Area Efficient Implementation of Elliptic Curve Point Multiplication Algorithm

Size: px

Start display at page:

Download "Area Efficient Implementation of Elliptic Curve Point Multiplication Algorithm"

Tamsin Osborne
6 years ago
Views:

1 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 Area Efficient Ipeentation of Eiptic Curve Point Mutipication Agorith Suni Devidas Bobade Research Schoar S.G.B.Aravati University Aravati, India Dr.Vijay R. Mankar Deputy Secretary Regiona Board of Technica Education Pune Region, Pune, India Abstract Eiptic Curve Cryptography (ECC) has estabished itsef as the ost preferred and secured cryptography agorith for the secure data transfer and secure data storage in ebedded syste environent. Efficient ipeentation of point utipication agorith is crucia activity for designing area efficient, ow footprint ECC cryptoprocessors. In this paper, an area efficient ipeentation of doube point utipication agorith over binary eiptic curve is presented. Area anaysis of doube point utipication agorith based on differentia addition chains ethod is carried out and area report is generated. Area optiization is achieved by using pipeined structure and by reutiizing ide resources fro previous stages in processing unit. The proposed architecture for doube point utipication is ipeented on Xiinx Virtex- FPGA device. Architecture is odeed in veriog-hdl and synthesized using Xiinx ISE. design software and is found to be ore efficient in ters of area than the existing such architectures. Keywords Cryptography; Eiptic Curve Cryptography; Doube Point Mutipication; Binary Eiptic Curve; Differentia Addition Chain I. INTRODUCTION Victor Mier and Nea Kobitz proposed the concept of eiptic curve cryptography in the id of 98 s and was considered as a next big step in pubic key cryptographic systes. Few agoriths aready existed such as DSA and RSA. The ain advantage of ECC over RSA is the usage of shorter key and it is aided with a drawback that the design for ECC when ipeented in software perfors at dead sow speed, whereas if the ipeentation is done in hardware, the process is uch ore efficient. Hence ECC is the best choice for cryptographic hardware ipeentation. Due to these any advantages of ECC, a nuber of hardware ipeentations have been proposed, and incuded in any standards such as IEEE 363and NIST. An operation caed point addition is defined on an eiptic curve. The point addition is an operation, where two points on the curve are added and a third point, which is aso on the curve, is potted as shown in figure. Iportanty for cryptography, it is very hard to anayze which two points were added. Furtherore, using consecutive point additions, an operation caed Eiptic curve point utipication is defined. The ost exorbitant finite fied operation for point addition and point doubing is the finite fied inversion. However, one way to hande finite fied inversion is by transforing it into ess expensive finite fied operation, such as finite fied addition and utipication by using projective coordinates. The eiptic curve point doubing and point utipication activities are shown in figure and 3. Fig.. Fig.. Point addition P +P =P 3 P (x,y ) x - - Point doubing P P (x,y ) x - P (x,y ) - y y P 3 (x 3,y 3 ) P (x i,y i ) A vast nuber of resource-constrained and highperforance ebedded appications utiize the ECC based pubic key cryptography due to shorter key sizes.. The core operation in ECC systes is the point utipication. The security of the cryptosystes ike ECC depends ainy on the difficuty of the discrete ogarith probe (DLP). A coony adopted ethod of soving DLP is to use the Poard s rho technique []. P a g e

