小面积高兼容性RSA&SM2的硬件实现方法
|
摘要
设计了一种小面积高兼容性的夏米尔·阿德曼(RSA)&SM2加密协处理器.模运算层设计了基-32蒙哥马利模运算电路,支持任意位宽下的双域运算,具有可配置的流水线结构;核心运算层设计了统一结构的模幂&标量乘电路,具有可配置的抗SPA攻击功能.通过模运算层和核心运算层电路的功能复用来减小整体硬件结构面积.实验测得本电路支持2 048 bit内任意域RSA运算、768 bit任意域任意曲线和位宽的标量乘运算以及SM2国密规定的所有曲线.在0.13μm工艺下流片,电路总面积为0.32 mm2,约8.7×104个等效门,芯片最高工作频率为250 MHz,具有极高的面积利用率和兼容性.
A low-area and high-compatibility Rivest-Shamir-Adleman(RSA)&SM2 coprocessor was designed. Architecture for modular arithmetic unit,unified modular power and scalar multiplication unit was implemented.The coprocessor support dual-field operation,key length adjustable,and insert the configurable pipeline to improve computing speed.Because of the function reuse of the modular arithmetic unit,and unified MP&SM unit,area was reduced greatly in the whole hardware structure.The experimental results show that the proposed circuit supports the RSA operation of any domain in 2 048 bit,and the elliptic curve cryptography(ECC) scalar multiplication operation of 768 bit arbitrary curve and bit width,and also supports all the curves specified by the SM2 state secret.Finally,the design was tape-out in a 0.13 μm process,and the total IP area is 0.32 mm2,which is about 8.7×104,and the chip's highest working frequency is 250 MHz,with extremely high area utilization and compatibility.
A low-area and high-compatibility Rivest-Shamir-Adleman(RSA)&SM2 coprocessor was designed. Architecture for modular arithmetic unit,unified modular power and scalar multiplication unit was implemented.The coprocessor support dual-field operation,key length adjustable,and insert the configurable pipeline to improve computing speed.Because of the function reuse of the modular arithmetic unit,and unified MP&SM unit,area was reduced greatly in the whole hardware structure.The experimental results show that the proposed circuit supports the RSA operation of any domain in 2 048 bit,and the elliptic curve cryptography(ECC) scalar multiplication operation of 768 bit arbitrary curve and bit width,and also supports all the curves specified by the SM2 state secret.Finally,the design was tape-out in a 0.13 μm process,and the total IP area is 0.32 mm2,which is about 8.7×104,and the chip's highest working frequency is 250 MHz,with extremely high area utilization and compatibility.
引文
[1]国家密码管理局.GM/T 0003—2012 SM2椭圆曲线公钥密码算法[S].北京:国家商用密码管理办公室.
[2] KWON T W,YOU C S,HEO W S,et al.Two implementation methods of a 1024-bit RSA cryptoprocessor based on modified Montgomery algorithm[C]//Proceedings of the 2001 IEEE International Symposium on Circuits and Systems.Piscatway:IEEE,2001:650-653.
[3] LIU Q,MA F,TONG D,et al. A regular parallel RSA processor[C]//Proceedings of the 47th Midwest Symposium on.Piscatway:IEEE,2004:440-467.
[4] YILE S,XINGJUN W.An area efficient modular arithmetic processor[C]//Proceddings of the 5th International Conference on ASIC.Piscatway:IEEE,2003:1273-1276.
[5] WANG C H,SU C P,HUANG C T,et al.A word-based RSA crypto-processor with enhanced pipeline performance[C]//Proceedings of 2004 IEEE Asia-Pacific Conference.Piscatway:IEEE,2004:218-221.
[6] CHUNG Szu-chi,LEE Jen-wei,CHANG Hsie-chia,et al.A highperformance elliptic curve cryptographic processor over GF(p)with SPA resistance[C]//Proceedings of the IEEE International Symposium on Circuits and Systems(ISCAS).Piscatway:IEEE,2012:1456-1459.
[7] ZHAO Z,BAI G.Ultra High-Speed SM2 ASIC Implementation.Trust,Security and Privacy in Computing and Communications(TrustCom)[C]//Proceddings of the 2014IEEE 13th International Conference.Piscatway:IEEE,2014:182-188.
[8] CHEN Y L,LEE J W,LIU P C,et al.A dual-field elliptic curve cryptographic processor with a radix-4 unified division unit[C]//Proceddings of the 2011 IEEE International Symposium on Circuits and Systems(ISCAS).Piscatway:IEEE,2011:713-716.
[9] SATOH A, TAKANO K. A scalable dual-field elliptic curve cryptographic processor[J]. IEEE Transactions on Computers,2003,52(4):449-460.
