ECC Dual-field Co-Z Scalar Multiplication Algorithm And Hardware Implementation

Elliptic Curve Cryptography (ECC) has been applied to more and more fields nowa-days, especially in the embedded systems where the power consumption and space are con-strained due to its high security, good performance, small storage space and low bandwidthrequirements.In the designing of elliptic curve cryptography coprocessor, the complexity of thecalculation time and the security level are two most important issues which need to be takeninto consideration. In the project, we have studied various existing scalar multiplicationalgorithms, and we have proposed a novel dual-field fast and secure scalar multiplicationalgorithm: co-Z Protected NAF based on the original NAF.Firstly, we studied the method of co-Z in prime field, and understanded how it works.Then we extended the method of co-Z from prime field to binary field, which significantlyimproves the efciency of point add in binary field. The NAF scalar multiplication al-gorithm is vulnerable to SPA attack. In order to overcome the weakness, Protected NAFintroduces the dummy operations to make the algorithm doing the regular operations what-ever the key is. However, it also brings the efciency losses and makes the algorithm moresusceptible to safe-error attack. By combining co-Z point add with Protected NAF, the ef-ficiency loss is compensated partly. Meanwhile, the Protected NAF scalar multiplicationalgorithm is reorganized and optimized, and the new scalar multiplication algorithm notonly faster than Protected NAF, but also resistant to SPA attack and safe-error attack.Besides the research of the algorithm, the project also designed the hardware architec-ture of the dual-field co-Z Protected NAF scalar multiplication. And the operation time andarea are relatively better than many other implementations. While implemented in0.13μmCMOS, the overall total area of the coprocessor is73.7k logic gates. In prime field, the timeto calculate the160-bit and256-bit scalar multiplication is1.03ms and1.6ms respectively.While in binary field, the time to calculate the160-bit and256-bit scalar multiplicationis0.21ms and0.34ms respectively. Meanwhile, the hardware can support multiple scalarlength calculation without any hardware changes, which means the architecture has greatflexibility and scalability.