GF(2^(m))域双参数ECDSA算法优化设计  

作　　者：方应李 方玉明[1] FANG Yingli;FANG Yuming(College of Integrated Circuit Science and Engineering,Nanjing University of Posts and Telecommunications,Nanjing 210023,China)

机构地区：[1]南京邮电大学集成电路科学与工程学院,江苏南京210023

出　　处：《电子科技》2023年第9期73-78,共6页Electronic Science and Technology

基　　金：江苏省研究生科研与实践创新计划项目(SJCX21_0273)。

摘　　要：针对经典椭圆数字签名算法中存在的签名效率低以及伪造签名攻击等问题,文中提出了可证明安全性的双参数椭圆曲线数字签名方案,并通过硬件进行实现。在现有研究基础上,利用Lopez-Dahab投影坐标系减少签名过程中模逆运算的使用次数,并对群运算层采用部分并行运算以此提高点乘算法的运算效率。对于有限域运算,通过串并混合结构的快速模乘算法、快速模平方算法以及改进的Itoh-Tsujii模逆算法来实现。方案安全性分析结果表明,该方案可以有效抵抗伪造攻击和随机数替换攻击,可确保消息传递过程中的安全性。时序仿真结果表明,实现一次点乘运算占用23087个逻辑单元且运算过程仅需要476个时钟数,相比于同类点乘运算的时钟数减少了75%。In view of the problems of the classical elliptic digital signature algorithm,such as low signature efficiency and forgery signature attack,a provably secure double parameter elliptic curve digital signature scheme is proposed and implemented by hardware in this study.Based on the existing research,the Lopez-Dahab projection coordinate system is used to reduce the number of modular inverse operations in the signature process,and the group operation layer is partially parallel operations to improve the efficiency of the high point multiplication algorithm.For finite field operations,fast modular multiplication algorithm of serial parallel hybrid structure,fast modular square operation and improved Itoh-Tsujii modular inverse algorithm are adopted.The security analysis result of the scheme shows that the scheme can effectively resist forgery attack and random number replacement attack,and ensure the security in the process of message transmission.The timing simulation results show that the implementation of a point multiplication operation occupies 23087 logic units,the operation process only needs 476 clocks,and the number of clocks is reduced by 75%when compared with similar point multiplication operations.

关 键 词：ECDSA 模运算 伪造签名 安全性 并行运算 状态机 消息 密钥对 

分 类 号：TN4[电子电信—微电子学与固体电子学] TP309[自动化与计算机技术—计算机系统结构]