A flexible processor for the characteristic 3 η&lt;SUB align=right&gt;T pairing

Ronan, Robert; Murphy, Colin C.; Kerins, Tim; hÉigeartaigh, Colm Ó; Barreto, Paulo S. L. M.

doi:10.1504/ijhpsa.2007.015393

Cited by 9 publications

(9 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To our knowledge, the place-and-route results on several Xilinx FPGA devices of our designs improved both the computation time and the area-time tradeoff of all the hardware pairing coprocessors previously published in the open literature [28,29,1,30,19,32,41,40,39,7,43,10,25]. We are also currently applying the same methodology used in this work to design a coprocessor for the Tate pairing over F 2 m , with promising preliminary results.…”

Section: Resultsmentioning

confidence: 66%

Hardware Accelerator for the Tate Pairing in Characteristic Three Based on Karatsuba-Ofman Multipliers

Beuchat

Detrey

Estibals

et al. 2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. This paper is devoted to the design of fast parallel accelerators for the cryptographic Tate pairing in characteristic three over supersingular elliptic curves. We propose here a novel hardware implementation of Miller's loop based on a pipelined Karatsuba-Ofman multiplier. Thanks to a careful selection of algorithms for computing the tower field arithmetic associated to the Tate pairing, we manage to keep the pipeline busy. We also describe the strategies we considered to design our parallel multiplier. They are included in a VHDL code generator allowing for the exploration of a wide range of operators. Then, we outline the architecture of a coprocessor for the Tate pairing over F3m . However, a final exponentiation is still needed to obtain a unique value, which is desirable in most of the cryptographic protocols. We supplement our pairing accelerator with a coprocessor responsible for this task. An improved exponentiation algorithm allows us to save hardware resources.According to our place-and-route results on Xilinx FPGAs, our design improves both the computation time and the area-time trade-off compared to previoulsy published coprocessors.

show abstract

Section: Resultsmentioning

confidence: 66%

Hardware Accelerator for the Tate Pairing in Characteristic Three Based on Karatsuba-Ofman Multipliers

Beuchat

Detrey

Estibals

et al. 2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…General purpose microprocessors are intrinsically not suited for computations on finite fields of small characteristic, hence software implementations are bound to be quite slow and the need for special purpose hardware coprocessors is strong [4,5,10,15,17,19,20,[28][29][30]33]. In this context, we extend here to the characteristic two the results by Beuchat et al [4] in the case of the hardware implementation of the reduced η T pairing in characteristic three.…”

Section: Introductionmentioning

confidence: 73%

“…Finally, we explored the trade-offs involved in the hardware implementation of the modified Tate pairing for both characteristic two and three. Our architectures are based on the unified arithmetic operator introduced in [3], and achieve a better area-time trade-off compared to previously published solutions [10,15,17,19,20,[28][29][30]33].…”

Section: Resultsmentioning

confidence: 99%

A Comparison between Hardware Accelerators for the Modified Tate Pairing over $\mathbb{F}_{2^m}$ and $\mathbb{F}_{3^m}$

Beuchat

Brisebarre

Detrey³

et al. 2008

Pairing-Based Cryptography – Pairing 2008

View full text Add to dashboard Cite

“…Several architectures for the computation of cryptographic pairings have been proposed in the literature [14,15,16,17,18,19,20,21,22,23,24,25,26]. All these implementations use supersingular curves over fields of characteristic 2 or 3, achieving only very low security levels, sometimes even below 80 bit.…”

Section: Related Workmentioning

confidence: 99%

Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves

Kammler

Zhang

Schwabe

et al. 2009

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves). Cryptographic pairings are based on elliptic curves over finite fields-in the case of BN curves a field Fp of large prime order p. Efficient arithmetic in these fields is crucial for fast computation of pairings. Moreover, computation of cryptographic pairings is much more complex than elliptic-curve cryptography (ECC) in general. Therefore, we facilitate programming of the proposed ASIP by providing a C compiler.In order to speed up Fp arithmetic, a RISC core is extended with additional scalable functional units. Because the resulting speedup can be limited by the memory throughput, utilization of multiple data-memory banks is proposed.The presented design needs 15.8 ms for the computation of the Optimal-Ate pairing over a 256-bit BN curve at 338 MHz implemented with a 130 nm standard cell library. The processor core consumes 97 kGates making it suitable for the use in embedded systems.

show abstract

A flexible processor for the characteristic 3 η<SUB align=right>T pairing

Cited by 9 publications

References 14 publications

Hardware Accelerator for the Tate Pairing in Characteristic Three Based on Karatsuba-Ofman Multipliers

Hardware Accelerator for the Tate Pairing in Characteristic Three Based on Karatsuba-Ofman Multipliers

A Comparison between Hardware Accelerators for the Modified Tate Pairing over $\mathbb{F}_{2^m}$ and $\mathbb{F}_{3^m}$

Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves

Contact Info

Product

Resources

About