## CryptoDB

### Paper: Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves

Authors: David Kammler Diandian Zhang Peter Schwabe Hanno Scharwaechter Markus Langenberg Dominik Auras Gerd Ascheid Rainer Leupers Rudolf Mathar Heinrich Meyr URL: http://eprint.iacr.org/2009/056 Search ePrint Search Google This paper presents a design-space exploration of an application-specific instruction-set processor (ASIP) for the computation of various cryptographic pairings over Barreto-Naehrig curves (BN curves). Cryptographic pairings are based on elliptic curves over finite fields--in the case of BN curves a field Fp of large prime order p. Efficient arithmetic in these fields is crucial for fast computation of pairings. Moreover, computation of cryptographic pairings is much more complex than elliptic-curve cryptography (ECC) in general. Therefore, we facilitate programming of the proposed ASIP by providing a C compiler. In order to speed up $\mathbb{F}_p$ -arithmetic, a RISC core is extended with additional functional units. The critical path delay of these units is adjusted to the base architecture in order to maintain the operating frequency. Independently from that adjustment, these units are scalable allowing for a trade-off between execution time and area consumption. Because the resulting speedup can be limited by the memory throughput, utilization of multiple data memories is proposed. However, developing a C compiler for multiple memories is a challenging task. Therefore, we introduce an enhanced memory system enabling multiple concurrent memory accesses while remaining totally transparent to the C compiler. The proposed design needs 15.8 ms for the computation of the Optimal-Ate pairing over a 256-bit BN curve at 338 MHz implemented with a 130 nm standard cell library. The processor core consumes 97 kGates making it suitable for the use in embedded systems.
##### BibTeX
@misc{eprint-2009-18258,
title={Designing an ASIP for Cryptographic Pairings over Barreto-Naehrig Curves},
booktitle={IACR Eprint archive},
keywords={implementation / Application-specific instruction-set processor (ASIP), design-space exploration, pairing- based cryptography, Barreto-Naehrig curves, elliptic-curve cryptography (ECC), $\mathbb{F}_p$ -arithmetic.},
url={http://eprint.iacr.org/2009/056},
note={ kammler@iss.rwth-aachen.de 14292 received 4 Feb 2009, last revised 17 Feb 2009},
author={David Kammler and Diandian Zhang and Peter Schwabe and Hanno Scharwaechter and Markus Langenberg and Dominik Auras and Gerd Ascheid and Rainer Leupers and Rudolf Mathar and Heinrich Meyr},
year=2009
}