研究生: |
陳彥丞 Yan-Cheng Chen |
---|---|
論文名稱: |
設計與實現一個基於二元有限域之橢圓曲線數位簽章之IP Design and Implementation of an IP for Elliptic Curve Digital Signature Based on Binary Field |
指導教授: |
林銘波
Ming-Bo Lin |
口試委員: |
林書彥
Shu-Yan Lin 陳郁堂 Yu-Tang Chen 蔡政鴻 Cheng-Hung Tsai |
學位類別: |
碩士 Master |
系所名稱: |
電資學院 - 電子工程系 Department of Electronic and Computer Engineering |
論文出版年: | 2022 |
畢業學年度: | 110 |
語文別: | 中文 |
論文頁數: | 74 |
中文關鍵詞: | 數位簽章 、二元域 、多項式基底 、蒙哥瑪利演算法 、非對稱式加密 |
外文關鍵詞: | digital signature, binary field, Montgomery ladder algorithm, asymmetric encryption, polynomial basis |
相關次數: | 點閱:451 下載:0 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
在透過網際網路傳輸資料的過程,為了避免資料內容遭到第三方人士竊取,資料加密成了必要的手段。然而資料加密僅提供保護資料內容的作用,卻無法保證加密後的資料是否遭到竄改,因此數位簽章的功能變得重要許多,資料加密結合數位簽章後,不僅具有保護原始內容外洩的功用,還能同時保證資料完整性以及不可否認性的效用。
本論文設計三種不同安全強度的橢圓曲線數位簽章加密與解密晶片,其金鑰長度分別為283位元、409位元、571位元,並將橢圓曲線架構於二元有限域上。在數位簽章加解密晶片中,採用多項式基底作為資料表示法,將橢圓曲線的運算架構於映射座標系上,同時採用蒙哥瑪利階梯演算法降低純量運算的參數權重問題。在設計與實現方面,晶片內部透過串列傳輸介面輸入與輸出資料,並將設計以模組化與參數化的形式實現,使得未來在金鑰擴展的設計更為靈活。完成的設計結果,有兩種實現版本:低成本與高吞吐量,使用者可依據實際應用選擇適合的版本。
完成的橢圓曲線數位簽章設計分別使用FPGA與ASIC實現與驗證。在FPGA實現上,使用Xilinx公司的Virtex 7 FPGA元件,其模擬結果如下:加密的部分依照安全性低至高的工作頻率、資源使用量以及吞吐量分別為{156 MHz, 20132 LUTs, 1031 kbps}、{131 MHz, 24615 LUTs, 600 kbps}、{111 MHz, 34562 LUTs, 369 kbps},解密的部分則為{156 MHz, 35186 LUTs, 246 kbps}、{128 MHz, 42126 LUTs, 146 kbps}、{111 MHz, 68690 LUTs, 92 kbps}。在ASIC驗證方面,採用TSMC 0.18μm標準元件庫設計,工作頻率為100 MHz,晶片總面積為2685.3 μm× 2683.1 m,等效閘數量約為310318 gates。
Data encryption has become a necessary procedure to prevent the message breach during data transmission through the Internet. However, it can only protect the content of the message from being changed; it cannot guarantee whether the encrypted message has been tampered with. To attack such a problem, the techniques of digital signature and data encryption are combined together to prevent the leakage of the original content and to ensure the data integrity and non-repudiation of the data as well.
In this thesis, an IP of elliptic curve digital signature is designed and implemented in three different security strengths with the key length 283 bits, 409 bits, and 571 bits. The elliptic curve architecture is based on the binary finite field with polynomial-basis representation. All arithmetic operations are carried out over the projective coordinate. In addition, the elliptic curve point multiplication uses the Montgomery ladder algorithm to resolve the hamming weight problem of scalar k. In terms of the design and implantation, the IP receives and transfers messages through a serial interface, and the IP design is modularized and parameterized to make flexible the key extension in the future. The resulting IP has two different versions: the low-cost and the high-throughput. Hence, the user can choose the suitable IP for their applications.
The resulting IPs have been implemented and verified with both FPGA and ASIC technologies. In the FPGA technology, a Xilinx FPGA Virtex-7 device is employed. In the encryption part, the working frequency、resource utilization, and throughput are {156 MHz, 20132 LUTs, 1031 kbps}, {131 MHz, 24615 LUTs, 600 kbps}, {111 MHz, 34562 LUTs, 369 kbps} respectively, in terms of low-to-high security strength. In the decryption part, the working frequency、resource utilization, and throughput are {156 MHz, 20132 LUTs, 1031 kbps}, {131 MHz, 24615 LUTs, 600 kbps}, {111 MHz, 34562 LUTs, 369 kbps} respectively. In the ASIC technology, the TSMC 0.18-m standard-cell library is used. The resulting simulation frequency is 100 MHz. The total area is 2685.3 μm× 2683.1 m, equivalent to 310318 gates.