2 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 Fig.3. P P x - 3P - Point utipication on Eiptic Curve y A traditiona technique for coputing side channe inforation is to appy a variant of doube-and-add type agoriths with respect to the binary for of the secret exponent a. Such an agorith woud deteriorate due to power anaysis attacks when doubing and addition operations are distinct []. One ethod to provide Diffie-Hean type protocos with soe eve of protection against side channe attacks, is to divide the scaar a = r + (a r) for soe secret rando integer r, and to copute ap = rp + (a r)p [3]. For the sake of generaity, et G be an additive abeian group. Given an integer a and a point P beonging to G, a (singe) point utipication agorith coputes ap beonging to G. Given two integers a, b and two points P, Q beonging to G, a doube point utipication agorith coputes ap +bq beonging to G. Having an efficient and secure one doube point utipication agorith is iportant for ost of the cryptographic schees. Another scenario where one needs efficient and secure doube point utipication is to speed up singe point utipication over eiptic curves with endoorphis as in [], [5], [6]. A sipe way to ipeent doube point utipication is by aking use of two singe point utipications in parae. Straus-Shair s trick [7] and intereaving [8] are two such ethods. Straus-Shair s type siutaneous doube point utipication agoriths are sensitive to side-channe anaysis, because of which doube and add instructions are not accopished in a inear fashion. Fortunatey, recoding the scaars a and b aows one to ake use of Straus-Shair s type agoriths in such a way that the sae instructions are executed in the sae order. Joye and Tunsta [9] introduced severa techniques of reguar recoding of scaars for reguar point utipication agoriths, which can iediatey be adapted to yied reguar siutaneous doube point utipication agoriths. Especiay, their signed-digit recoding technique with the digit set f; 3g generate a reguar doube point utipication agorith, referred as JT-f;3g agorith. JT-f; 3g costs.5 addition and doubing per scaar bit. Adapting differentia addition chains (DAC) is another technique to copute siutaneous doube point utipication [], [], and []. DAC-ethod is ore proinent as it produces potentiay sipe power anaysis resistant agoriths due to the unifor pattern of operations executed and it is particuary efficient towards eiptic curves setting because of the fact that doube and add operations can be coputed ony using x-coordinates ony. Bernstein [] proposed a doube point utipication agorith reated to the new binary chain, known as the B-NBC agorith. B-NBC has a unifor fraework, and costs additions and doubing per scaar bit. Recenty, Azarderakhsh and Karabina [3] designed a siutaneous doube point utipication agorith based on DAC, the AK-DAC agorith. AK-DAC has a unifor structure, and costs : additions and : doubings per scaar bit. The above entioned three doube point utipication agoriths JT-f; 3g, B-NBC, and AK-DAC are nora, and hence they are potentiay resistant towards power anaysis attacks. Nevertheess, coparing these agoriths with respect to the efficiency point of view is not straight forward. Athough JT-f; 3g shows the best per-bit cost, B-NBC and AK-DAC have the benefit of being based on DAC. For exape, in eiptic curves setting, one can ipeent B-NBC and AK-DAC by adapting the addition foruas that incude ony the x-coordinates of the points, and are uch ore efficient than that of their conventiona counterparts. Moreover, JT-f; 3g cannot be executed in parae because an addition operation shoud be aways perfored foowing two successive doubing operations. Doube and add operations can be copetey paraeized in both B-NBC and AK-DAC. If one redistributes parae addition/doubing units, then the costs of B-NBC and AK-DAC per bit becoes A+D and :A. In the sae way, if one redistributes 3 parae addition/doubing units, then the per-bit cost of B-NBC becoes A. In this paper, hardware architecture of Area efficient Eiptic Curve Point Mutipication using AK-DAC standard Weierstrass binary eiptic curve groups is ipeented and is investigated for area occupancy. This wi be reaized with the proising reguar agorith with ow hardware requireent (area). The rest of the paper is organized as, Section reviews soe of the atest research works perfored reated to proposed work and in Section 3 the otivation and the ethodoogy of research are discussed. Section ceary expains and anayzes the proposed architecture with neat sketches and agoriths and in Section 5 the experienta resuts are reported and copared with other existing works. Finay the work concudes in Section 6. II. RELATED WORK Literature is a significant treasure house of various VLSI architectures for point utipication in ECC. At this juncture, existing architectures offered in the iterature need to be understood. Reza Azarderakhsh and Koray Karabina [3] designed a new doube point utipication agorith and its appication to binary eiptic curves with endoorphis. In this design, the agorith was based on differentia addition chains. The architecture was designed with a unifor structure and has soe degree of buit-in resistance against side channe 5 P a g e

