y1e ff2 fs7 fc0 sc0 ls0 ws0">provides<span class="_ _7"> </span>same<span class="_ _7"> </span>security<span class="_ _2"> </span>lev<span class="_ _0"></span>els<span class="_ _7"> </span>as<span class="_ _2"> </span>in<span class="_ _7"> </span>RSA<span class="_ _2"> </span>using<span class="_ _7"> </span>small</div><div class="t m0 x18 hc y35 ff2 fs7 fc0 sc0 ls0 ws0">keys.<span class="_ _12"> </span>ECC<span class="_ _5"> </span>has<span class="_ _5"> </span>been<span class="_ _5"> </span>standardized<span class="_ _9"> </span>by<span class="_ _5"> </span>IEEE<span class="_ _5"> </span>and<span class="_ _5"> </span>the</div><div class="t m0 x18 hc y36 ff2 fs7 fc0 sc0 ls0 ws0">National<span class="_ _d"> </span>Institute<span class="_ _c"> </span>of<span class="_ _d"> </span>Standard<span class="_ _d"> </span>and<span class="_ _d"> </span>T<span class="_ _4"></span>echnology<span class="_ _d"> </span>(NIST)</div><div class="t m0 x18 hc y37 ff2 fs7 fc0 sc0 ls0 ws0">as<span class="_ _5"> </span>a<span class="_ _9"> </span>scheme<span class="_ _5"> </span>in<span class="_ _9"> </span>digital<span class="_ _5"> </span>signature<span class="_ _9"> </span>and<span class="_ _5"> </span>key<span class="_ _5"> </span>agreement</div><div class="t m0 x18 hc y38 ff2 fs7 fc0 sc0 ls0 ws0">protocols<span class="_"> </span>(for<span class="_"> </span>Standardization<span class="_"> </span>(ISO),<span class="_"> </span>2000).</div><div class="t m0 x19 hc y39 ff2 fs7 fc0 sc0 ls0 ws0">Generally<span class="_ _4"></span>,<span class="_ _9"> </span>most<span class="_ _9"> </span>of<span class="_ _9"> </span>cryptographic<span class="_ _5"> </span>algorithms<span class="_ _9"> </span>are</div><div class="t m0 x18 hc y3a ff2 fs7 fc0 sc0 ls0 ws0">implemented<span class="_ _9"> </span>in<span class="_ _9"> </span>software<span class="_ _5"> </span>platforms.<span class="_ _11"> </span>Performing<span class="_ _9"> </span>an</div><div class="t m0 x18 hc y3b ff2 fs7 fc0 sc0 ls0 ws0">algorithm<span class="_"> </span>on<span class="_ _6"> </span>a<span class="_ _6"> </span>general<span class="_ _6"> </span>purpose<span class="_ _6"> </span>processor<span class="_ _6"> </span>(e.g.<span class="_ _9"> </span>CPU)</div><div class="t m0 x18 hc y3c ff2 fs7 fc0 sc0 ls0 ws0">will<span class="_ _2"> </span>require<span class="_ _2"> </span>most<span class="_ _2"> </span>of<span class="_ _2"> </span>its<span class="_ _2"> </span>resources<span class="_ _2"> </span>to<span class="_ _5"> </span>compute<span class="_ _7"> </span>results</div><div class="t m0 x18 hc y3d ff2 fs7 fc0 sc0 ls0 ws0">of<span class="_ _6"> </span>intensiv<span class="_ _0"></span>e<span class="_ _6"> </span>operations<span class="_ _6"> </span>because<span class="_ _7"> </span>of<span class="_ _6"> </span>the<span class="_ _6"> </span>large<span class="_ _6"> </span>operands</div><div class="t m0 x18 hc y3e ff2 fs7 fc0 sc0 ls0 ws0">used<span class="_ _8"> </span>in<span class="_ _b"> </span>these<span class="_ _8"> </span>very<span class="_ _13"> </span>accurate<span class="_ _13"> </span>computations.<span class="_ _14"> </span>More-</div><div class="t m0 x18 hc y3f ff2 fs7 fc0 sc0 ls0 ws0">ov<span class="_ _0"></span>er<span class="_ _0"></span>,<span class="_ _b"> </span>CPU<span class="_ _9"> </span>is<span class="_ _9"> </span>not<span class="_ _9"> </span>suitable<span class="_ _5"> </span>in<span class="_ _9"> </span>performing<span class="_ _9"> </span>such<span class="_ _9"> </span>these</div><div class="t m0 x18 hc y40 ff2 fs7 fc0 sc0 ls0 ws0">algorithms<span class="_"> </span>that<span class="_ _6"> </span>having<span class="_"> </span>the<span class="_"> </span>parallel<span class="_ _6"> </span>architecture<span class="_ _6"> </span>in<span class="_ _6"> </span>na-</div><div class="t m0 x18 hc y41 ff2 fs7 fc0 sc0 ls0 ws0">ture.<span class="_ _f"> </span>These<span class="_ _5"> </span>issues<span class="_ _5"> </span>prove<span class="_ _2"> </span>that<span class="_ _9"> </span>software<span class="_ _5"> </span>implementa-</div><div class="t m0 x18 hc y42 ff2 fs7 fc0 sc0 ls0 ws0">tion<span class="_ _b"> </span>of<span class="_ _9"> </span>encryption<span class="_ _b"> </span>algorithms<span class="_ _b"> </span>does<span class="_ _b"> </span>not<span class="_ _9"> </span>provide<span class="_ _b"> </span>the</div><div class="t m0 x18 hc y43 ff2 fs7 fc0 sc0 ls0 ws0">required<span class="_ _b"> </span>performance.