[1] N. Koblitz, “Elliptic Curve Cryptosystems,” Mathematics of Computation, vol. 48, no.177, pp. 203-209, Jan. 1987.
[2] V. S. Miller, “Use of Elliptic Curves in Cryptography,” Advances in Cryptology-CRYPTO ’85, pp. 417-426, Jan. 1985.
[3] W. Diffie and M. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, vol. 22, no.6, pp. 644-654, Nov. 1976.
[4] Darrel Hankerson, Alfred Menezes, and Scott Vanstone, Guide to Elliptic Curve Cryptography, Springer-Verlag New York, Inc., 2004.
[5] T. Itoh and S. Tsujii, “A Fast Algorithm for Computing Multiplicative Inverses in GF (2m) Using Normal Bases,” Information and Computation, vol. 78, no. 3, pp. 171–177, Jan. 12, 1988.
[6] National Institute of Standards and Technology (NIST): Digital Signature Standard (DSS), Federal Information Processing Standard, FIPS PUB 186-4, Jul. 2013.
[7] C. Rebeiro, S. S. Roy, D. S. Reddy, and D. Mukhopadhyay, “Revisiting the Itoh Tsujii Inversion Algorithm for FPGA Platforms,” IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 19, no. 8, pp. 1508–1512, Aug. 2011.
[8] L. Li and S. Li, “Fast Inversion in GF (2m) With Polynomial Basis Using Optimal Addition Chains,” in Proceedings of the 2017 IEEE International Symposium on Circuits and Systems (ISCAS), pp. 1–4, Baltimore, America, May. 28-31, 2017.
[9] F. Rodriguez-Henriquez, N. Cruz-Cortes, and N. Saqib, “A Fast Implementation of Multiplicative Inversion over GF (2m),” in Proceedings of the IEEE 2005 International Conference on Information Technology: Coding and Computing, pp. 574–579, Las Vegas, America, Apr. 04-06, 2005.
[10] Qingwei Li, Zhongfeng Wang and Xingcheng Liu, "Fast Point Operation Architecture for Elliptic Curve Cryptography," in Proceedings of the APCCAS 2008 - 2008 IEEE Asia Pacific Conference on Circuits and Systems, pp. 184-188, Macao, China, Nov. 30, 2008.
[11] Danuta Pamula, “Arithmetic Operators on GF (2m) for Cryptographic Applications: Performance – Power Consumption-security Tradeoffs,” in Proceedings of the Computer Arithmetic, Université Rennes 1, Dec. 17, 2012.
[12] Nursalman, Muhamad et al. “Improved Generalizations of the Karatsuba Algorithm in GF (2n).” in Proceedings of the 2014 International Conference of Advanced Informatics: Concept, Theory and Application (ICAICTA), pp.185-190, Bandung, Indonesia, Aug. 20-21 2014.
[13] Huapeng Wu, "Bit-parallel Finite Field Multiplier and Squarer Using Polynomial Basis," IEEE Transactions on Computers, vol. 51, no. 7, pp. 750-758, Jul. 2002.
[14] Bhanu Panjwani and Deval C. Mehta, “Hardware-Software Co-design of Elliptic Curve Digital Signature Algorithm over Binary Fields,” in Proceedings of the 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1-6, Aug. 10-13, 2015.
[15] G. Nabil, K. Naziha, F. Lamia and K. Lotfi, "Hardware Implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) on Koblitz Curves," in Proceedings of the 2012 8th International Symposium on Communication Systems, Networks & Digital Signal Processing (CSNDSP), pp. 1-6, Kochi, India, Jul. 18-20, 2012.
[16] N. Ghanmy, L. CHaari Fourati and L. Kamoun, "Enhancement Security Level and Hardware Implementation of ECDSA," in Proceedings of the 2013 IEEE Symposium on Computers and Communications (ISCC), pp. 423-429, Jul. 7-10, 2013.
[17] B. Panjwani, "Scalable and Parameterized Hardware Implementation of Elliptic Curve Digital Signature Algorithm over Prime Fields," in Proceedings of the 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 211-218, Split, Croatia, Sep. 13-16, 2017.