Unified Architectures for Efficient and Compact Crypto-Processing

Erkay Savas
Sabanci University

Public key cryptosystems (PKC) are an important class of cryptographic algorithms used in applications such as digital signature, key exchange, authentication and access control, etc. Important public key schemes such as RSA, elliptic curve cryptography (ECC), NTRU, and identity-based encryption (IBE) rely on basic arithmetic operations in a diverse set of mathematical structures such as prime and extension fields (e.g. optimal, binary and ternary extension fields) and polynomials over integer rings. With different PKC algorithms suitable for different applications, one can easily anticipate that the support for this diverse set of operations will be a necessity in many general-purpose and/or special-purpose crypto-processors for efficient calculation of PKC operations, which requires considerable amount of resources.
We present a unified design methodology to perform different arithmetic operations in the same (unified) datapath in an efficient manner by preserving resources. The advantages of the unified architectures can be listed as resource utilization, compatibility, and algorithm agility. In the unified datapath, the same resources (e.g. a multiplier) can be used to perform arithmetic in both prime fields and binary (or ternary) fields efficiently. The advantage of datapath unification surpasses the resulting overhead. Compatibility allows interoperability of different applications by supporting various cryptographic operations. For instance, a unified datapath can efficiently perform RSA, ECC, NTRU, and IBE operations. Algorithm agility allows switching from one cryptographic algorithm to another if the former is compromised or its security is not sufficient for a certain applications.
In this talk, we will outline the basics of unified design methodology and how they can be applied in general-purpose and special-purpose crypto-processors. We will also give example designs that support various PKC algorithms. Finally, we will quantitatively demonstrate advantage of unified datapath by giving some implementation results.

Audio (MP3 File, Podcast Ready) Presentation (PowerPoint File)

Back to Workshop IV: Special purpose hardware for cryptography: Attacks and Applications