<span class="_ _15"> </span>Due<span class="_ _b"> </span>to<span class="_ _b"> </span>the<span class="_ _b"> </span>div<span class="_ _0"></span>ersity<span class="_ _b"> </span>in<span class="_ _b"> </span>the</div><div class="t m0 x18 hc y44 ff2 fs7 fc0 sc0 ls0 ws0">applications,<span class="_ _b"> </span>the<span class="_ _b"> </span>trade-of<span class="_ _0"></span>f<span class="_ _9"> </span>between<span class="_ _b"> </span>area,<span class="_ _b"> </span>speed<span class="_ _b"> </span>and</div><div class="t m0 x18 hc y45 ff2 fs7 fc0 sc0 ls0 ws0">power<span class="_ _6"> </span>is<span class="_ _7"> </span>required.<span class="_ _13"> </span>Some<span class="_ _7"> </span>applications,<span class="_ _2"> </span>such<span class="_ _7"> </span>as<span class="_ _7"> </span>RFID</div><div class="t m0 x18 hc y46 ff2 fs7 fc0 sc0 ls0 ws0">cards,<span class="_ _a"> </span>nodes<span class="_ _b"> </span>of<span class="_ _8"> </span>wireless<span class="_ _13"> </span>sensor<span class="_ _13"> </span>networks<span class="_ _13"> </span>and<span class="_ _8"> </span>cell</div><div class="t m0 x18 hc y47 ff2 fs7 fc0 sc0 ls0 ws0">phones,<span class="_ _7"> </span>need<span class="_ _6"> </span>a<span class="_ _7"> </span>small<span class="_ _7"> </span>area<span class="_ _7"> </span>and<span class="_ _6"> </span>power<span class="_ _4"></span>.<span class="_ _b"> </span>Other<span class="_ _6"> </span>applica-</div><div class="t m0 x18 hc y48 ff2 fs7 fc0 sc0 ls0 ws0">tions,<span class="_"> </span>such<span class="_ _6"> </span>as<span class="_ _6"> </span>web<span class="_ _6"> </span>servers,<span class="_"> </span>large<span class="_"> </span>bandwidth<span class="_ _6"> </span>networks</div></div><div class="pi" data-data='{"ctm":[1.611850,0.000000,0.000000,1.611850,0.000000,0.000000]}'></div></div> </body> </html>

<div id="pf2" class="pf w0 h0" data-page-no="2"><div class="pc pc2 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/6259288892dc900e62b787bd/bg2.jpg"><div class="t m0 x1 hc y49 ff2 fs7 fc0 sc0 ls0 ws0">and<span class="_"> </span>satellite<span class="_"> </span>broadcast<span class="_ _6"> </span>require<span class="_"> </span>very<span class="_"> </span>high<span class="_"> </span>throughputs.</div><div class="t m0 x1 hc y4a ff2 fs7 fc0 sc0 ls0 ws0">T<span class="_ _3"></span>o<span class="_ _5"> </span>cover<span class="_ _5"> </span>the<span class="_ _5"> </span>issues<span class="_ _5"> </span>of<span class="_ _5"> </span>software<span class="_ _2"> </span>implementation<span class="_ _5"> </span>and</div><div class="t m0 x1 hc y4b ff2 fs7 fc0 sc0 ls0 ws0">meet<span class="_ _9"> </span>trade-of<span class="_ _0"></span>fs<span class="_ _9"> </span>in<span class="_ _9"> </span>numerous<span class="_ _9"> </span>applications,<span class="_ _9"> </span>the<span class="_ _9"> </span>hard-</div><div class="t m0 x1 hc y4c ff2 fs7 fc0 sc0 ls0 ws0">ware<span class="_ _2"> </span>platforms<span class="_ _5"> </span>have<span class="_ _2"> </span>been<span class="_ _5"> </span>utilized<span class="_ _2"> </span>for<span class="_ _5"> </span>implementing</div><div class="t m0 x1 hc y4d ff2 fs7 fc0 sc0 ls0 ws0">the<span class="_ _5"> </span>cryptographic<span class="_ _9"> </span>algorithms,<span class="_ _9"> </span>where<span class="_ _5"> </span>high<span class="_ _9"> </span>ef<span class="_ _0"></span>&#64257;ciency</div><div class="t m0 x1 hc y4e ff2 fs7 fc0 sc0 ls0 ws0">to<span class="_"> </span>perform<span class="_"> </span>tasks<span class="_"> </span>is<span class="_"> </span>achiev<span class="_ _4"></span>ed<span class="_"> </span>in<span class="_"> </span>different<span class="_"> </span>applications.</div><div class="t m0 x1a hc y4f ff2 fs7 fc0 sc0 ls0 ws0">Field<span class="_ _9"> </span>Programmable<span class="_ _9"> </span>Gate<span class="_ _9"> </span>Array<span class="_ _9"> </span>(FPGA)<span class="_ _9"> </span>is<span class="_ _9"> </span>one</div><div class="t m0 x1 hc y50 ff2 fs7 fc0 sc0 ls0 ws0">of<span class="_ _5"> </span>the<span class="_ _9"> </span>preferable<span class="_ _9"> </span>recon&#64257;gurable<span class="_ _5"> </span>hardware<span class="_ _9"> </span>platforms</div><div class="t m0 x1 hc y51 ff2 fs7 fc0 sc0 ls0 ws0">(Xilinx,<span class="_ _5"> </span>2018a)<span class="_ _5"> </span>which<span class="_ _5"> </span>offers<span class="_ _5"> </span>&#64258;exible<span class="_ _2"> </span>and<span class="_ _5"> </span>more<span class="_ _5"> </span>cus-</div><div class="t m0 x1 hc y52 ff2 fs7 fc0 sc0 ls0 ws0">tomizable<span class="_ _d"> </span>methods<span class="_"> </span>for<span class="_ _d"> </span>performing<span class="_"> </span>and<span class="_ _d"> </span>ev<span class="_ _0"></span>aluating<span class="_"> </span>dif-</div><div class="t m0 x1 hc y53 ff2 fs7 fc0 sc0 ls0 ws0">ferent<span class="_ _b"> </span>hardware<span class="_ _b"> </span>implementations.