CN103049710B - Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm - Google Patents
Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm Download PDFInfo
- Publication number
- CN103049710B CN103049710B CN201210540967.XA CN201210540967A CN103049710B CN 103049710 B CN103049710 B CN 103049710B CN 201210540967 A CN201210540967 A CN 201210540967A CN 103049710 B CN103049710 B CN 103049710B
- Authority
- CN
- China
- Prior art keywords
- point
- digital signature
- controller
- arithmetic element
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a field-programmable gate array (FPGA) chip for an SM2 digital signature verification algorithm. The FPGA chip comprises a system bus interface, an SM2 controller and an SM2 operation unit, and the system bus interface is used for communicating with an external system of the FPGA chip, acquiring parameters and data which are required by SM2 digital signature verification from the external system , writing the parameters and the data in the SM2 controller, receiving a control message, a work state query message and an operation result query message which are sent by the external system and sending the control message, the work state query message and the operation result query message to the SM2 controller; the SM2 controller is used for triggering the SM2 operation unit according to the control message and sending a work state and a verification result of the SM2 operation unit to the external system through the system bus interface after the SM2 controller receives the work state query message and the operation result query message; and the SM2 operation unit is used for reading the parameters and the data which are required by SM2 digital signature verification for this time from the SM2 controller under the triggering of the SM2 controller, finishing verification calculation according to the SM2 digital signature verification algorithm and sending a verification result to the SM2 controller.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of FPGA for SM2 digital signature verification algorithm
Chip.
Background technology
National Password Management office will propose the related cryptographic algorithm standard of China in the end of the year 2010, including:SM2 standard, SM3
Standard, SM7 standard.Wherein SM2 standard is:Mathematical problem basis based on Elliptic Curve Discrete Logarithm, in international correlation ECC
(Elliptic curve cipher)The domestic standard developing on the basis of relevant criterion algorithm and coming.
The main still RSA Algorithm of the more asymmetric cryptographic algorithm of domestic and international application at present.But from theory analysis and answer
Seen with demand angle, ECC algorithm(Comprise SM2 canonical algorithm)Security intensity be higher than RSA Algorithm, key length is more simultaneously
Short, application prospect is preferable.But the system based on SM2 algorithm is realized, or even product is few in terms of terminal chip research and development.
On the other hand, national Password Management office requires system and the terminal of domestic all application asymmetric cryptographic algorithms, in
Domestic standard must be used, including SM2 algorithm standard rules before 2015.Therefore, permissible in terms of SM2 research and development of products and system schema
Carry out system research.
Content of the invention
In order to solve the problems referred to above of the prior art, the present invention provide a kind of for SM2 digital signature verification algorithm
Fpga chip.
The present invention provides a kind of fpga chip for SM2 digital signature verification algorithm, including:System bus interface, uses
In being communicated with the external system of fpga chip, parameter data needed for external system obtains SM2 digital signature authentication,
And write SM2 controller, receive control message, working condition query messages and the operation result inquiry that external system sends
Message, and it is sent to SM2 controller;SM2 controller, is connected with system bus interface and SM2 arithmetic element, for according to control
Message trigger SM2 arithmetic element, after receiving working condition query messages and operation result query messages, by system bus
Interface sends working condition and the result of SM2 arithmetic element to external system;SM2 arithmetic element, in SM2 controller
Triggering under, read this parameter data needed for SM2 digital signature authentication from SM2 controller, carry out according to SM2 numeral
Signature verification algorithm carries out checking and calculates, and the result is sent to SM2 controller.
Preferably, system bus interface includes:Meet universal industrial bus standard system bus interface or, meet
The system bus interface of User Defined bus inferface protocol.
