高性能Ed25519算法硬件架构设计与实现  被引量：1

作　　者：于斌 黄海 刘志伟 赵石磊 那宁 YU Bin;HUANG Hai;LIU Zhiwei;ZHAO Shilei;NA Ning(School of Computer Science and Technology,Harbin University of Science and Technology,Harbin 150080,China)

机构地区：[1]哈尔滨理工大学计算机科学与技术学院,哈尔滨150080

出　　处：《电子与信息学报》2021年第7期1821-1827,共7页Journal of Electronics & Information Technology

基　　金：黑龙江省自然科学基金(YQ2019F010);黑龙江省博士后科研启动基金(LBH-Q18065);中央引导地方科技发展专项(ZY20B11)。

摘　　要：针对签名验签速度难以满足特定应用领域需求的问题,该文设计了一种高性能Ed25519算法的硬件实现架构。采用宽度为2 bit的窗口法实现标量乘运算,减少了标量乘所需的总周期数;通过优化点加倍点操作步骤,提高了乘法器的硬件使用率;使用低计算复杂度的快速模约简实现模乘,提高了整体运算速度。为了使模L运算可复用标量乘中的快速模约简,该文提出一种基于Barrett约简的模L算法。通过优化解压过程中模幂操作过程,精简了步骤并使其可复用模乘。对所提架构做硬件实现,在TSMC的55 nm CMOS工艺下,面积为746×10^(3)等效门,最高频率360 MHz,每秒能够执行公钥生成9.06×10^(4)次、签名8.82×10^(4)次和验签3.99×10^(4)次。The speed of existing signature and verification architecture is difficult to meet the requirement of the specific applications domain,to solve this problem a high-performance hardware architecture of Ed25519 algorithm is developed.The scalar multiplication algorithm is implemented by using the window method with 2 bit width to reduce the total cycle numbers of the algorithm significantly.By optimizing the order of operations of point addition and point doubling,the hardware utilization rate of multiplier is improved.The module multiplication is realized by using fast module reduction with low computational complexity,thus the overall operation speed is improved.The modular L algorithm based on Barrett reduction is proposed to reuse the fast modular reduction in scalar multiplications.By optimizing the modular power computation in the decompression process,the steps are simplified and the modular multiplication can be reused.Under the TSMC 55 nm CMOS process,the area of the proposed hardware architecture is 7.46×105 equivalent gate,and the maximum frequency is up to 360 MHz.It can perform 9.06×10^(4)key generations,8.82×10^(4)signatures and 3.99×10^(4)verifications per second.

关 键 词：椭圆曲线数字签名算法 爱德华兹曲线 硬件实现 标量乘 快速模约简 

分 类 号：TN918[电子电信—通信与信息系统] TP309[电子电信—信息与通信工程]