3 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 anaysis attacks. Their doube point utipication agorith is based on an adaptation of Montgoery s PRAC agorith. Work aso deonstrated how doube point utipication can be epoyed to speed up the coputation of singe point utipication on eiptic curves with efficienty coputabe endoorphiss. In design, gain acceeration is 3% and 8% for coputing singe point utipication with and without avaiabiity of parae utipiers, respectivey. Efficient eiptic curve point utipication using digitseria binary fied operations was designed by Gustavo D. Sutter et.a []. They used a new high-speed point utipier for eiptic curve cryptography using either fied prograabe gate array or appication-specified integrated circuit technoogy. Their design adapted a digit-seria approach in GF utipication and GF division in order to construct an efficient eiptic curve utipier using projective coordinates. The design invoved any basic arithetic operations in the underying finite fied. There are different acceeration techniques to iprove the perforance of the ECC operations. Their point utipication technique used three types of agorith Montgoery Ladder Agorith, Point utipication and Point utipication using three utipiers and one divisor and precoputing x P. This design achieved point utipication over GF ( 63 ) in 9.38 μs in Virtex-E devices and in 5.8 μs in Virtex-5. Efficient RNS ipeentation of eiptic curve point utipication over GF (p) was designed by Mohaad Esaeidoust et.a [5]. In this design, based on the residue nuber syste (RNS), new hardware architecture for ECPM over GF (p) was estabished. The designed architecture encopasses RNS bases with various word-engths to efficienty ipeent RNS Montgoery utipication. In that ethod two versions of fast and area-efficient designs for RNS Montgoery utipication in six and four-stage pipeined architectures were used. When copared to stateof-the-art ipeentations, their ipeented design achieved higher speeds and better area deay. Kio U. Järvinen et.a [6] suggested efficient agorith and architecture for eiptic curve cryptography for extreey constrained secure appications. They proposed an efficient ipeentation of point utipication on Kobitz curves targeting extreey-constrained, secure appications. In design Gaussian nora basis (GNB) representation of fied eeents was adopted and epoyed an efficient bit-eve GNB utipier. The specia property of nora basis representation and squarings was rewired in hardware very efficienty. Aso, a new technique was introduced for point addition in affine coordinate which required fewer registers. In their newy designed technique extreey sa processor architecture for point utipication was used. Their architecture offered better resuts copared to the previous works, aking it suitabe for extreey-constrained, secure environent. Theoretica odeing of eiptic curve scaar utipier on LUT-based FPGAs for area and speed efficiency was designed by Sujoy Sinha Roy et.a [7]. Two priitives used in eiptic curve scaar utipier architecture (ECSMA) were ipeented on k input ookup tabe (LUT)-based fiedprograabe gate arrays to approxiate the deay of different characteristic. It was used to deterine the optia nuber of pipeine stages and the idea paceent of each stage in the ECSMA. In order to perfor point addition and doubing in a pipeined data path, suitabe scheduing was created. The three stage pipeined architecture for doube and add based scaar utipication is perfored on Xiinx Virtex V patfors over GF ( 63 ). The ipeentation used a nove pipeined bit-parae Karatsuba utipier that has subquadratic copexity. In proposed design, efficient choice of scaar utipication agorith, optiized fied priitives, baanced pipeine stages, and enhanced scheduing of point arithetic resuted in a high-speed architecture with a significanty sa area. Hossein Mahdizadeh and Massoud Masoui [8] designed a nove architecture for efficient FPGA ipeentation of eiptic curve cryptographic processor over GF ( 63 ). In architecture the critica path of the Lopez Dahab scaar point utipication architecture was organized and reordered by the axiu architectura and tiing iproveents, such that ogic structures were ipeented in parae and operations in the critica path were diverted to noncritica paths. In the ipeented design the execution deay of the LD agorith has been reduced by paraeization of the utipiers in the ipeentation of the cacuations of projective coordinates. The ECC processor was ipeented using synthesizabe VHDL codes, and synthesized, paced, and routed using Xiinx ISE.. This design copetes the coputations in the projective coordinates in 36 ([/G]) +3 cyces and coordinate conversion in 5 ( [/G])+ cyces. With G =33, their new design was four ties faster than other designs. Hybrid binary-ternary nuber syste for eiptic curve cryptosystes was designed by Jithra Adikari et.a [9]. The ost coputationa intensive operations in eiptic curve based cryptosystes are Singe and doube scaar utipications. The perforance of operations was iproved by eans of integer recoding techniques; with an ai to iniize the scaars density of nonzero digits. Designed syste housed three nove agoriths for both singe and doube scaar utipications. The first agorith is w-hbtf and the other two agoriths, naey, HBTJF and RHBTJF. It was used to find the short and sparse representation for a singe scaar or a joint representation for a pair of scaars. The output resuts showed that hybrid agoriths are aost aways faster than cassica w-naf ethods or JSF. Kazuo Sakiyaa et.a [] ipeented a tripartite oduar utipication. In utipication, for axiizing a eve of paraeis, systeatic approach was ipeented for oduar utipication. The agorith which is used in this ethod effectivey integrates three different existing agoriths, a cassica oduar utipication based on Barrett reduction, the oduar utipication with Montgoery reduction and the Karatsuba utipication agoriths in order to reduce the coputationa copexity and increase the potentia of parae processing. In utiprocessor environent for hardware and software ipeentations, this agorith is very effective. This agorith cocks a higher speed when copared to the other agoriths for oduar utipication. 6 P a g e