Preferably, SM2 controller specifically includes:Control register, for receiving outside by system bus interface
In the case of the control message that system sends, according to control message, SM2 arithmetic element is triggered by SM2 enabling signal and starts, lead to
Cross SM2 reset signal triggering SM2 arithmetic element to reset;Data register, for receiving external system by system bus interface
This parameter data needed for SM2 digital signature authentication sending, and stored, in control register reset SM2 computing
After unit, empty this parameter data needed for SM2 digital signature authentication;Status register, for receiving work shape
In the case of state query messages, the working condition of inquiry SM2 arithmetic element, and by system bus interface, working condition is sent
To external system;Proactive notification external system SM2 arithmetic element has completed this SM2 digital signature authentication;Receiving computing
In the case of result queries message, send the checking of this SM2 digital signature authentication to external system by system bus interface
Result.
Preferably, SM2 arithmetic element specifically includes:First state machine module, is used for carrying out SM2 digital signature authentication computing
Row control, and communicated with SM2 controller;First mould adds computing module, for completing SM2 numeral under affine coordinate system
The calculating of t=(r '+s ') modn in signature verification algorithm, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is
Signature code word, calculates the digest value of messageHv() is digest calculations function,Before " " represents
The splicing of latter two character string, n is the rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;First times
Point processing module, for the support in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division arithmetic
Under, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under affine coordinate systemA, wherein, G is elliptic curve
Basic point, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two element a, b ∈
Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to PAT ' times
Point;First point add operation module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division
Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under affine coordinate systemAThe point of two points
Plus computing, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
Preferably, first state machine module specifically for:Read needed for this SM2 digital signature authentication in SM2 controller
Parameter data;Receive the SM2 enabling signal that SM2 controller sends, start SM2 arithmetic element;Tested according to SM2 digital signature
Computing process invocation the first point doubling module of card algorithm, the first point add operation module, the first mould add computing module, and according to
This parameter data needed for SM2 digital signature authentication carries out checking and calculates;After the completion of this SM2 digital signature authentication,
Obtain the result, the result and complement mark are returned to SM2 controller;Receive the SM2 reset letter that SM2 controller sends
Number, reset SM2 arithmetic element.
Preferably, first state machine module specifically for:Call the first mould to add computing module and calculate t=(r '+s ') modn;
The first point doubling module is called to calculate [s '] G and [t '] PA;The first point add operation module is called to calculate (x ', y ')=[s '] G+
[t′]PA;Call the first mould to add computing module and calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, verifies
Pass through, otherwise verify and do not pass through.
Preferably, SM2 arithmetic element specifically includes:Coordinate transferring, for the point coordinate data on elliptic curve
Changed from affine coordinate system to Jacobi Coordinate system;Second state machine module, is used for carrying out SM2 digital signature authentication computing
Row control, and communicated with SM2 controller;Second mould adds computing module, for completing SM2 number under Jacobi Coordinate system
The calculating of t=(r '+s ') modn in word signature verification algorithm, and R=(e '+x1') calculating of modn, wherein, (r '+s ')
For code word of signing, calculate the digest value of messageHv() is digest calculations function," " represents
The splicing of former and later two character strings, n is the rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;Second
Point doubling module, for propping up in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division arithmetic
Hold down, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under Jacobi Coordinate systemA, wherein, G is oval bent
The basic point of line, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two elements a, b
∈Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to PAT ' times
Point;Second point adds computing module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division
Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under Jacobi Coordinate systemATwo points
Point add operation, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
Preferably, prime field multiplying is replaced with Montgomery multiplying.
Preferably, Montgomery multiplying institute is replaced by the digital signal processor DSP resource in fpga chip
The multiplier needing.
Preferably, the second state machine module specifically for:Read needed for this SM2 digital signature authentication in SM2 controller
Parameter data;Receive the SM2 enabling signal that SM2 controller sends, start SM2 arithmetic element;The second mould is called to add computing
Module calculates t=(r '+s ') modn;The second point doubling module is called to calculate [s '] G and [t '] PA;Call the second point add operation
Module calculates (x ', y ')=[s '] G+ [t '] PA;Call the second mould to add computing module and calculate R=(e '+x1') modn, checking R=
Whether r ' sets up, if setting up, being verified, otherwise verifying and do not pass through;After the completion of this SM2 digital signature authentication, acquisition is tested
Card result, the result and complement mark are returned to SM2 controller;Receive the SM2 reset signal that SM2 controller sends, multiple
Position SM2 arithmetic element.