<span class="_ _16"> </span>Because<span class="_ _b"> </span>of<span class="_ _13"> </span>this</div><div class="t m0 x1 hc y54 ff2 fs7 fc0 sc0 ls0 ws0">fact<span class="_ _2"> </span>and<span class="_ _5"> </span>since<span class="_ _5"> </span>FPGAs<span class="_ _2"> </span>have<span class="_ _2"> </span>been<span class="_ _5"> </span>employed<span class="_ _2"> </span>by<span class="_ _5"> </span>most</div><div class="t m0 x1 hc y55 ff2 fs7 fc0 sc0 ls0 ws0">of<span class="_ _5"> </span>the<span class="_ _9"> </span>pre<span class="_ _0"></span>vious<span class="_ _5"> </span>hardware<span class="_ _9"> </span>implementations<span class="_ _5"> </span>to<span class="_ _9"> </span>e<span class="_ _4"></span>valu-</div><div class="t m0 x1 hc y56 ff2 fs7 fc0 sc0 ls0 ws0">ate<span class="_ _7"> </span>their<span class="_ _2"> </span>performances;<span class="_ _5"> </span>the<span class="_ _7"> </span>presented<span class="_ _7"> </span>ECC<span class="_ _2"> </span>hardware</div><div class="t m0 x1 hc y57 ff2 fs7 fc0 sc0 ls0 ws0">implementation<span class="_ _b"> </span>in<span class="_ _b"> </span>this<span class="_ _b"> </span>paper<span class="_ _13"> </span>hav<span class="_ _0"></span>e<span class="_ _b"> </span>been<span class="_ _b"> </span>performed</div><div class="t m0 x1 hc y58 ff2 fs7 fc0 sc0 ls0 ws0">using<span class="_ _2"> </span>Xilinx<span class="_ _5"> </span>FPGA<span class="_ _5"> </span>devices<span class="_ _7"> </span>(Xilinx,<span class="_ _9"> </span>2018b).<span class="_ _10"> </span>Scalar</div><div class="t m0 x1 hc y59 ff2 fs7 fc0 sc0 ls0 ws0">point<span class="_ _5"> </span>multiplication<span class="_ _5"> </span>(SPM)<span class="_ _5"> </span>is<span class="_ _5"> </span>the<span class="_ _5"> </span>main<span class="_ _5"> </span>point<span class="_ _5"> </span>opera-</div><div class="t m0 x1 hc y5a ff2 fs7 fc0 sc0 ls0 ws0">tion<span class="_"> </span>in<span class="_ _d"> </span>ECC<span class="_"> </span>cryptosystems<span class="_ _d"> </span>or<span class="_"> </span>protocols<span class="_"> </span>such<span class="_ _d"> </span>as<span class="_"> </span>Ellip-</div><div class="t m0 x1 hc y5b ff2 fs7 fc0 sc0 ls0 ws0">tic<span class="_ _5"> </span>Curve<span class="_ _9"> </span>Dif<span class="_ _0"></span>&#64257;e-Hellman<span class="_ _9"> </span>(ECDH)<span class="_ _5"> </span>(Dif&#64257;e<span class="_ _5"> </span>and<span class="_ _9"> </span>Hell-</div><div class="t m0 x1 hc y5c ff2 fs7 fc0 sc0 ls0 ws0">man,<span class="_ _13"> </span>1976)<span class="_ _b"> </span>for<span class="_ _b"> </span>k<span class="_ _0"></span>ey<span class="_ _b"> </span>agreements<span class="_ _9"> </span>and<span class="_ _b"> </span>Elliptic<span class="_ _b"> </span>Curve</div><div class="t m0 x1 hc y5d ff2 fs7 fc0 sc0 ls0 ws0">Digital<span class="_"> </span>Signature<span class="_"> </span>(ECDS)<span class="_"> </span>for<span class="_"> </span>digital<span class="_"> </span>signatures.</div><div class="t m0 x1a hc y5e ff2 fs7 fc0 sc0 ls0 ws0">SPM<span class="_ _7"> </span>can<span class="_ _2"> </span>be<span class="_ _7"> </span>implemented<span class="_ _2"> </span>ov<span class="_ _0"></span>er<span class="_ _7"> </span>many<span class="_ _7"> </span>&#64257;nite<span class="_ _2"> </span>&#64257;elds</div><div class="t m0 x1 hc y5f ff2 fs7 fc0 sc0 ls0 ws0">under<span class="_ _6"> </span>either<span class="_ _7"> </span>prime<span class="_ _6"> </span>or<span class="_ _7"> </span>polynomial<span class="_ _6"> </span>&#64257;elds.<span class="_ _b"> </span>Finite<span class="_ _6"> </span>&#64257;elds</div><div class="t m0 x1 hc y60 ff2 fs7 fc0 sc0 ls0 ws0">named<span class="_ _9"> </span>also<span class="_ _b"> </span>Galois<span class="_ _b"> </span>Fields<span class="_ _9"> </span>(GF),<span class="_ _b"> </span>where<span class="_ _9"> </span>GF<span class="_ _b"> </span>(p)<span class="_ _9"> </span>is<span class="_ _b"> </span>a</div><div class="t m0 x1 hc y61 ff2 fs7 fc0 sc0 ls0 ws0">prime<span class="_"> </span>&#64257;eld<span class="_"> </span>and<span class="_ _6"> </span>GF<span class="_ _6"> </span>(2</div><div class="t m0 x1b hd y62 ff3 fs8 fc0 sc0 ls0 ws0">n</div><div class="t m0 x1c hc y61 ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_"> </span>is<span class="_"> </span>the<span class="_ _6"> </span>polynomial<span class="_ _6"> </span>&#64257;eld.<span class="_ _5"> </span>SPM</div><div class="t m0 x1 hc y63 ff2 fs7 fc0 sc0 ls0 ws0">has<span class="_"> </span>tw<span class="_ _0"></span>o<span class="_"> </span>point<span class="_ _d"> </span>operations,<span class="_"> </span>doubling<span class="_"> </span>and<span class="_ _1"> </span>adding<span class="_"> </span>points.