面向移动设备的国密SM2高效实现研究  被引量：2

作　　者：张吉鹏 黄军浩 于璇 刘哲 ZHANG Ji-peng;HUANG Jun-hao;YU Xuan;LIU Zhe(College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing,Jiangsu 211106,China;Hong Kong Baptist University,Hong Kong 999077,China;BNU-HKBU United International College,Zhuhai,Guangdong 519087,China;Zhejiang Laboratory,Hangzhou,Zhejiang 311101,China)

机构地区：[1]南京航空航天大学计算机科学与技术学院,江苏南京211106 [2]香港浸会大学,中国香港999077 [3]北京师范大学-香港浸会大学联合国际学院,广东珠海519087 [4]之江实验室,浙江杭州311101

出　　处：《电子学报》2023年第12期3437-3443,共7页Acta Electronica Sinica

基　　金：国家重点研发计划(No.2020AAA0107703);国家自然科学基金(No.62132008);霍英东教育基金(No.171057);江苏省杰出青年基金(No.BK20220075)。

摘　　要：SM2的优化实现在x86-64架构上已经得到了充分的研究,但在ARMv8-A架构上的优化仍不充分,为此本工作提出了以下优化方案:针对SM2的模p与模n乘法/平方运算,充分利用p与n的数值特点优化了蒙哥马利模乘;针对模p与模n求逆运算,推导并实现了更快的基于费马小定理的模逆算法;针对固定点与非固定点标量乘法,分别实现了宽度为7与5的窗口算法;针对签名生成过程中s的计算,用一个模n加/减法替换一个模n乘法.将上述优化技术集成到OpenSSL(3.0.0-beta1)中后,在华为云鲲鹏920计算平台上的测试表明,SM2签名性能提升8.7倍;SM2验签性能提升3.5倍.在移动设备树莓派4平台上,SM2的签名性能提高9.7倍;验签性能提高3.4倍.SM2 has been fully studied on x86-64 architecture,but its optimization on ARMv8-A architecture is inadequate.In this work,we propose the following optimizations to fill this gap:for the modular multiplication/squaring of p and n in SM2,we optimize Montgomery modular multiplication/squaring by leveraging the numerical characteristics of p and n;for the modular inversion of p and n in SM2,we derive and implement a faster modular inversion algorithm based on Fermat's little theorem;for fixed-point and unknown-point scalar multiplication,we implement window algorithms with a window width of 7 and 5,respectively;for the calculation of s during the signature generation process,we replace a modular multiplication of n with a cheaper modular addition/subtraction of n.After integrating the optimizations mentioned above into OpenSSL(3.0.0-beta1),the benchmark on the HUAWEI Cloud Kunpeng 920 computing platform shows that the performance of SM2 signature generation is accelerated by 8.7 times;the performance of SM2 signature verification is accelerated by 3.5 times.Meanwhile,on the mobile device Raspberry Pi 4 platform,the performance of SM2 signature generation is accelerated by 9.7 times;the performance of SM2 signature verification is accelerated by 3.4 times.

关 键 词：椭圆曲线密码 ARMv8-A平台 SM2优化实现 有限域运算 模逆运算 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]