The present invention has the beneficial effect that:
By means of the technical scheme of the embodiment of the present invention, take full advantage of fpga chip resource, can effectively lift SM2 and calculate
The arithmetic speed of method;The technical scheme of the embodiment of the present invention can apply to all kinds of safety certification fields, simultaneously according to specific
Application scenarios and technical need, take flexible configuration mode, realize system resource and the reasonable distribution of operation efficiency.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by the specific embodiment of the present invention.
Brief description
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit are common for this area
Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred embodiment, and is not considered as to the present invention
Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
Fig. 1 is the SM2 digital signature verification algorithm flow chart of the embodiment of the present invention;
Fig. 2 is the structural representation of the fpga chip for SM2 digital signature verification algorithm of the embodiment of the present invention;
Fig. 3 is the schematic diagram of the SM2 signature verification fpga chip internal structure of the embodiment of the present invention;
Fig. 4 be the embodiment of the present invention affine coordinate system under SM2 signature verification arithmetic element realize schematic diagram;
Fig. 5 be the embodiment of the present invention Jacobi Coordinate system under SM2 signature verification arithmetic element realize schematic diagram.
Specific embodiment
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here
Limited.On the contrary, these embodiments are provided to be able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
The invention provides a kind of fpga chip for SM2 digital signature verification algorithm, SM2 is realized based on fpga chip
The checking computing of digital signature in national password standard.Application scenarios or application demand are all kinds of safe terminal systems.This
Bright embodiment is based on digital signature verification algorithm in national Password Management office SM2 standard, realizes prime field and calculate on fpga chip
Method calculates.In addition pass through the data conversion of affine coordinate system and Jacobi Coordinate system, design can be optimized to SM2 algorithm,
The operation efficiency of fpga chip thus can be improved.Meanwhile, programmable features and configurable characteristic, chip are had by fpga chip
EBI can carry out R & D design, reduces cost according to concrete system requirements, improves efficiency.
As described above, the FPGA of SM2 signature algorithm realizes being equal to existing Special safety chip in terms of calculation function.But
It is because fpga chip has the characteristic such as configurable, programmable, scalable so that the FPGA realization of SM2 Digital Signature Algorithm can
According to specific application scenarios and application demand, flexibly to be realized the selection of algorithm computational efficiency and system cost of implementation.
I.e. under algorithm real-time less demanding application demand environment, the fpga chip of internal resource more saving can be selected, enter
The algorithm based on affine coordinate system for the row is realized;On the other hand, for the application demand environment that requirement of real-time is higher, can select
Internal resource is compared with the fpga chip of horn of plenty, and can adopt algorithm optimization, or improves the technological means such as chip clock, comes
Improve arithmetic speed and system effectiveness further.Meanwhile, again can be according to specific system bus type, flexible configuration chip pair
External system bus, improves the system self-adaptability of chip, is also another advantage that FPGA realizes compared to Special safety chip.
Below in conjunction with accompanying drawing and embodiment, the present invention will be described in further detail.It should be appreciated that concrete reality described herein
Apply example only in order to explain the present invention, do not limit the present invention.
Before the technical scheme to the embodiment of the present invention is described in detail, first to SM2 national standard digital signature
Verification algorithm is described in detail.
《SM2 ellipse curve public key cipher algorithm》National standard is divided into four parts, including:General provisions, Digital Signature Algorithm,
IKE, public key encryption algorithm.Digital Signature Algorithm includes again:Elliptic curve systems parameter, user key to, auxiliary
Function, user's other information, the generating algorithm of digital signature and flow process, the verification algorithm of digital signature and flow process etc..
The FPGA that the embodiment of the present invention mainly completes digital signature verification algorithm realizes and effectiveness of performance optimization.Main below
Illustrate SM2 digital signature verification algorithm basic condition, subsequently again FPGA is realized and optimize and make an explanation.