</div><div class="t m0 x1 hc y64 ff2 fs7 fc0 sc0 ls0 ws0">Each<span class="_ _b"> </span>operation<span class="_ _9"> </span>consists<span class="_ _b"> </span>&#64257;nite<span class="_ _9"> </span>&#64257;eld<span class="_ _b"> </span>operations<span class="_ _b"> </span>such</div><div class="t m0 x1 hc y65 ff2 fs7 fc0 sc0 ls0 ws0">as<span class="_ _13"> </span>square,<span class="_ _a"> </span>addition,<span class="_ _a"> </span>multiplier<span class="_ _4"></span>.<span class="_ _14"> </span>Figure<span class="_ _13"> </span>1<span class="_ _8"> </span>presents</div><div class="t m0 x1 hc y66 ff2 fs7 fc0 sc0 ls0 ws0">the<span class="_ _b"> </span>hierarchical<span class="_ _b"> </span>implementation<span class="_ _b"> </span>of<span class="_ _b"> </span>the<span class="_ _b"> </span>ECC<span class="_ _b"> </span>proto-</div><div class="t m0 x1 hc y67 ff2 fs7 fc0 sc0 ls0 ws0">col.<span class="_ _7"> </span>Polynomial<span class="_"> </span>&#64257;elds<span class="_"> </span>are<span class="_ _d"> </span>more<span class="_"> </span>suited<span class="_"> </span>and<span class="_ _d"> </span>ef&#64257;cient<span class="_"> </span>to</div><div class="t m0 x1 hc y68 ff2 fs7 fc0 sc0 ls0 ws0">implement<span class="_ _5"> </span>on<span class="_ _2"> </span>a<span class="_ _5"> </span>customizable<span class="_ _5"> </span>platform<span class="_ _5"> </span>such<span class="_ _5"> </span>FPGAs</div><div class="t m0 x1 hc y69 ff2 fs7 fc0 sc0 ls0 ws0">(W<span class="_ _3"></span>enger<span class="_"> </span>and<span class="_"> </span>Hutter,<span class="_"> </span>2011a).</div><div class="c x1 y6a w2 he"><div class="t m0 x1d hf y6b ff5 fs9 fc0 sc0 ls0 ws0"><span class="fc1 sc0">ECC</span></div><div class="t m0 x1e hf y6c ff5 fs9 fc0 sc0 ls0 ws0"><span class="fc1 sc0">Protocols</span></div><div class="t m0 x1f hf y6d ff5 fs9 fc0 sc0 ls0 ws0"><span class="fc1 sc0">Scalar </span><span class="fc1 sc0">Point </span></div><div class="t m0 xb hf y6e ff5 fs9 fc0 sc0 ls0 ws0"><span class="fc1 sc0">Multiplier</span></div><div class="t m0 x20 hf y6f ff5 fs9 fc0 sc0 ls0 ws0"><span class="fc1 sc0">Point </span><span class="_ _4"></span><span class="fc1 sc0">Doubling </span><span class="ws1"><span class="fc1 sc0"> </span></span><span class="fc1 sc0"> </span><span class="fc1 sc0">Point </span><span class="_ _4"></span><span class="fc1 sc0">Addition </span></div><div class="t m0 x21 hf y70 ff5 fs9 fc0 sc0 ls0 ws0"><span class="fc1 sc0">Square</span><span class="_ _17"> </span><span class="fc1 sc0">Multiplication</span><span class="_ _16"> </span><span class="fc1 sc0">Inversion</span></div></div><div class="t m0 x22 h8 y71 ff2 fs4 fc0 sc0 ls0 ws0">Figure<span class="_"> </span>1:<span class="_ _6"> </span>ECC<span class="_"> </span>Cryptosystem<span class="_"> </span>Hierarchy<span class="_ _4"></span>.</div><div class="t m0 x1a hc y72 ff2 fs7 fc0 sc0 ls0 ws0">T<span class="_ _3"></span>o<span class="_ _2"> </span>gain<span class="_ _2"> </span>high<span class="_ _7"> </span>performance<span class="_ _2"> </span>in<span class="_ _2"> </span>today&#8217;<span class="_ _4"></span>s<span class="_ _2"> </span>high<span class="_ _2"> </span>loaded</div><div class="t m0 x1 hc y73 ff2 fs7 fc0 sc0 ls0 ws0">communication<span class="_ _6"> </span>networks,<span class="_ _6"> </span>utilization<span class="_ _6"> </span>of<span class="_ _6"> </span>hardware<span class="_ _6"> </span>ac-</div><div class="t m0 x1 hc y74 ff2 fs7 fc0 sc0 ls0 ws0">celerators<span class="_"> </span>for<span class="_ _d"> </span>physical<span class="_"> </span>security<span class="_ _d"> </span>has<span class="_"> </span>created<span class="_"> </span>a<span class="_ _d"> </span>great<span class="_"> </span>de-</div><div class="t m0 x1 hc y75 ff2 fs7 fc0 sc0 ls0 ws0">mand<span class="_"> </span>for<span class="_ _d"> </span>ef&#64257;cient<span class="_ _d"> </span>and<span class="_"> </span>high-speed<span class="_ _d"> </span>implementations<span class="_"> </span>of</div><div class="t m0 x1 hc y76 ff2 fs7 fc0 sc0 ls0 ws0">ECC.<span class="_ _5"> </span>Based<span class="_ _9"> </span>on<span class="_ _5"> </span>this<span class="_ _9"> </span>fact,<span class="_ _9"> </span>many<span class="_ _5"> </span>FPGA<span class="_ _9"> </span>implementa-</div><div class="t m0 x1 hc y34 ff2 fs7 fc0 sc0 ls0 ws0">tions<span class="_ _5"> </span>of<span class="_ _9"> </span>the<span class="_ _5"> </span>ECC<span class="_ _5"> </span>have<span class="_ _5"> </span>been<span class="_ _5"> </span>published<span class="_ _9"> </span>in<span class="_ _5"> </span>the<span class="_ _9"> </span>litera-</div><div class="t m0 x18 hc y49 ff2 fs7 fc0 sc0 ls0 ws0">ture,<span class="_"> </span>where<span class="_"> </span>v<span class="_ _4"></span>arious<span class="_"> </span>ranges<span class="_"> </span>of<span class="_"> </span>latencies<span class="_ _d"> </span>and<span class="_"> </span>number<span class="_"> </span>of</div><div class="t m0 x18 hc y4a ff2 fs7 fc0 sc0 ls0 ws0">clock<span class="_ _2"> </span>cycles<span class="_ _5"> </span>are<span class="_ _2"> </span>achieved<span class="_ _2"> </span>targeting<span class="_ _2"> </span>applications<span class="_ _5"> </span>that</div><div class="t m0 x18 hc y4b ff2 fs7 fc0 sc0 ls0 ws0">require<span class="_"> </span>high/low<span class="_"> </span>throughputs.