4 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 III. PROPOSED METHODOLOGY Most of the ethods ipeented for point utipication incude a pre-coputation stage before the actua process for point utipication. The operation of pre-coputation stage incudes the coputation of the interediate points which are then used for increasing the throughput of the point utipication process. Hence the need for highy efficient eiptic curve point utipication is an iportant activity in the fied of cryptography. The traditiona and the ess copex ethod for point utipication is the binary ethod which is we known as doube-and-add ethod. Whie, the other doube point utipication agorith discussed in iterature is naive ethod. But, a these ethods ony speed up the point utipication and, since for VLSI architectures the hardware utiization is the ajor requireent, thus thrust shoud be on optiizing area required for the proposed syste. Thus, in this paper, area efficient ipeentation of doube point utipication over binary eiptic curves is presented. Area anaysis of doube point utipication agorith based on differentia addition chains ethod is investigated. The perforance and efficiency of any schee is based on the required area. Proposed architecture for doube point utipication is ipeented on Xiinx Virtex- FPGA device. The proposed architecture is odeed in veriog-hdl and synthesized using Xiinx ISE. design software. IV. PROPOSED DOUBLE POINT MULTIPLICATION ALGORITHM Proposed ipeentation of Eiptic Curve doube point Mutipication agorith is oosey based on Montgoery s PRAC agorith [3]. Agorith is sipified and odified in order to ake the design ore area efficient than the exiting design. The odified doube point agorith used in proposed work is exhibited in figure as a fowchart. k Let and k be the two integers such that k, and k, k,k Where is a set of integers. P ( X, Y ) and P ( X, Y ) are two points on an Eiptic curve, such P ( ) that, P G G( ), Where is Gaois Binary extension fied. The inputs to proposed doube point k,k agorith are integers and the point in the eiptic curve k and the output generated by the agorith is P kp which is another point that ies on the sae eiptic graph k ( ) such that P kp G k. The vaues of and k are updated based on conditions entioned in the fowchart. k Whenever the vaues of or k are updated, a rue fro the Tabe.I is invoked, which in turn generates a sequence of seector signa for the utipexers in the architecture. The process continues for various iterations and end up with the output vaue of doube point utipication kp kp G( ) k when and k becoes equa. TABLE.I. Rues SELECTOR SEQUENCE AND OPERATIONS BASED ON THE RULES Operation Register Register P P Register P d S S S S 3 S S 5 S 6 S 7 S 8 Initia P P P d R P P + P P d R P P P +P d R * P + P P P d R * P P P d+(-p ) Fig.. schee Fowchart for the proposed odified doube point utipication Fig.5. Architecture for Proposed Doube point Mutipication unit for ECC 7 P a g e