SM2 digital signature verification algorithm, specific as follows:
Input:
1st, elliptic curve parameter:Including finite field FpScale q, define elliptic curve E (Fq) equation two elements a, b
∈Fq、E(Fq) on basic point G=(xG,yG) (G ≠ O), wherein xGAnd yGIt is FpIn two elements, elliptic curve basic point E (Fq)
On the rank n of G and other option(Cofactor h as n etc.);
2、ZA:The Hash Value of the distinguished mark of user, part elliptical curve systematic parameter and user's A public key;
3、PA:The public key of user;
4、M':Message to be verified;
5、(r',s'):The signature code word that system receives.
Output:The result:It is verified or verifies and do not pass through.
Step:Fig. 1 is the SM2 digital signature verification algorithm flow chart of the embodiment of the present invention, as shown in figure 1, in order to check
Message M' receiving and its digital signature (r', s'), the user as verifier needs to realize following calculation step:
Step 1, whether inspection r' ∈ [1, n-1] sets up, if not, then verify and do not pass through, wherein n is elliptic curve
Rank;
Step 2, whether inspection s' ∈ [1, n-1] sets up, if not, then verify and do not pass through, wherein n is elliptic curve
Rank;
Step 3, putsThe splicing of wherein " " former and later two character strings of operator representation;
Step 4, calculatesCalculate the digest value of message, wherein Hv() is digest calculations function;
Step 5, signature codeword data type is converted to integer, calculates t=(r '+s ') modn, if t=0, verify not
Pass through;
Step 6, calculates elliptic curve point (x ', y ')=[s '] G+ [t '] PA, wherein (x ', y ') is on elliptic curve
Point, [s '] G and [t '] PAFor point doubling [s '] G+ [t '] PAFor point add operation;
Step 7, calculates R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, is verified;Otherwise verify
Do not pass through, wherein x1' it is one of above-mentioned steps 6 calculated elliptic curve point (x ', y ') coordinate element.
Hereinafter the technical scheme of the embodiment of the present invention is described in detail.
According to embodiments of the invention, there is provided a kind of fpga chip for SM2 digital signature verification algorithm, Fig. 2 is
The structural representation of the fpga chip for SM2 digital signature verification algorithm of the embodiment of the present invention, as shown in Fig. 2 according to this
The fpga chip for SM2 digital signature verification algorithm of inventive embodiments includes:System bus interface 20, SM2 controller 22,
And SM2 arithmetic element 24, below the modules of the embodiment of the present invention are described in detail.
System bus interface 20, for being communicated with the external system of fpga chip, obtains SM2 numeral from external system
Parameter data needed for signature verification, and write SM2 controller 22, receive control message, the work shape that external system sends
State query messages and operation result query messages, and it is sent to SM2 controller 22;
Wherein, system bus interface 20 includes:Meet universal industrial bus standard system bus interface 20 or, symbol
Share the system bus interface 20 of family self-defined bus interface protocol.
SM2 controller 22, is connected with system bus interface 20 and SM2 arithmetic element 24, for being triggered according to control message
SM2 arithmetic element 24, after receiving working condition query messages and operation result query messages, by system bus interface 20
Send working condition and the result of SM2 arithmetic element 24 to external system;
SM2 controller 22 specifically includes:
Control register, for the situation in the control message receiving external system transmission by system bus interface 20
Under, according to control message, SM2 arithmetic element 24 is triggered by SM2 enabling signal and starts, SM2 fortune is triggered by SM2 reset signal
Calculate unit 24 to reset;
Data register, this SM2 digital signature for being received external system transmission by system bus interface 20 is tested
The required parameter data of card, and stored, after control register reset SM2 arithmetic element 24, empty this SM2 numeral
Parameter data needed for signature verification;
Status register, for, in the case of receiving working condition query messages, inquiring about the work of SM2 arithmetic element 24
Make state, and working condition is sent to by external system by system bus interface 20;Proactive notification external system SM2 computing list
Unit 24 has completed this SM2 digital signature authentication;In the case of receiving operation result query messages, connect by system bus
Mouth 20 sends the result of this SM2 digital signature authentication to external system.