<span class="_ _9"> </span>Providing<span class="_"> </span>high<span class="_ _6"> </span>perfor-</div><div class="t m0 x18 hc y4c ff2 fs7 fc0 sc0 ls0 ws0">mance<span class="_ _d"> </span>as<span class="_ _d"> </span>well<span class="_"> </span>as<span class="_ _c"> </span>utilizing<span class="_"> </span>ef<span class="_ _4"></span>&#64257;cient<span class="_"> </span>area,<span class="_ _c"> </span>is<span class="_"> </span>a<span class="_ _c"> </span>challenge</div><div class="t m0 x18 hc y4d ff2 fs7 fc0 sc0 ls0 ws0">to<span class="_"> </span>achiev<span class="_ _4"></span>e<span class="_"> </span>it<span class="_"> </span>in<span class="_"> </span>FPGA<span class="_ _3"></span>&#8217;<span class="_ _4"></span>s<span class="_"> </span>ECC<span class="_"> </span>implementations.</div><div class="t m0 x19 hc y4e ff2 fs7 fc0 sc0 ls0 ws0">In<span class="_ _9"> </span>this<span class="_ _b"> </span>paper<span class="_ _4"></span>,<span class="_ _13"> </span>a<span class="_ _b"> </span>high-speed<span class="_ _9"> </span>area-ef&#64257;cient<span class="_ _9"> </span>Xilinx</div><div class="t m0 x18 hc y4f ff2 fs7 fc0 sc0 ls0 ws0">FPGA<span class="_ _d"> </span>implementation<span class="_"> </span>of<span class="_ _d"> </span>the<span class="_ _d"> </span>ECC<span class="_"> </span>o<span class="_ _0"></span>ver<span class="_ _d"> </span>GF<span class="_ _d"> </span>(2</div><div class="t m0 x23 hd y77 ff3 fs8 fc0 sc0 ls0 ws0">n</div><div class="t m0 x24 hc y4f ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_ _d"> </span>using</div><div class="t m0 x18 hc y50 ff2 fs7 fc0 sc0 ls0 ws0">the<span class="_"> </span>pipelining<span class="_"> </span>architecture<span class="_"> </span>is<span class="_"> </span>proposed.<span class="_ _2"> </span>The<span class="_"> </span>main<span class="_"> </span>tar-</div><div class="t m0 x18 hc y51 ff2 fs7 fc0 sc0 ls0 ws0">get<span class="_ _d"> </span>of<span class="_ _d"> </span>our<span class="_"> </span>w<span class="_ _0"></span>ork<span class="_ _d"> </span>is<span class="_"> </span>to<span class="_ _c"> </span>develop<span class="_ _c"> </span>high<span class="_"> </span>performance<span class="_ _c"> </span>design</div><div class="t m0 x18 hc y52 ff2 fs7 fc0 sc0 ls0 ws0">that<span class="_ _5"> </span>targets<span class="_ _9"> </span>systems<span class="_ _5"> </span>that<span class="_ _9"> </span>ha<span class="_ _0"></span>ve<span class="_ _5"> </span>constrained<span class="_ _9"> </span>resources</div><div class="t m0 x18 hc y53 ff2 fs7 fc0 sc0 ls0 ws0">such<span class="_ _5"> </span>as<span class="_ _9"> </span>wearable<span class="_ _5"> </span>smart<span class="_ _9"> </span>de<span class="_ _4"></span>vices,<span class="_ _b"> </span>processing<span class="_ _5"> </span>engines</div><div class="t m0 x18 hc y54 ff2 fs7 fc0 sc0 ls0 ws0">in<span class="_ _5"> </span>image<span class="_ _5"> </span>steganographic<span class="_ _2"> </span>systems<span class="_ _9"> </span>(Dalal<span class="_ _2"> </span>and<span class="_ _9"> </span>Juneja,</div><div class="t m0 x18 hc y55 ff2 fs7 fc0 sc0 ls0 ws0">2018),<span class="_ _9"> </span>(Amirtharajan,<span class="_ _9"> </span>2014)<span class="_ _9"> </span>and<span class="_ _5"> </span>Internet<span class="_ _9"> </span>of<span class="_ _9"> </span>Things</div><div class="t m0 x18 hc y56 ff2 fs7 fc0 sc0 ls0 ws0">(IoTs)<span class="_"> </span>netw<span class="_ _0"></span>ork<span class="_"> </span>processors.