An Efficient hardware implementation of the tate pairing in characteristic three

DL systems with bilinear structure recently became an important base for cryptographic protocols such as identity-based encryption (IBE). Since the main computational task is the evaluation of the bilinear pairings over elliptic curves, known to be prohibitively expensive, efficient implementations are required to render them applicable in real life scenarios. We present an efficient accelerator for computing the Tate Pairing in characteristic 3, using the Modified Duursma-Lee algorithm. Our accelerator shows that it is possible to improve the area-time product by 12 times on FPGA, compared to estimated values from one of the best known hardware architecture [6] implemented on the same type of FPGA. Also the computation time is improved upto 16 times compared to software applications reported in [17]. In addition, we present the result of an ASIC implementation of the algorithm, which is the first hitherto

A Pipelined Karatsuba-Ofman Multiplier over GF(3973^{97}) Amenable for Pairing Computation

We present a subquadratic ternary field multiplier based on the combination of several variants of the Karatsuba-Ofman scheme recently published. Since one of the most relevant applications for this kind of multipliers is pairing computation, where several field multiplications need to be computed at once, we decided to design a $k$-stage pipeline structure for $k=1,\ldots,4$, where each stage is composed of a 49-trit polynomial multiplier unit. That architecture can compute an average of $k$ field multiplications every three clock cycles, which implies that our four-stage pipeline design can perform more than one field multiplication per clock cycle. When implemented in a Xilinx Virtex V XC5VLX330 FPGA device, this multiplier can compute one field multiplication over \gf($3^{97}$) in just $11.47$ns

Fast architectures for the ηT\eta_T pairing over small-characteristic supersingular elliptic curves

International audienceThis paper is devoted to the design of fast parallel accelerators for the cryptographic $\eta_T$ pairing on supersingular elliptic curves over finite fields of characteristics two and three. We propose here a novel hardware implementation of Miller's algorithm based on a parallel pipelined Karatsuba multiplier. After a short description of the strategies we considered to design our multiplier, we point out the intrinsic parallelism of Miller's loop and outline the architecture of coprocessors for the $\eta_T$ pairing over \F_{2^m} and \F_{3^m}. Thanks to a careful choice of algorithms for the tower field arithmetic associated with the $\eta_T$ pairing, we manage to keep the pipelined multiplier at the heart of each coprocessor busy. A final exponentiation is still required to obtain a unique value, which is desirable in most cryptographic protocols. We supplement our pairing accelerators with a coprocessor responsible for this task. An improved exponentiation algorithm allows us to save hardware resources. According to our place-and-route results on Xilinx FPGAs, our designs improve both the computation time and the area-time trade-off compared to previously published coprocessors

Efficient VLSI architectures for MIMO and cryptography systems

Multiple-input multiple-output (MIMO) communication systems have recently been considered as one of the most significant technology breakthroughs for modern wireless communications, due to the higher spectral efficiency and improved link reliability. The sphere decoding algorithm (SDA) has been widely used for maximum likelihood (ML) detection in MIMO systems. It is of great interest to develop low-complexity and high-speed VLSI architectures for the MIMO sphere decoders. The first part of this dissertation is focused on the low-complexity and high-speed sphere decoder design for the MIMO systems. It includes the algorithms simplification, and transformations, hardware optimization and architecture development. Specifically, we propose the layered reordered K-Best sphere decoding algorithm and dynamic K-best sphere decoding algorithm, which can significantly improve the detection performance or reduce the hardware complexity. We also present the efficient K-Best sorting architecture, which greatly simplifies the sorting operation of the K-Best SDA. In addition, we introduce the early-pruning K-Best SD scheme, which eliminates the unlikely candidate at early decoding stages, thus saves computational complexity and power consumptions. For the conventional sphere decoder design, we develop the parallel and pipeline interleaved sphere decoder architecture, which considerably increases the decoding throughput with negligible extra complexity. Finally, we design the efficient radius and list updating units for the list sphere decoder, which increases the speed of obtaining the new radius and reduces the complexity for generating the new candidate list. The wireless communication technologies are widely used for the benefits of portability and flexibility. However, the wireless security is extremely important to protect the private and sensitive information since the communication medium, the airwave, is shared and open to the public. Cryptography is the most standard and efficient way for information protection. The second part of this thesis is thus dedicated to the high-speed and efficient architecture design for the cryptography systems including ECC and Tate pairing. We propose an efficient fast architecture for the ECC in Lopez-Dahab projective coordinates. Compared with the conventional point operation implementations, the point addition and doubling operations can be significantly accelerated with reasonable hardware overhead by applying parallel processing and hardware reusing. Moreover, we develop a complexity reduction scheme and an overlapped processing architecture for the Tate pairing in characteristic three. The proposed architecture can achieve over 2 times speedup compared with conventional sequential implementations for the Duursma-Lee and Kwon-BGOS algorithms

Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation

The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and costs. The certification path building algorithm that helps users establish trust on certificates in the distributed network environment is particularly complicated. Neither routing security nor PKI come for free. Prior to this work, the research study on performance issues of these large-scale distributed security systems was minimal. In this thesis, we evaluate the performance of BGP security protocols and PKI systems. We answer the questions about how the performance affects protocol behaviors and how we can improve the efficiency of these distributed protocols to bring them one step closer to reality. The complexity of the Internet makes an analytical approach difficult; and the scale of Internet makes empirical approaches also unworkable. Consequently, we take the approach of simulation. We have built the simulation frameworks to model a number of BGP security protocols and the PKI system. We have identified performance problems of Secure BGP (S-BGP), a primary BGP security protocol, and proposed and evaluated Signature Amortization (S-A) and Aggregated Path Authentication (APA) schemes that significantly improve efficiency of S-BGP without compromising security. We have also built a simulation framework for general PKI systems and evaluated certification path building algorithms, a critical part of establishing trust in Internet-scale PKI, and used this framework to improve algorithm performance

Hardware Acceleration of the Tate Pairing in Characteristic Three

Although identity based cryptography offers many functional advantages over conventional public key alternatives, the computational costs are significantly greater. The core computational task is evaluation of a bilinear map, or pairing, over elliptic curves. In this paper we prototype and evaluate polynomial and normal basis field arithmetic on an FPGA device and use it to construct a hardware accelerator for pairings over fields of characteristic three. The performance of our prototype improves roughly ten-fold on previous known hardware implementations and orders of magnitude on the fastest known software implementation. As a result we reason that even on constrained devices one can usefully evaluate the pairing, a fact that gives credence to the idea that identity based cryptography is an ideal partner for identity aware smart-cards