5 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 The architecture for proposed area efficient point utipication schee using doube point utipication is shown in figure 5. The architecture incudes a processing unit, eory unit and a contro unit. P P X X Y Y R R 3 3 Stage 3 R R 3 R R 5 Stage 3 R R 3 Stage 3 ^ 3 P d R R R 3 X Y a 3 3 Stage ^ 3 * X X 3 Y 3 Y Fig.6. Modified data dependency graph for the processing unit A. Processing Unit The processing unit is a cobined architecture for differentia point addition and differentia point doubing operations. The ajor portion of the avaiabe sices are occupied by the processing unit because of the invoveent of various finite fied arithetic units for coputing the output point addition and doubing vaues. So the ain contribution of this work is focused on designing an area efficient processing unit with a reduction in nuber of incorporated Arithetic units. The odified area efficient data dependency graph for the processing unit is shown in figure 6. Proposed data dependency graph for coputing doube point utipication epoys area efficient finite utipiers, squarers, and adders based on differentia point addition and doubing foruae given in []. The processing unit is designed with stages of pipeine process in order to reduce the usage of arithetic units for coputation. The inputs to the processing unit are three points and a difference between two points (the input points vaues are seected based on the sequence fro the contro unit). The paraeter a is a constant integer vaue fro the eiptic curve equation considered for cryptography. 8 P a g e

6 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 When the input is oaded to the processing unit, the processing of the input points takes pace in stages. After the copetion of the previous stage, the vaues are stored teporariy in the respective registers (Buffers) and then ony the next eve of process begins. Hence in proposed architecture, resources such as registers and other arithetic units that are used in previous stage of process are reused. For exape in data fow graph the utipier used in the first stage of coputation can be reused in the stage four and the squarer used in the fourth stage can be reused in the fina output coputation stage thereby reducing the need for extra utipiers and squarers. The buffers that are used in the previous stage and that are found to be epty in the next stages are reused efficienty for aking processing unit area efficient The arithetic units that are incorporated inside proposed resource reusabe cobined architecture for differentia point addition and differentia point doubing are discussed in detai in foowing sections. B. Addition Unit The addition process that takes pace in processing unit is a finite fied oduo binary additions. Let A i a i x which in binary vector for represented as A a,..., a, ) and B b i i x which in ( a i B ( b,..., b, b binary vector for represented as ). Addition of A and B produces the resut C as ci ai bi, Where the sybo denotes the XOR operator. Hence in hardware reaization of the addition unit, XOR gate array is used as shown in figure 7 for adding two finite fied binary eeents. The addition process utiizes ony one cock cyce for storing the resuts in the respective output register. i C. Squaring Unit The squaring of an eeent A in binary finite fied is siper than that of finite fied utipication. Squaring incudes two steps of processing; in the first step zeros are inserted between each bit in the bit vector representing A shown in figure 8. In the Second step the bit vector obtained fro first step is reduced by taking od f ( x), where f (x) is a degree- irreducibe poynoia. In hardware ipeentation, reduction can be done by XOR and shifting operation. The squaring operation for A is represented as A Fig.8. i i a x od f ( x). i Zero insertion for squaring a - a -.. a a a - a -. a a D. Mutipication Unit The design of Finite fied utipiers is the copex issue in the ipeentation of the ECC processor. A nuber of utipiers with different area and tie copexity are reported in the avaiabe iteratures. In this work, an area efficient architecture for Karatsuba s utipier which incorporates digit-eve poynoia basis utipier is adopted. The odified Karatsuba utipier used in proposed architecture for doube point utipication utipies finite inputs A and B of -bit ength. In Karatsuba utipier, each operand is first spit into two equa parts and then processed. The interna processor incudes 3 utipiers and adders. The architecture for Karatsuba utipier is as shown in figure 9. Fig.7. Finite fied Adder 9 P a g e