<span class="_ _6"> </span>This<span class="_"> </span>paper<span class="_"> </span>is<span class="_ _d"> </span>organized<span class="_ _d"> </span>as</div><div class="t m0 x18 hc y57 ff2 fs7 fc0 sc0 ls0 ws0">follow:<span class="_ _9"> </span>section<span class="_ _7"> </span>2<span class="_ _2"> </span>describes<span class="_ _7"> </span>the<span class="_ _7"> </span>arithmetic<span class="_ _2"> </span>operations</div><div class="t m0 x18 hc y58 ff2 fs7 fc0 sc0 ls0 ws0">of<span class="_ _d"> </span>the<span class="_"> </span>ECC;<span class="_ _d"> </span>section<span class="_ _d"> </span>3<span class="_"> </span>describes<span class="_ _d"> </span>our<span class="_ _d"> </span>high-performance</div><div class="t m0 x18 hc y59 ff2 fs7 fc0 sc0 ls0 ws0">hardware<span class="_ _d"> </span>implementation<span class="_"> </span>core<span class="_"> </span>for<span class="_ _1"> </span>ECC<span class="_"> </span>o<span class="_ _0"></span>ver<span class="_ _d"> </span>GF<span class="_"> </span>(2</div><div class="t m0 x25 hd y78 ff3 fs8 fc0 sc0 ls0 ws0">n</div><div class="t m0 x26 hc y59 ff2 fs7 fc0 sc0 ls0 ws0">);</div><div class="t m0 x18 hc y5a ff2 fs7 fc0 sc0 ls0 ws0">section<span class="_ _7"> </span>4<span class="_ _2"> </span>shows<span class="_ _7"> </span>the<span class="_ _2"> </span>results<span class="_ _2"> </span>and<span class="_ _7"> </span>comparisons;<span class="_ _5"> </span>and<span class="_ _2"> </span>&#64257;-</div><div class="t m0 x18 hc y5b ff2 fs7 fc0 sc0 ls0 ws0">nally<span class="_ _4"></span>,<span class="_"> </span>section<span class="_"> </span>5<span class="_"> </span>concludes<span class="_"> </span>this<span class="_"> </span>paper<span class="_ _4"></span>.</div><div class="t m0 x18 hb y79 ff1 fs6 fc0 sc0 ls0 ws0">2<span class="_ _e"> </span>ELLIPTIC<span class="_"> </span>CUR<span class="_ _4"></span>VE</div><div class="t m0 x27 hb y7a ff1 fs6 fc0 sc0 ls0 ws0">CR<span class="_ _4"></span>YPTOGRAPHY<span class="_"> </span>(ECC)</div><div class="t m0 x18 hc y7b ff2 fs7 fc0 sc0 ls0 ws0">Elliptic<span class="_"> </span>Curves<span class="_"> </span>(ECs)<span class="_ _6"> </span>are<span class="_ _6"> </span>formulated<span class="_ _6"> </span>by<span class="_"> </span>the<span class="_ _6"> </span>so<span class="_ _6"> </span>called</div><div class="t m0 x18 hc y7c ff2 fs7 fc0 sc0 ls0 ws0">W<span class="_ _3"></span>eiestrass<span class="_ _9"> </span>equations,<span class="_ _9"> </span>which<span class="_ _9"> </span>can<span class="_ _5"> </span>be<span class="_ _9"> </span>performed<span class="_ _5"> </span>over</div><div class="t m0 x18 hc y7d ff2 fs7 fc0 sc0 ls0 ws0">by<span class="_ _d"> </span>normal<span class="_ _d"> </span>or<span class="_ _d"> </span>polynomial<span class="_"> </span>basis.<span class="_"> </span>In<span class="_"> </span>this<span class="_ _c"> </span>paper<span class="_ _0"></span>,<span class="_ _d"> </span>we<span class="_"> </span>w<span class="_ _0"></span>ork</div><div class="t m0 x18 hc y7e ff2 fs7 fc0 sc0 ls0 ws0">on<span class="_ _c"> </span>the<span class="_ _d"> </span>polynomial<span class="_ _d"> </span>basis<span class="_ _c"> </span>in<span class="_ _d"> </span>GF<span class="_ _d"> </span>(2</div><div class="t m0 x28 hd y7f ff3 fs8 fc0 sc0 ls0 ws0">n</div><div class="t m0 x29 hc y7e ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_ _c"> </span>for<span class="_ _d"> </span>its<span class="_ _d"> </span>ef&#64257;cienc<span class="_ _4"></span>y<span class="_ _d"> </span>on</div><div class="t m0 x18 hc y80 ff2 fs7 fc0 sc0 ls0 ws0">the<span class="_ _7"> </span>hardware<span class="_ _2"> </span>platforms<span class="_ _7"> </span>(W<span class="_ _4"></span>enger<span class="_ _7"> </span>and<span class="_ _2"> </span>Hutter,<span class="_ _7"> </span>2011a).</div><div class="t m0 x18 hc y81 ff2 fs7 fc0 sc0 ls0 ws0">Equation<span class="_ _2"> </span>1<span class="_ _5"> </span>represents<span class="_ _2"> </span>the<span class="_ _5"> </span>general<span class="_ _2"> </span>form<span class="_ _5"> </span>of<span class="_ _2"> </span>the<span class="_ _5"> </span>none-</div><div class="t m0 x18 hc y82 ff2 fs7 fc0 sc0 ls0 ws0">singular<span class="_"> </span>curve<span class="_"> </span>o<span class="_ _0"></span>ver<span class="_"> </span>GF<span class="_"> </span>(2</div><div class="t m0 x2a hd y83 ff3 fs8 fc0 sc0 ls0 ws0">n</div><div class="t m0 x2b hc y82 ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_"> </span>(Hankerson<span class="_"> </span>et<span class="_"> </span>al.,<span class="_"> </span>2006).</div><div class="t m0 x3 h10 y84 ff3 fs7 fc0 sc0 ls0 ws0">y</div><div class="t m0 x2c h11 y85 ff2 fs8 fc0 sc0 ls0 ws0">2</div><div class="t m0 x2d h12 y84 ff6 fs7 fc0 sc0 ls0 ws0">+<span class="_ _18"> </span><span class="ff3">xy<span class="_ _1"> </span></span>=<span class="_ _d"> </span><span class="ff3">x</span></div><div class="t m0 x2b h11 y85 ff2 fs8 fc0 sc0 ls0 ws0">3</div><div class="t m0 x2e h12 y84 ff6 fs7 fc0 sc0 ls0 ws0">+<span class="_ _18"> </span><span class="ff3">ax</span></div><div class="t m0 x2f h11 y85 ff2 fs8 fc0 sc0 ls0 ws0">2</div><div class="t m0 x30 h12 y84 ff6 fs7 fc0 sc0 ls0 ws0">+<span class="_ _18"> </span><span class="ff3">b<span class="_ _19"> </span><span class="ff2">(1)</span></span></div><div class="t m0 x19 h12 y86 ff2 fs7 fc0 sc0 ls0 ws0">where<span class="_ _7"> </span>a,<span class="_ _5"> </span>b<span class="_ _7"> </span><span class="ff4">&#8712;<span class="_ _2"> </span></span>GF<span class="_ _2"> </span>(2</div><div class="t m0 x31 hd y87 ff3 fs8 fc0 sc0 ls0 ws0">n</div><div class="t m0 x32 h12 y86 ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_ _7"> </span>and<span class="_ _2"> </span>b<span class="_ _2"> </span><span class="ff4">6<span class="ff6">=<span class="_ _2"> </span></span></span>0.