Designing an ASIP for cryptographic pairings over Barreto-Naehrig curves

D. Kammler, D. Zhang, P. Schwabe, H. Scharwaechter, M. Langenberg, D. Auras, G. Ascheid, R. Mathar

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

36 Citations (Scopus)
1 Downloads (Pure)

Abstract

This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves). Cryptographic pairings are based on elliptic curves over finite fields—in the case of BN curves a field Fp of large prime order p. Efficient arithmetic in these fields is crucial for fast computation of pairings. Moreover, computation of cryptographic pairings is much more complex than elliptic-curve cryptography (ECC) in general. Therefore, we facilitate programming of the proposed ASIP by providing a C compiler. In order to speed up Fp arithmetic, a RISC core is extended with additional scalable functional units. Because the resulting speedup can be limited by the memory throughput, utilization of multiple data-memory banks is proposed. The presented design needs 15.8 ms for the computation of the Optimal-Ate pairing over a 256-bit BN curve at 338 MHz implemented with a 130 nm standard cell library. The processor core consumes 97 kGates making it suitable for the use in embedded systems.
Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems - CHES 2009 (11th International Workshop Lausanne, Switzerland, September 6-9, 2009. Proceedings)
EditorsC. Clavier, K. Gaj
Place of PublicationBerlin
PublisherSpringer
Pages254-271
ISBN (Print)978-3-642-04137-2
DOIs
Publication statusPublished - 2009

Publication series

NameLecture Notes in Computer Science
Volume5747
ISSN (Print)0302-9743

Fingerprint

Dive into the research topics of 'Designing an ASIP for cryptographic pairings over Barreto-Naehrig curves'. Together they form a unique fingerprint.

Cite this