Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves

Authors:
David Kammler;Diandian Zhang;Peter Schwabe;Hanno Scharwaechter;Markus Langenberg;Dominik Auras;Gerd Ascheid;Rudolf Mathar
Affiliations:
Institute for Integrated Signal Processing Systems (ISS), RWTH Aachen University, Aachen, Germany;Institute for Integrated Signal Processing Systems (ISS), RWTH Aachen University, Aachen, Germany;Department of Mathematics and Computer Science, Eindhoven University of Technology, Eindhoven, Netherlands;Institute for Integrated Signal Processing Systems (ISS), RWTH Aachen University, Aachen, Germany;Institute for Theoretical Information Technology (TI), RWTH Aachen University, Aachen, Germany;Institute for Integrated Signal Processing Systems (ISS), RWTH Aachen University, Aachen, Germany;Institute for Integrated Signal Processing Systems (ISS), RWTH Aachen University, Aachen, Germany;Institute for Theoretical Information Technology (TI), RWTH Aachen University, Aachen, Germany
Venue:
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Year:
2009

Citing 27
Cited 11

A remark concerning m-divisibility and the discrete logarithm in the divisor class group of curves

Mathematics of Computation
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Algorithms for Pairing-Based Cryptosystems

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A One Round Protocol for Tripartite Diffie-Hellman

ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
A Scalable Dual-Field Elliptic Curve Cryptographic Processor

IEEE Transactions on Computers
Short Signatures from the Weil Pairing

Journal of Cryptology
The Weil Pairing, and Its Efficient Calculation

Journal of Cryptology
Advances in Elliptic Curve Cryptography (London Mathematical Society Lecture Note Series)

Advances in Elliptic Curve Cryptography (London Mathematical Society Lecture Note Series)
Efficient pairing computation on supersingular Abelian varieties

Designs, Codes and Cryptography
An Algorithm for the nt Pairing Calculation in Characteristic Three and its Hardware Implementation

ARITH '07 Proceedings of the 18th IEEE Symposium on Computer Arithmetic
Hardware architectures for the Tate pairing over GF(2m)

Computers and Electrical Engineering
A Brief Look at Pairings Based Cryptography

FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
An Efficient Hardware Implementation of the Tate Pairing in Characteristic Three

ICONS '08 Proceedings of the Third International Conference on Systems
A FPGA Coprocessor for the Cryptographic Tate Pairing over Fp

ITNG '08 Proceedings of the Fifth International Conference on Information Technology: New Generations
Ultra High Performance ECC over NIST Primes on Commercial FPGAs

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Pairing Lattices

Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
A Comparison between Hardware Accelerators for the Modified Tate Pairing over $\mathbb{F}_{2^m}$ and $\mathbb{F}_{3^m}$

Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
Algorithms and Arithmetic Operators for Computing the ηT Pairing in Characteristic Three

IEEE Transactions on Computers
On compressible pairings and their computation

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
A flexible processor for the characteristic 3 ηT pairing

International Journal of High Performance Systems Architecture
Hardware acceleration of the tate pairing in characteristic three

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Efficient hardware for the tate pairing calculation in characteristic three

CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Curve25519: new diffie-hellman speed records

PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Pairing-Friendly elliptic curves of prime order

SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
The Eta Pairing Revisited

IEEE Transactions on Information Theory
Implementing cryptographic pairings over barreto-naehrig curves

Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Instruction set extensions for pairing-based cryptography

Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography

Network-on-Chip interconnect for pairing-based cryptographic IP cores

Journal of Systems Architecture: the EUROMICRO Journal
High-speed software implementation of the optimal ate pairing over Barreto-Naehrig curves

Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
Compact hardware for computing the tate pairing over 128-bit-security supersingular curves

Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
High speed flexible pairing cryptoprocessor on FPGA platform

Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
FPGA implementation of pairings using residue number system and lazy reduction

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
High speed cryptoprocessor for ηT pairing on 128-bit secure supersingular elliptic curves over characteristic two fields

CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Parallelizing the weil and tate pairings

IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Automatic Generation of Memory Interfaces for ASIPs

International Journal of Embedded and Real-Time Communication Systems
Core based architecture to speed up optimal ate pairing on FPGA platform

Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Faster pairing coprocessor architecture

Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Secure dual-core cryptoprocessor for pairings over Barreto-Naehrig curves on FPGA platform

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves). Cryptographic pairings are based on elliptic curves over finite fields--in the case of BN curves a field $\mathbb{F}_p$ of large prime order p . Efficient arithmetic in these fields is crucial for fast computation of pairings. Moreover, computation of cryptographic pairings is much more complex than elliptic-curve cryptography (ECC) in general. Therefore, we facilitate programming of the proposed ASIP by providing a C compiler. In order to speed up $\mathbb{F}_p$ arithmetic, a RISC core is extended with additional scalable functional units. Because the resulting speedup can be limited by the memory throughput, utilization of multiple data-memory banks is proposed. The presented design needs 15.8 ms for the computation of the Optimal-Ate pairing over a 256-bit BN curve at 338 MHz implemented with a 130 nm standard cell library. The processor core consumes 97 kGates making it suitable for the use in embedded systems.