<span class="_ _8"> </span>A<span class="_ _2"> </span>set<span class="_ _2"> </span>of<span class="_ _2"> </span>af&#64257;ne</div><div class="t m0 x18 hc y88 ff2 fs7 fc0 sc0 ls0 ws0">points<span class="_"> </span>(<span class="ff3">x</span>,<span class="_"> </span><span class="ff3">y</span>)<span class="_ _6"> </span>satisfying<span class="_"> </span>the<span class="_"> </span>curve<span class="_"> </span>forms<span class="_ _6"> </span>a<span class="_"> </span>group<span class="_"> </span>(Han-</div><div class="t m0 x18 hc y89 ff2 fs7 fc0 sc0 ls0 ws0">kerson<span class="_ _b"> </span>et<span class="_ _13"> </span>al.,<span class="_ _8"> </span>2006)<span class="_ _13"> </span>with<span class="_ _13"> </span>an<span class="_ _b"> </span>identity<span class="_ _13"> </span>point<span class="_ _13"> </span>of<span class="_ _13"> </span>that</div><div class="t m0 x18 hc y8a ff2 fs7 fc0 sc0 ls0 ws0">group.<span class="_ _7"> </span>There<span class="_"> </span>are<span class="_ _d"> </span>two<span class="_ _d"> </span>fundamental<span class="_"> </span>elliptic<span class="_ _d"> </span>curve<span class="_ _d"> </span>oper-</div><div class="t m0 x18 hc y8b ff2 fs7 fc0 sc0 ls0 ws0">ations,<span class="_ _9"> </span>doubling<span class="_ _2"> </span>and<span class="_ _5"> </span>adding<span class="_ _5"> </span>points.<span class="_ _12"> </span>Doubling<span class="_ _5"> </span>point</div><div class="t m0 x18 hc y8c ff2 fs7 fc0 sc0 ls0 ws0">is<span class="_ _9"> </span>denoted<span class="_ _b"> </span>as<span class="_ _9"> </span>P</div><div class="t m0 x33 h11 y8d ff2 fs8 fc0 sc0 ls0 ws0">1</div><div class="t m0 x34 hc y8c ff2 fs7 fc0 sc0 ls0 ws0">=2P</div><div class="t m0 x35 h11 y8d ff2 fs8 fc0 sc0 ls0 ws0">0</div><div class="t m0 x36 hc y8c ff2 fs7 fc0 sc0 ls0 ws0">,<span class="_ _b"> </span>where<span class="_ _b"> </span>P</div><div class="t m0 x37 h11 y8d ff2 fs8 fc0 sc0 ls0 ws0">1</div><div class="t m0 x38 hc y8c ff2 fs7 fc0 sc0 ls0 ws0">is<span class="_ _9"> </span>(<span class="ff3">x</span></div><div class="t m0 x39 h11 y8d ff2 fs8 fc0 sc0 ls0 ws0">1</div><div class="t m0 x3a hc y8c ff2 fs7 fc0 sc0 ls0 ws0">,<span class="_ _b"> </span><span class="ff3">y</span></div><div class="t m0 x3b h11 y8d ff2 fs8 fc0 sc0 ls0 ws0">1</div><div class="t m0 x3c hc y8c ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_ _9"> </span>and<span class="_ _b"> </span>P</div><div class="t m0 x3d h11 y8d ff2 fs8 fc0 sc0 ls0 ws0">0</div><div class="t m0 x18 hc y8e ff2 fs7 fc0 sc0 ls0 ws0">is<span class="_ _9"> </span>(<span class="ff3">x</span></div><div class="t m0 x9 h11 y8f ff2 fs8 fc0 sc0 ls0 ws0">0</div><div class="t m0 x3e hc y8e ff2 fs7 fc0 sc0 ls0 ws0">,<span class="_ _b"> </span><span class="ff3">y</span></div><div class="t m0 x3f h11 y8f ff2 fs8 fc0 sc0 ls0 ws0">0</div><div class="t m0 x40 hc y8e ff2 fs7 fc0 sc0 ls0 ws0">)<span class="_ _9"> </span>while<span class="_ _b"> </span>point<span class="_ _9"> </span>addition<span class="_ _b"> </span>is<span class="_ _9"> </span>denoted<span class="_ _b"> </span>as<span class="_ _9"> </span>P</div><div class="t m0 x41 h11 y8f ff2 fs8 fc0 sc0 ls0 ws0">2</div><div class="t m0 x26 hc y8e ff2 fs7 fc0 sc0 ls0 ws0">=</div><div class="t m0 x18 hc y90 ff2 fs7 fc0 sc0 ls0 ws0">P</div><div class="t m0 x42 h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">0</div><div class="t m0 x43 hc y90 ff2 fs7 fc0 sc0 ls0 ws0">+P</div><div class="t m0 x44 h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">1</div><div class="t m0 x45 hc y90 ff2 fs7 fc0 sc0 ls0 ws0">,<span class="_ _7"> </span>where<span class="_ _7"> </span>P</div><div class="t m0 x10 h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">2</div><div class="t m0 x46 hc y90 ff2 fs7 fc0 sc0 ls0 ws0">is<span class="_ _6"> </span>(<span class="ff3">x</span></div><div class="t m0 x47 h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">2</div><div class="t m0 x48 hc y90 ff2 fs7 fc0 sc0 ls0 ws0">,<span class="_ _7"> </span><span class="ff3">y</span></div><div class="t m0 x2a h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">2</div><div class="t m0 x2b hc y90 ff2 fs7 fc0 sc0 ls0 ws0">),<span class="_ _7"> </span>and<span class="_ _7"> </span>P</div><div class="t m0 x38 h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">1</div><div class="t m0 x49 h12 y90 ff4 fs7 fc0 sc0 ls0 ws0">6<span class="ff6">=<span class="_ _6"> </span><span class="ff2">P</span></span></div><div class="t m0 x3a h11 y91 ff2 fs8 fc0 sc0 ls0 ws0">0</div><div class="t m0 x4a hc y90 ff2 fs7 fc0 sc0 ls0 ws0">.