|
We describe a cryptographic processor for Elliptic Curve Cryptography (ECC).
ECC is evolving as an attractive alternative to other public-key cryptosystems
such as the Rivest-Shamir-Adleman algorithm (RSA) by offering the smallest key
size and the highest strength per bit. The cryptographic processor performs
point multiplication for elliptic curves over binary polynomial fields
GF(2m). In contrast to other designs that only support one curve at
a time, our processor is capable of handling arbitrary curves without requiring
reconfiguration. More specifically, it can handle both named curves as
standardized by the National Institute for Standards and Technology (NIST) as
well as any other generic curves up to a field degree of 255. Efficient
support for arbitrary curves is particularly important for the targeted server
applications that need to handle requests for secure connections generated by a
multitude of heterogeneous client devices. Such requests may specify curves
which are infrequently used or not even known at implementation time.
We have implemented the cryptographic processor in a field-programmable gate
array (FPGA) running at a clock frequency of 66.4 MHz. Its performance is 6955
point multiplications per second for named curves over GF(2163) and
3308 point multiplications per second for generic curves over
GF(2163). We have integrated the cryptographic processor into the
open source toolkit OpenSSL, which implements the Secure Sockets Layer (SSL)
which is today's dominant Internet security protocol.
This report is an extended version of a paper presented at the IEEE 14th
International Conference on Application-specific Systems, Architectures and
Processors, The Hague, June 2003 where it received the "Best Paper
Award".
|
