摘要
We investigate the use of two integer inversion algorithms,a modified Montgomery modulo inverse and a Fermat's Little Theorem based inversion,in a prime-field affine-coordinate elliptic-curve crypto-processor.To perform this,we present a low-power/energy GF(p) affine-coordinate elliptic-curve cryptography(ECC) processor design with a simplified architecture and complete flexibility in terms of the field and curve parameters.The design can use either of the inversion algorithms.Based on the implementations of this design for 168-,192-,and 224-bit prime fields using a standard 0.13 μm CMOS technology,we compare the efficiency of the algorithms in terms of power/energy consumption,area,and calculation time.The results show that while the Fermat's theorem approach is not appropriate for the affine-coordinate ECC processors due to its long computation time,the Montgomery modulo inverse algorithm is a good candidate for low-energy implementations.The results also show that the 168-bit ECC processor based on the Montgomery modulo inverse completes one scalar multiplication in only 0.4 s at a 1 MHz clock frequency consuming only 12.92 μJ,which is lower than the reported values for similar designs.
We investigate the use of two integer inversion algorithms, a modified Montgomery modulo inverse and a Fermat's Little Theorem based inversion, in a prime-field affine-coordinate elliptic-curve crypto-processor. To perform this, we present a low-power/energy GF(p) affine-coordinate elliptic-curve cryptography (ECC) processor design with a simplified architecture and complete flexibility in terms of the field and curve parameters. The design can use either of the inversion algorithms. Based on the implementations of this design for 168-, 192-, and 224-bit prime fields using a standard 0.13 pm CMOS technology, we compare the efficiency of the algorithms in terms of power/energy consumption, area, and calculation time. The results show that while the Fermat's theorem approach is not appropriate for the affine-coordinate ECC processors due to its long computation time, the Montgomery modulo inverse algorithm is a good candidate for low-energy implementations. The results also show that the 168-bit ECC processor based on the Montgomery modulo inverse completes one scalar multiplication in only 0.4 s at a 1 MHz clock frequency consuming only 12.92 pal, which is lower than the reported values for similar designs.
基金
supported in part by the Iran Telecommunication Research Center (ITRC) and the Research Council of University of Tehran
