1 Montgomery Modular Multiplication in Hard- ware

More documents

Recommendations

Info

List of Figures 1 – 1 Typical architecture of the smallest functional unit in a FPGA. . . . 6 1 – 2 RSA encryption scheme when A sends encrypted message to B. First A receive B’s public key upon a request, afterwards A encrypts a message X using the B’s public key Y = X E mod M. Finally B decrypts the received message Y using own private key X = Y D mod M. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2 – 1 Architecture of a general scalable coprocessor based on separate memory and ALU connected by w-bit data-path . . . . . . . . . . . . . . 21 2 – 2 One level of the w-bit adder implemented as CPA and CSA with FAs 27 2 – 3 Block diagram of the CSA-based w-bit MWR2MM processing element (CSA PE) based on FA . . . . . . . . . . . . . . . . . . . . . . . . . . 28 2 – 4 Block diagram of CPA-based w-bit MWR2MM processing element (CPA PE) based on FA . . . . . . . . . . . . . . . . . . . . . . . . . . 29 2 – 5 Pipelined organization of the MMM coprocessor based on n-stage PEs connection and separated embedded data memory . . . . . . . . . . . 30 2 – 6 Organisation of the dual-port memory register inside the MMM coprocessor for one variable with e words of width w bits . . . . . . . . 32 2 – 7 Proposed universal interface for the MMM coprocessor . . . . . . . . 34 4 – 1 Architecture of the ECM unit . . . . . . . . . . . . . . . . . . . . . . 58 4 – 2 Organisation of the ECM unit’s memory registers for 21 variables with e words of width w . . . . . . . . . . . . . . . . . . . . . . . . . 60 4 – 3 Scalable addition and subtraction unit for operands with word width w 63 5 – 1 Schematic diagram of a TRNG with designation of internal signals and interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 5 – 2 Illustration of stable states (0 and 1) and undefined metastable state 78 5 – 3 Timing jitter in clock signal . . . . . . . . . . . . . . . . . . . . . . . 81 5 – 4 Ring oscillator structures proposed by Golić. . . . . . . . . . . . . . . 83 5 – 5 Block structure of the PLL-TRNG with two PLLs, sampling gate and corrector of the output sequence. . . . . . . . . . . . . . . . . . . . . 86 5 – 6 Sampling of the CLJ clock signal including the tracking jitter on the raising edge of the CLK signal (illustrated for KM = 5 and KD = 7) 86 6 – 1 Block diagram of analog PLL circuitry for clock signal synthesis in Altera FPGA [11] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
FEI KEMT 6 – 2 Block diagram of digital DLL unit typical for Xilinx FPGA clock management circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 6 – 3 Jitter of the clock signal in Altera Stratix design (horizontal scale: 200 ps/div) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 6 – 4 Configurations of TRNG with: a) one PLL, b) two parallel PLLs and c) two cascaded PLLs . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 6 – 5 Distribution of mean values of ordered CLJ signal samples obtained during Q = 1000 periods TQ . . . . . . . . . . . . . . . . . . . . . . . 110 6 – 6 Block diagram of design for on-chip samples reordering . . . . . . . . 111 6 – 7 Reordered samples from generator measured by oscilloscope . . . . . 111 6 – 8 Sampled waveform of a clock signal for TRNG for Configuration A for temperatures in range −40 ◦ C + 30 ◦ C. . . . . . . . . . . . . . . . . 116 6 – 9 Sampled waveform of a clock signal for TRNG for configuration B for temperatures in range −40 ◦ C + 32 ◦ C. . . . . . . . . . . . . . . . . 117 6 – 10Amount of sampled ones during 1000 sampling periods for TRNG with configuration A (detail of the raising edge). . . . . . . . . . . . . 119 6 – 11Amount of sampled ones during 1000 sampling periods for TRNG with configuration B, with low-pass loop filter (detail of the raising edge). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 6 – 12Amount of sampled ones during 1000 sampling periods according to temperature for chosen sample positions in TRNG with configuration A. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 6 – 13Amount of sampled ones during 1000 sampling periods according to temperature for chosen sample positions in TRNG with configuration B. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 6 – 14Comparison of probability histograms for the jitter measured by temperature 20 ◦ C in TRNG with configuration A and B. Data measured were around the rising edge of the sampled clock waveform. . . . . . . 123 6 – 15Difference in number of sampled ones for critical samples by boundary temperatures −40 ◦ C and +30 ◦ C in TRNG with configuration A and B around the rising edge of the sampled clock waveform. . . . . . . . 123 xiii