7 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 Fig.. Interna Structure of D-bock E. Inversion Unit Inversion is the ost expensive arithetic finite fied operations. In genera, inversion can be coputed as, Fig.9. Architecture for G( ) Karatsuba utipier The utipier used here is a digit-eve poynoia basis utipier for coputing the product of two eeents over G ( ), ( / for this design) using a irreducibe poynoia f (x). Hence the input to the digit-eve poynoia basis utipier is of bit ength ' / '( 6) and the irreducibe poynoia for G ) is ( 6 6 x x x in binary it is represented as ( ). The digit-eve utipier exhibits an area copexity of O(d ) and tie copexity of O ( / d) The operand A register is initiay oaded with -bits and operand B register is oaded with -bits. The D-bock is an array of AND gates as shown in figure which perfors the operation a i B. Hence the output of the D-bock is avaiabe ony if the bit vaue of the corresponding A-register is and if it is then the output of D-bock becoes. i When a the d-partia products are coputed the * x bocks perfor corresponding shift operations and the od f ( x) bock perfors reduction operation. The G ) adder bock add a the partia products obtained in the before step using a array of XOR gates sae as that have been used for addition operation for fied eeents. The ain advantage of using this utipier in proposed technique is that it can operate at higher cock frequencies in coparison to the other utipiers reported in the iterature. The architecture for the digit-eve poynoia basis utipier used in proposed technique is shown in figure. ( A A The genera coputation of inversion requires squaring and utipications. But the ethod proposed by Itoh and Tsujii (IT) [] is the ost efficient ethod of inversion and hence sae technique has been adopted for hardware ipeentation of inversion odue in proposed architecture. The IT technique requires ony ( ) H( ) and squaring. Where og H is the nuber of ones in the binary representation of bits known as Haing Weight. The agorith of Itoh and Tsujii ethod for inversion is given in Agorith. 5 Let, A G( ), A, 5 s Initiay ( A) Aand i since ( s ) When, Input i ( A) A (Squaring ) () A A. A ( FiniteFied Mutipication ) A Agorith Output : A s : A G( ), A, ( A) A. For i to s do begin ( A) ( A) ( A) ( A)* ( A) ( FiniteFied MutipicationG( end ( A) ( A) Re turn ( ( A)) i i ( cycic shifts) ( FiniteFied MutipicationG( A 5 )) )) 3 P a g e

8 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 Mod f(x) a - a -.. a a d D *x d- D *x Mod f(x) c b - b - b b D *x Mod f(x) G( ) Adder c... c - c - D d- *x d- Mod f(x) Fig.. Digit-eve poynoia basis utipier F. Contro and Meory Unit The contro unit designed with LUTs generates the contro signas as per the input rue and fow chart given in figure. Based on the input rue, appropriate seector signas are generated and are fed to the utipexers. For each cock puse, the seectors signas are generated and based on this the contents fro the registers are fed to the processing unit. At the start of the process, the Register P and Register P are initiaized with the input points P and P respectivey. The designed contro unit is sipe and utiizes ony a saer area than the other units in the architecture. The bock diagra for the contro unit is shown in figure. For storing the points and a other data needed for the coputation, register fies are used instead of RAM bocks. This is because the RAM bocks require counication between the eory unit and the processing unit which is not required in case of the register fies. Fig.. Contro Unit 3 P a g e

sices as copared to JT {±, ±3} ethod and 6% esser than AK-DAC technique. TABLE.II.