<span class="_ _b"> </span>All<span class="_ _7"> </span>points</div><div class="t m0 x18 hc y92 ff2 fs7 fc0 sc0 ls0 ws0">in<span class="_ _5"> </span>the<span class="_ _5"> </span>selected<span class="_ _9"> </span>curve<span class="_ _2"> </span>are<span class="_ _9"> </span>represented<span class="_ _5"> </span>in<span class="_ _5"> </span>af&#64257;ne<span class="_ _5"> </span>coor-</div><div class="t m0 x18 hc y93 ff2 fs7 fc0 sc0 ls0 ws0">dinates.<span class="_ _f"> </span>Finite<span class="_ _5"> </span>&#64257;elds<span class="_ _9"> </span>operations<span class="_ _5"> </span>are<span class="_ _9"> </span>in<span class="_ _4"></span>volv<span class="_ _0"></span>ed<span class="_ _9"> </span>in<span class="_ _5"> </span>the</div><div class="t m0 x18 hc y94 ff2 fs7 fc0 sc0 ls0 ws0">ECC<span class="_ _7"> </span>point<span class="_ _2"> </span>operations<span class="_ _7"> </span>such<span class="_ _2"> </span>as<span class="_ _2"> </span>addition,<span class="_ _2"> </span>square,<span class="_ _2"> </span>mul-</div><div class="t m0 x18 hc y95 ff2 fs7 fc0 sc0 ls0 ws0">tiplication<span class="_ _9"> </span>and<span class="_ _5"> </span>in<span class="_ _0"></span>version.<span class="_ _f"> </span>Dealing<span class="_ _9"> </span>with<span class="_ _9"> </span>af<span class="_ _4"></span>&#64257;ne<span class="_ _9"> </span>coor-</div><div class="t m0 x18 hc y96 ff2 fs7 fc0 sc0 ls0 ws0">dinates<span class="_ _7"> </span>requires<span class="_ _2"> </span>an<span class="_ _2"> </span>in<span class="_ _0"></span>version<span class="_ _7"> </span>&#64257;eld<span class="_ _2"> </span>operation.<span class="_ _8"> </span>Due<span class="_ _2"> </span>to</div><div class="t m0 x18 hc y97 ff2 fs7 fc0 sc0 ls0 ws0">the<span class="_ _d"> </span>complexity<span class="_ _1"> </span>in<span class="_ _d"> </span>the<span class="_"> </span>in<span class="_ _4"></span>version<span class="_ _d"> </span>operation,<span class="_"> </span>a<span class="_ _d"> </span>projectiv<span class="_ _0"></span>e</div><div class="t m0 x18 hc y72 ff2 fs7 fc0 sc0 ls0 ws0">coordinate<span class="_ _5"> </span>is<span class="_ _9"> </span>utilized<span class="_ _5"> </span>to<span class="_ _5"> </span>avoid<span class="_ _5"> </span>it<span class="_ _5"> </span>by<span class="_ _5"> </span>mapping<span class="_ _9"> </span>points</div><div class="t m0 x18 hc y73 ff2 fs7 fc0 sc0 ls0 ws0">in<span class="_ _5"> </span>af&#64257;ne<span class="_ _5"> </span>(<span class="ff3">x</span>,<span class="_ _9"> </span><span class="ff3">y</span>)<span class="_ _5"> </span>to<span class="_ _5"> </span>be<span class="_ _9"> </span>represented<span class="_ _5"> </span>in<span class="_ _5"> </span>(X,<span class="_ _9"> </span>Y<span class="_ _1a"></span>,<span class="_ _5"> </span>Z)<span class="_ _5"> </span>form.</div><div class="t m0 x18 hc y74 ff2 fs7 fc0 sc0 ls0 ws0">Scalar<span class="_"> </span>Point<span class="_"> </span>Multiplication<span class="_"> </span>(SPM)<span class="_"> </span>is<span class="_"> </span>the<span class="_"> </span>main<span class="_"> </span>impor-</div><div class="t m0 x18 hc y75 ff2 fs7 fc0 sc0 ls0 ws0">tant<span class="_ _9"> </span>operation<span class="_ _b"> </span>that<span class="_ _9"> </span>dominants<span class="_ _b"> </span>the<span class="_ _9"> </span>ECC-based<span class="_ _9"> </span>cryp-</div><div class="t m0 x18 hc y76 ff2 fs7 fc0 sc0 ls0 ws0">tosystems.<span class="_ _5"> </span>SPM<span class="_ _6"> </span>is<span class="_ _6"> </span>process<span class="_ _6"> </span>of<span class="_ _6"> </span>adding<span class="_ _6"> </span>a<span class="_ _6"> </span>point<span class="_ _6"> </span><span class="ff3">k<span class="_ _6"> </span></span>times,</div><div class="t m0 x18 hc y34 ff2 fs7 fc0 sc0 ls0 ws0">where<span class="_ _9"> </span><span class="ff3">k<span class="_ _9"> </span></span>is<span class="_ _9"> </span>a<span class="_ _9"> </span>positive<span class="_ _9"> </span>inte<span class="_ _0"></span>ger<span class="_ _9"> </span>and<span class="_ _9"> </span>P<span class="_ _9"> </span>is<span class="_ _9"> </span>a<span class="_ _9"> </span>point<span class="_ _9"> </span>on<span class="_ _9"> </span>a</div></div><div class="pi" data-data='{"ctm":[1.611850,0.000000,0.000000,1.611850,0.000000,0.000000]}'></div></div>