Page 1 and 2: Technical University of Koˇsice Fa
Page 3 and 4: Metadata Sheet Author: Martin ˇ Si
Page 5 and 6: FEI KEMT ciel’ovej platformy a vl
Page 7 and 8: Acknowledgement There are several p
Page 9 and 10: Contents Introduction 1 1 Montgomer
Page 11: FEI KEMT 6.2.3 Analysis of TRNG in
Page 15 and 16: List of Algorithms 1 - 1 Montgomery
Page 17 and 18: FEI KEMT π(p) prime counting funct
Page 19 and 20: FEI KEMT MWR2MM Multiple Word Radix
Page 21 and 22: FEI KEMT and Elliptic Curve Cryptog
Page 23 and 24: FEI KEMT The hardware implementatio
Page 25 and 26: FEI KEMT data inputs clock Look-up
Page 27 and 28: FEI KEMT A (X) request for B’s pr
Page 29 and 30: FEI KEMT Algorithm 1 - 1 Montgomery
Page 31 and 32: FEI KEMT In the Algorithm 1 - 1 the
Page 33 and 34: FEI KEMT by the radix b changes to
Page 35 and 36: FEI KEMT the ECC instead of the RSA
Page 37 and 38: FEI KEMT Algorithm 1 - 5 Key genera
Page 39 and 40: FEI KEMT 2 Montgomery Modular Multi
Page 41 and 42: FEI KEMT not significant. On the ot
Page 43 and 44: FEI KEMT Algorithm 2 - 2 The multip
Page 45 and 46: FEI KEMT Beside the internal struct
Page 47 and 48: FEI KEMT q x i S (j) 2 w-1 S (j) 1
Page 49 and 50: FEI KEMT x i x i-1 xi-n+1 Y (j) M (
Page 51 and 52: FEI KEMT especially if the access t
Page 53 and 54: FEI KEMT 2.2.3 Interface to Control
Page 55 and 56: FEI KEMT Clock Signal Distribution
Page 57 and 58: FEI KEMT 2.3.2 Montgomery Multiplic
Page 59 and 60: FEI KEMT 1. Fully software solution
Page 61 and 62: FEI KEMT 2.3.4 Implementation Resul
Page 63 and 64:
FEI KEMT 3 Elliptic Curve Method in
Page 65 and 66:
FEI KEMT improving the area-time pr
Page 67 and 68:
FEI KEMT 3.3.1 Pollard’s (p − 1
Page 69 and 70:
FEI KEMT If the order of P ∈ E(Fq
Page 71 and 72:
FEI KEMT handicap of the Montgomery
Page 73 and 74:
FEI KEMT Two major improvements hav
Page 75 and 76:
FEI KEMT and case study with GNFS b
Page 77 and 78:
FEI KEMT Table 4 - 1 Computational
Page 79 and 80:
FEI KEMT from or writing to a singl
Page 81 and 82:
FEI KEMT Algorithm 4 - 1 Modified M
Page 83 and 84:
FEI KEMT Algorithm 4 - 2 Modular ad
Page 85 and 86:
FEI KEMT microprocessor, e.g. Alter
Page 87 and 88:
FEI KEMT timings of ECM implementat
Page 89 and 90:
FEI KEMT hardware was implemented o
Page 91 and 92:
FEI KEMT [68] what can be expressed
Page 93 and 94:
FEI KEMT and a harvesting mechanism
Page 95 and 96:
FEI KEMT control also all the syste
Page 97 and 98:
FEI KEMT we can mention a generator
Page 99 and 100:
FEI KEMT noise to binary signal a c
Page 101 and 102:
FEI KEMT over time. For this reason
Page 103 and 104:
FEI KEMT The Bucci and Luzzi Testab
Page 105 and 106:
FEI KEMT CLI PLL PLL 1 2 CLJ CLK D
Page 107 and 108:
FEI KEMT For R it holds that the in
Page 109 and 110:
FEI KEMT extraction. In other words
Page 111 and 112:
FEI KEMT and effort needed for repr
Page 113 and 114:
FEI KEMT 6 True Random Number Gener
Page 115 and 116:
FEI KEMT clock input F IN F FB Phas
Page 117 and 118:
FEI KEMT Table 6 - 2 Parameters of
Page 119 and 120:
FEI KEMT Since the size of the jitt
Page 121 and 122:
FEI KEMT Table 6 - 3 Parameters set
Page 123 and 124:
FEI KEMT where N1 is the number of
Page 125 and 126:
FEI KEMT oscillator with frequency
Page 127 and 128:
FEI KEMT Table 6 - 7 Area occupatio
Page 129 and 130:
FEI KEMT 0,75 0,5 0,25 1 0 1 30 59
Page 131 and 132:
FEI KEMT Stochastic Model The clock
Page 133 and 134:
FEI KEMT Table 6 - 8 Mean values me
Page 135 and 136:
FEI KEMT Figure 6 - 8 Sampled wavef
Page 137 and 138:
FEI KEMT Table 6 - 9 Results of sta
Page 139 and 140:
FEI KEMT Figure 6 - 11 Amount of sa
Page 141 and 142:
FEI KEMT Figure 6 - 13 Amount of sa
Page 143 and 144:
FEI KEMT 7 Research Contribution Wi
Page 145 and 146:
FEI KEMT Curriculum vitae Professio
Page 147 and 148:
FEI KEMT [16] Altera Corporation. S
Page 149 and 150:
FEI KEMT [37] Bundesamt für Sicher
Page 151 and 152:
FEI KEMT [54] Federal Information P
Page 153 and 154:
FEI KEMT [71] Gura, N., Chang, S.,
Page 155 and 156:
FEI KEMT of Commerce, month = aug,
Page 157 and 158:
FEI KEMT and C. Paar, Eds., no. 216
Page 159:
FEI KEMT [128] Zimmermann, P. ECMNE
show all

1 Montgomery Modular Multiplication in Hard- ware

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?