9 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 V. RESULTS AND DISCUSSION In this section, proposed architecture for doube point utipication is ipeented to anayze its area and power requireents. sices as copared to JT {±, ±3} ethod and 6% esser than AK-DAC technique. TABLE.II. AREA COMPARISONS OF DIFFERENT DOUBLE POINT MULTIPLICATION ALGORITHMS OVER ( ) G WITH 33 d Naïve Method[3] [#Sices] B- NBC[] [#Sices] JT {±, ±3}[9] [#Sices] AK- DAC[3] [#Sices] Propose d [#Sices] 7 6,8 5,7,96,6 3, ,693 8,7 6,5 6,6 6,6 8,335 9,9 7,69 7,557 6, ,6 3,9,,75 8,733 8 Fig.3. RTL scheatic for the proposed doube point utipication architecture The Xiinx Virtex - xcvx device is used as the target FPGA. The proposed architecture is odeed in veriog- HDL and synthesized for different digit sizes using XST of Xiinx ISE version. design software. A the experients were perfored on 3.GHz Inte(R) i5,.gb RAM, and 3-bit operating syste with windows7 professiona. Figure 3 exhibits a snapshot of RTL scheatic of proposed doube point utipication architecture. A. Area report of proposed schee: Coparison of area utiization of proposed doube point utipication architecture with other existing ethods such as Naive Method, B-NBC, JT -{±, ±3} and AK-DAC is carried out. Target device incudes 89,88 Sices (78,76 input LUTs and 78,76 Siced FFs) and 96 bonded IOBs. Each sice contains fip-fops (FFs) and ook-up tabes (LUTs). The resource utiization coparison as depicted in tabe II beow shows the sices utiized by proposed schee are uch esser than the other existing ethods. Proposed ipeentation utiizes ony an average of 6.5% aong the avaiabe 89,88 sices in the device. But a other ethods report a high percentage of device utiization. With increase in d vaue fro 7 to 3, it is observed that there is increase in proposed architecture footprint. The area coparison of proposed ethod with other siiar existing ethods is shown in figure for a cear understanding of the efficiency of proposed ethod. For digit size of 7, proposed architecture uses 37.95% reduced sices as copared to Naive ethod, 5.9% fewer in coparison to B-NBC, 8% fewer Fig.. Bar chart showing Area coparison For digit size of 6, proposed architecture uses 7.% reduced sices as copared to Naive ethod, 37. % in coparison to B-NBC,.9% fewer sices as copared to JT {±, ±3} ethod and.% esser than AK-DAC technique B. Power and Perforance Report of proposed architecture The tota cock periods required for the coputation, frequency and power needed for the ipeented architecture is tabuated in tabe III beow. TABLE.III Naïve Method[3] B-NBC[] JT {±, ±3}[9] AK-DAC[3] Proposed IMPLEMENTATION RESULTS FOR OUR PROPOSED DOUBLE POINT MULTIPLICATION SCHEME d Cock period(ns) Frequency(MHz) Power(W) Figure 5 shows the graph potted between d aong x- axis and Cock periods aong y-axis. With the increase in digit size of the utipier, the cock periods (Coputation Tie) increases. Hence a arge digit size utipier can boost up the throughput of architecture. But with the increase in digit size the need for registers, AND gates XOR gates and shift ogic aso increases which contributes to chip area. Since thrust is on area reduction, a ow bit size for ipeentation has been chosen. 3 P a g e

