All About Circuits

Flexible Design of a Modular Simultaneous Exponentiation Core

Flexible Design of a Modular Simultaneous Exponentiation Core

Details

Category: Crypto Core

Created: October 16, 2012

Updated: January 27, 2020

Language: VHDL

Other project properties

Development Status: Alpha

Additional info: FPGA proven

WishBone compliant: No

WishBone version: n/a

License: LGPL

Download Core Submit Issue

Description

Project information

The Modular Simultaneous Exponentiation core is a flexible hardware design to support modular simultaneous exponentiations in embedded systems. It is able to compute a double exponentiation as given by

g0e0 ⋅ g1e1 mod m


Where g0, g1 and m are n-bit numbers and the exponents e0 and e1 are t-bit numbers. This operation is commonly used in anonymous credential and authentication cryptosystems like DSA, Idemix, etc.. For this reason the core is designed with the use of large base operands in mind (n=512, 1024, 1536 bit and more..). The hardware is optimized for these simultaneous exponentiations, but also supports single base exponentiations and single Montgomery multiplications. Flexibility is offered to the user by providing the possibility to split the multiplier pipeline into 2 smaller parts, so that in total 3 different base operand lengths can be supported. The length of the exponents can be chosen freely by the controlling software.

The goal of this project is to develop a general core that works on different systems (Xilinx, Altera, ...) and supports various bus interfaces like AXI, PLB and wishbone.

The driver source can be found at: https://code.google.com/p/libmme/

Architecture

The architecture for the full IP core is shown in the figure below. It consists of 2 major parts, the actual exponentiation core (mod_sim_exp_core entity) and a bus interface wrapped around it.

The mod_sim_exp_core entity is the top level of the modular simultaneous exponentiation core. It is made up by 4 main blocks:

  • a pipelined Montgomery multiplier as the main processing unit
  • RAM to store the operands and the modulus
  • a FIFO to store the exponents
  • a control unit which controls the multiplier for the exponentiation and multiplication operations

For further information about the architecture and internal workings, see the documentation on SVN.

Status

The design is working on both PLB and AXI with a generic operand RAM.
Currently the possibility to run the multiplier on a higher clock than the bus clock is being implemented.

Related IP Cores

You May Also Like