Lecture Notes in Computer Science vol:4249 pages:415-429
8th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2006) location:Yokohama, JAPAN date:October 10-13, 2006
We propose a superscalar coprocessor for high-speed curvebased cryptography. It accelerates scalar multiplication by exploiting instruction-level parallelism (ILP) dynamically and processing multiple instructions in parallel. The system-level architecture is designed so that the coprocessor can fully utilize the superscalar feature. The implementation results show that scalar multiplication of Elliptic Curve Cryptography (ECC) over GF(2(163)), Hyperelliptic Curve Cryptography (HECC) of genus 2 over GF(2(83)) and ECC over a composite field, GF((2(83))(2)) can be improved by a factor of 1.8, 2.7 and 2.5 respectively compared to the case of a basic single-scalar architecture. This speed-up is achieved by exploiting parallelism in curve-based cryptography. The coprocessor deals with a single instruction that can be used for all field operations such as multiplications and additions. In addition, this instruction only allows one to compute point/divisor operations. Furthermore, we provide also a fair comparison between the three curve-based cryptosystems.