10 Power (W) Frequency (MHz) Cock Periods (ns) (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 Fig.5. Graph pot between d and Cock Periods (ns) Fro the graph shown in figure 6, it is observed that with the rise in the digit size of the utipier, the operating cock frequency for ipeentation decreases. Fig.6. Graph pot between d and Frequency (MHz) The power consuption by proposed design is ainy due to the eakage power and the cock power. Figure 7 shows the graph pot for digit size (d) Vs Tota Power consuption by proposed odue. It can be observed that with the increase in digit size of the utipier, the power consued by architecture increases. Fro the above anaysis, if d vaue is seected as a ow vaue then Area and Power consuption decreases but the speed of coputation decreases. On the other hand if d vaue is ade high then the area and power consuption increases with a high speed coputation. Hence in order to ake proposed architecture efficient towards Area, Power and perforance, a baanced vaue of digit size is to be chosen and is set to an average vaue as possibe. Fig Graph pot between d and Power (W) d d d VI. CONCLUSION In this paper, an area efficient eiptic curve point utipication architecture using a doube point utipication technique is designed and ipeented. Reutiization of ide resources and a pipeined data path schee for data processing in the cobined odue for differentia point adder and point douber were presented ceary. The finite fied arithetic operators were designed efficienty to reduce the area utiization. The copete architecture was synthesized and siuated using Xiinx ISE.. Reports were generated in ters of area, power and tie by varying the digit size of the utipier. The resuts obtained fro area report were copared with other siiar existing ethods reported in the iteratures and found to be uch better. In future for further area optiization of the proposed architecture, research thrust shoud be on designing an efficient area optiized finite fied utipier. REFERENCES [] J.M. Poard. Monte Caro, Methods for Index Coputation (od p) Matheatics of coputation, 3(3):98 9, 978. [] J-S. Coron, Resistance against differentia power anaysis for eiptic curve cryptosystes, Lecture Notes in Coputer Science, CHES 999, 77:9 3, 999. [3] C. Cavier and M. Joye, Universa Exponentiation Agorith A First Step towards Provabe SPA-Resistance, Lecture Notes in Coputer Science, CHES, 6:3 38,. [] R. Gaant, R. Labert, and S. Vanstone, Faster point utipication on eiptic curves with efficient endoorphiss, Advances in Cryptoogy CRYPTO, LNCS, 39:9,. [5] D. Gabraith, X. Lin, and M. Scott, Endoorphiss for Faster Eiptic Curve Cryptography on a Large Cass of Curves, Journa of Cryptoogy, :6 69,. [6] D. Hankerson, K. Karabina, and A. Menezes, Anayzing the Gabraith- Lin-Scott point utipication ethod for eiptic curves over binary fieds, IEEE Transactions on Coputers, 58:, 9. [7] A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Appied Cryptography, New York, 996. [8] B. Moer, Agoriths for Muti-exponentiation, Seected Areas in Coputer Science SAC, LNCS, 59:65 8,. [9] M. Joye and M. Tunsta, Exponent recoding and reguar exponentiation agoriths, Lecture Notes in Coputer Science, AFRICACRYPT 9, 558:33 39, 9. [] P. Montgoery, Evauating recurrences via Lucas chains, Deceber 3, 983; Revised March, 99 and January, 99. [] T. Akishita, Fast Siutaneous Scaar Mutipication on Eiptic Curve with Montgoery For, Seected Areas in Coputer Science SAC, LNCS, 59:5 67,. [] D. Bernstein, Differentia addition chains, Technica report, 6, Avaiabe at [3] Reza Azarderakhsh and Koray Karabina, A new doube point utipication agorith and its appication to binary eiptic curves with endoorphiss, IEEE Transactions on Coputers, No.99, May 3. [] Sutter.G.D, Deschaps.J and Iana J.L, Efficient eiptic curve point utipication using digit-seria binary fied operations, IEEE Transactions on industria eectronics, Vo.6, No., Jan 3. [5] Mohaad Esaeidoust, Efficient RNS ipeentation of eiptic curve point utipication over GF(p), IEEE Transactions on Very Large Scae Integration systes, Vo., No. 8, Aug 3. [6] Azarderakhsh. R, Jarvinen K.U and Mozaffari-Kerani. M, Efficient agorith and architecture for eiptic curve cryptography for extreey constrained secure appications, IEEE Transactions on circuits and systes- I, Vo. 6, No., Apri. 33 P a g e

11 (IJACSA) Internationa Journa of Advanced Coputer Science and Appications, Vo. 6, No., 5 [7] Roy. S.S, Rebeiro,C and Mukhopadhyay. D, Theoretica odeing of eiptic curve scaar utipier on LUT-based FPGAs for area and speed, IEEE Transactions on Very Large Scae Integration (VLSI) systes, Vo., No. 5, May 3. [8] Hossein Mahdizadeh and Massoud Masoui, A nove architecture for efficient FPGA ipeentation of eiptic curve cryptographic processor over GF( 63 ),IEEE Transactions on very arge scae integration systes, Vo., No., Dec 3. [9] Adikari. J, Diitrov.V.S, and Ibert.L, Hybrid binary-ternary nuber syste for eiptic curve cryptosystes, IEEE Transactions on coputers, Vo. 6, No., Feb. [] Kazuo Sakiyaa, Mirosav Knezevica, Junfeng Fana,, Bart Preneea, and Ingrid Verbauwhedea, Tripartite oduar utipication, Integration, the VLSI Journa, Vo., No., pp: 59 69, Septeber. 3 P a g e

Database Replication Algorithm Performance in High Speed Networks Under Load Balancing

Database Replication Algorithm Performance in High Speed Networks Under Load Balancing Database Repication Agorith Perforance in High Speed Networks Under Load Baancing Rekh Nath Singh 1, Raghura Singh 2 1 Research Schoar, A. P. J. Abdu Kaa Technica University, Lucknow, India. 2 Director,