Abstract
We investigate the use of two integer inversion algorithms, a modified Montgomery modulo inverse and a Fermat’s Little Theorem based inversion, in a prime-field affine-coordinate elliptic-curve crypto-processor. To perform this, we present a low-power/energy GF(p) affine-coordinate elliptic-curve cryptography (ECC) processor design with a simplified architecture and complete flexibility in terms of the field and curve parameters. The design can use either of the inversion algorithms. Based on the implementations of this design for 168-, 192-, and 224-bit prime fields using a standard 0.13 μm CMOS technology, we compare the efficiency of the algorithms in terms of power/energy consumption, area, and calculation time. The results show that while the Fermat’s theorem approach is not appropriate for the affine-coordinate ECC processors due to its long computation time, the Montgomery modulo inverse algorithm is a good candidate for low-energy implementations. The results also show that the 168-bit ECC processor based on the Montgomery modulo inverse completes one scalar multiplication in only 0.4 s at a 1 MHz clock frequency consuming only 12.92 μJ, which is lower than the reported values for similar designs.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ahmadi, H.R., Afzali-Kusha, A., 2009a. Low-Power Low-Energy Prime-Field ECC Processor Based on Montgomery Modular Inverse Algorithm. 12th Euromicro Conf. on Digital System Design, Architectures, Methods and Tools, p.817–822. [doi:10.1109/DSD.2009.140]
Ahmadi, H.R., Afzali-Kusha, A., 2009b. Very Low-Power Flexible GF(p) Elliptic-Curve Crypto-Processor for Non-Time-Critical Applications. IEEE Int. Symp. on Circuits and Systems, p.904–907. [doi:10.1109/ISCAS.2009.5117903]
Batina, L., Mentens, N., Sakiyama, K., Preneel, B., Verbauwhede, I., 2007. Public-Key Cryptography on the Top of a Needle. IEEE Int. Symp. on Circuits and Systems, p.1831–1834. [doi:10.1109/ISCAS.2007.378270]
Bock, H., Braun, M., Dichtl, M., Hess, E., Heyszl, J., Kargl, W., Koroschetz, H., Meyer, B., Seuschek, H., 2008. A Milestone towards RFID Products Offering Asymmetric Authentication Based on Elliptic Curve Cryptography. Workshop on RFID Security.
Byrne, A., Meloni, N., Crowe, F., Marnane, W.P., Tisserand, A., Popovici, E.M., 2007. SPA Resistant Elliptic Curve Cryptosystem Using Addition Chains. 4th IEEE Int. Conf. on Information Technology, p.995–1000. [doi:10.1109/ITNG.2007.185]
Chawla, V., Ha, D.S., 2007. An overview of passive RFID. IEEE Commun. Mag., 45(9):11–17. [doi:10.1109/MCOM.2007.4342873]
Daly, A., Marnane, W., Kerins, T., Popovici, E., 2004. An FPGA implementation of a GF(p) ALU for encryption processors. Microprocess. & Microsyst., 28(5–6):253–260. [doi:10.1016/j.micpro.2004.03.006]
de Dormale, G.M., Ambroise, R., Bol, D., Quisquater, J.J., Legat, J.D., 2006. Low-Cost Elliptic Curve Digital Signature Coprocessor for Smart Cards. IEEE 17th Int. Conf. on Application-Specific Systems, Architectures and Processors, p.347–353. [doi:10.1109/ASAP.2006.44]
Feldhofer, M., Wolkerstorfer, J., 2007. Strong Crypto for RFID Tags: a Comparison of Low-Power Hardware Implementations. IEEE Int. Symp. on Circuits and Systems, p.1839–1842. [doi:10.1109/ISCAS.2007.378272]
Fürbass, F., Wolkerstorfer, J., 2007. ECC Processor with Low Die Size for RFID Applications. IEEE Int. Symp. on Circuits and Systems, p.1835–1838. [doi:10.1109/ISCAS. 2007.378271]
Gaubatz, G., Kaps, J.P., Öztürk, E., Sunar, B., 2005. State of the Art in Ultra-Low Power Public Key Cryptography for Wireless Sensor Networks. Third IEEE Int. Conf. on Pervasive Computing and Communications Workshops, p.146–150. [doi:10.1109/PERCOMW.2005.76]
Hankerson, D., Menezes, A.J., Vanstone, S., 2004. Guide to Elliptic Curve Cryptography. Springer-Verlag New York Inc., New York, USA.
Kaliski, B.S.Jr., 1995. The Montgomery inverse and its applications. IEEE Trans. Comput., 44(8):1064–1065. [doi:10.1109/12.403725]
Kaps, J.P., 2006. Cryptography for Ultra-Low Power Devices. PhD Thesis, ECE Department, Worcester Polytechnic Institute, Worcester, Massachusetts, USA.
Kumar, S.S., 2006. Elliptic Curve Cryptography for Constrained Devices. PhD Thesis, EE and IT Department, Ruhr University, Bochum, Germany.
Lee, Y.K., Sakiyama, K., Batina, L., Verbauwhede, I., 2008. Elliptic-curve-based security processor for RFID. IEEE Trans. Comput., 57(11):1514–1527. [doi:10.1109/TC.2008.148]
Montgomery, P.L., 1985. Modular multiplication without trial division. Math. Comput., 44(170):519–521. [doi:10.2307/2007970]
National Institute of Standards and Technology (NIST), 2000. Digital Signature Standard (DSS), FIPS PUB 186-2. Federal Information Processing Standards Publication. National Institute of Standards and Technology, USA.
Nedovic, N., Oklobdzija, V.G., 2005. Dual-edge triggered storage elements and clocking strategy for low-power systems. IEEE Trans. VLSI Syst., 13(5):577–590. [doi:10.1109/TVLSI.2005.844302]
Öztürk, E., Sunar, B., Savaş, E., 2004. Low-power elliptic curve cryptography using scaled modular arithmetic. LNCS, 3156:92–106. [doi:10.1007/978-3-540-28632-5_7]
Savaş, E., Koç, Ç.K., 2000. The Montgomery modular inverserevisited. IEEE Trans. Comput., 49(7):763–766. [doi:10.1109/12.863048]
Stamp, M., 2006. Information Security: Principles and Practice. John Wiley & Sons Inc., New Jersey, USA.
Wolkerstorfer, J., 2005. Scaling ECC Hardware to a Minimum. ECRYPT Workshop: Cryptographic Advances in Secure Hardware. Invited Talk.
Author information
Authors and Affiliations
Corresponding author
Additional information
Project supported in part by the Iran Telecommunication Research Center (ITRC) and the Research Council of University of Tehran
This paper is the extension on the papers “Very low-power flexible GF(p) elliptic-curve crypto-processor for non-time-critical applications”, which appeared in the Proceedings of the International Symposium on Circuits and Systems, Taipei, Taiwan, May 24–27, 2009, and “Low-power low-energy prime-field ECC processor based on Montgomery modular inverse algorithm”, which appeared in the Proceedings of EUROMICRO Conference on Digital System Design, Architectures, Methods and Tools, Patras, Greece, Aug. 27–29, 2009
Rights and permissions
About this article
Cite this article
Ahmadi, H.R., Afzali-Kusha, A. A low-power and low-energy flexible GF(p) elliptic-curve cryptography processor. J. Zhejiang Univ. - Sci. C 11, 724–736 (2010). https://doi.org/10.1631/jzus.C0910660
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1631/jzus.C0910660