[10] ZHANG D,BAI G.Ultra high-performance ASIC implementation of SM2 with power-analysis resistance[C]//Proceedings of the Electron Devices and Solid-State Circuits(EDSSC)2015 IEEE International Conference.Piscatway:IEEE,2015:523-526.
[11] TENCA A F, KOC C K. A scalable architecture for modular multiplication based on Montgomery's algorithm[J]. IEEE Transactions on Computers, 2003, 52(9):1215-1221.
[12] MIYAMOTO A. Systematic design of RSA processors based on highradix Montgomery multipliers[J]. IEEE Trans Very Large Scale Integr(VLSI)Syst,2011,19(7):1136-1146.
[13] LU R. A low-cost cryptographic processor for security embedded system[C]//Proceddings of the ASPDAC 2008Design Automation Conf.Seoul:IEEE,2008:113-114.
[14] ZHENG X. Design and implementation of an ultra low power RSA coprocessor[C]//Proceedings of 4th Int Conf on Wireless Communications, Networking and Mobile Computing.Dalian:IEEE,2008:1-5.
[15]谢天艺.素数域椭圆曲线密码So C的设计与实现[D].浙江大学图书馆,2015.
[16]黎明.一种高性能可扩展公钥密码协处理器的研究与设计[D].华中科技大学图书馆,2011.
[2] KWON T W,YOU C S,HEO W S,et al.Two implementation methods of a 1024-bit RSA cryptoprocessor based on modified Montgomery algorithm[C]//Proceedings of the 2001 IEEE International Symposium on Circuits and Systems.Piscatway:IEEE,2001:650-653.
[3] LIU Q,MA F,TONG D,et al. A regular parallel RSA processor[C]//Proceedings of the 47th Midwest Symposium on.Piscatway:IEEE,2004:440-467.
[4] YILE S,XINGJUN W.An area efficient modular arithmetic processor[C]//Proceddings of the 5th International Conference on ASIC.Piscatway:IEEE,2003:1273-1276.
[5] WANG C H,SU C P,HUANG C T,et al.A word-based RSA crypto-processor with enhanced pipeline performance[C]//Proceedings of 2004 IEEE Asia-Pacific Conference.Piscatway:IEEE,2004:218-221.
[6] CHUNG Szu-chi,LEE Jen-wei,CHANG Hsie-chia,et al.A highperformance elliptic curve cryptographic processor over GF(p)with SPA resistance[C]//Proceedings of the IEEE International Symposium on Circuits and Systems(ISCAS).Piscatway:IEEE,2012:1456-1459.
[7] ZHAO Z,BAI G.Ultra High-Speed SM2 ASIC Implementation.Trust,Security and Privacy in Computing and Communications(TrustCom)[C]//Proceddings of the 2014IEEE 13th International Conference.Piscatway:IEEE,2014:182-188.
[8] CHEN Y L,LEE J W,LIU P C,et al.A dual-field elliptic curve cryptographic processor with a radix-4 unified division unit[C]//Proceddings of the 2011 IEEE International Symposium on Circuits and Systems(ISCAS).Piscatway:IEEE,2011:713-716.
[9] SATOH A, TAKANO K. A scalable dual-field elliptic curve cryptographic processor[J]. IEEE Transactions on Computers,2003,52(4):449-460.
[10] ZHANG D,BAI G.Ultra high-performance ASIC implementation of SM2 with power-analysis resistance[C]//Proceedings of the Electron Devices and Solid-State Circuits(EDSSC)2015 IEEE International Conference.Piscatway:IEEE,2015:523-526.
[11] TENCA A F, KOC C K. A scalable architecture for modular multiplication based on Montgomery's algorithm[J]. IEEE Transactions on Computers, 2003, 52(9):1215-1221.
[12] MIYAMOTO A. Systematic design of RSA processors based on highradix Montgomery multipliers[J]. IEEE Trans Very Large Scale Integr(VLSI)Syst,2011,19(7):1136-1146.
[13] LU R. A low-cost cryptographic processor for security embedded system[C]//Proceddings of the ASPDAC 2008Design Automation Conf.Seoul:IEEE,2008:113-114.
[14] ZHENG X. Design and implementation of an ultra low power RSA coprocessor[C]//Proceedings of 4th Int Conf on Wireless Communications, Networking and Mobile Computing.Dalian:IEEE,2008:1-5.
[15]谢天艺.素数域椭圆曲线密码So C的设计与实现[D].浙江大学图书馆,2015.
[16]黎明.一种高性能可扩展公钥密码协处理器的研究与设计[D].华中科技大学图书馆,2011.