SM2 arithmetic element 24, under the triggering of SM2 controller 22, reading this SM2 number from SM2 controller 22
Parameter data needed for word signature verification, carries out carrying out checking calculating according to SM2 digital signature verification algorithm, by the result
It is sent to SM2 controller 22.With 2 examples, the structure of SM2 arithmetic element 24 will be illustrated below.
Example 1
SM2 arithmetic element 24 specifically includes:
First state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is entered with SM2 controller 22
Row communication;
First state machine module specifically for:Read this parameter needed for SM2 digital signature authentication in SM2 controller 22
Data;Receive the SM2 enabling signal that SM2 controller 22 sends, start SM2 arithmetic element 24;According to SM2 digital signature authentication
Computing process invocation the first point doubling module of algorithm, the first point add operation module, the first mould add computing module, and according to this
Parameter data needed for secondary SM2 digital signature authentication carries out checking and calculates;After the completion of this SM2 digital signature authentication, obtain
Take the result, the result and complement mark are returned to SM2 controller 22;Receive the SM2 reset that SM2 controller 22 sends
Signal, reset SM2 arithmetic element 24.
Wherein, according to computing process invocation the first point doubling module of SM2 digital signature verification algorithm, the first point add operation
Module, the first mould add computing module, and the parameter data according to needed for this SM2 digital signature authentication carries out checking and calculates tool
Body includes processing as follows:
Call the first mould to add computing module and calculate t=(r '+s ') modn;The first point doubling module is called to calculate [s '] G
[t '] PA;The first point add operation module is called to calculate (x ', y ')=[s '] G+ [t '] PA;The first mould is called to add computing module meter
Calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, being verified, otherwise verifying and do not pass through.
First mould adds computing module, for complete under affine coordinate system the t=in SM2 digital signature verification algorithm (r '+
S ') modn calculating, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates the summary of message
ValueHv() is digest calculations function," " represents the splicing of former and later two character strings, and n is ellipse
The rank of circular curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
First point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field
Under the support of division arithmetic, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under affine coordinate systemA, wherein,
G is the basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two
Individual element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PAIt is
Refer to PAT ' times of point;
First point add operation module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field
Under the support of division arithmetic, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under affine coordinate systemATwo points
Point add operation, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
Example 2:
SM2 arithmetic element 24 specifically includes:
Coordinate transferring, for being entered to Jacobi Coordinate system from affine coordinate system to the point coordinate data on elliptic curve
Row conversion;
Second state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is entered with SM2 controller 22
Row communication;
Second state machine module specifically for:Read this parameter needed for SM2 digital signature authentication in SM2 controller 22
Data;Receive the SM2 enabling signal that SM2 controller 22 sends, start SM2 arithmetic element 24;The second mould is called to add computing mould
Block calculates t=(r '+s ') modn;The second point doubling module is called to calculate [s '] G and [t '] PA;Call the second point add operation mould
Block calculates (x ', y ')=[s '] G+ [t '] PA;Call the second mould to add computing module and calculate R=(e '+x1') modn, checking R=r '
Whether set up, if setting up, being verified, otherwise verifying and do not pass through;After the completion of this SM2 digital signature authentication, obtain checking
As a result, the result and complement mark are returned to SM2 controller 22;Receive the SM2 reset signal that SM2 controller 22 sends,
Reset SM2 arithmetic element 24.
Second mould adds computing module, for completing the t=in SM2 digital signature verification algorithm under Jacobi Coordinate system
The calculating of (r '+s ') modn, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates message
Digest valueHv() is digest calculations function," " represents the splicing of former and later two character strings, n
For the rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
Second point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field
Under the support of division arithmetic, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under Jacobi Coordinate systemA, its
In, G is the basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation
Two element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t ']
PARefer to PAT ' times of point;
Second point adds computing module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field
Under the support of division arithmetic, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under Jacobi Coordinate systemATwo
The point add operation of point, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
It should be noted that in examples detailed above 1 and example 2, prime field multiplying can be replaced with
Montgomery multiplying.Further, it is also possible to be replaced by the digital signal processor DSP resource in fpga chip
Multiplier needed for Montgomery multiplying.
Below in conjunction with accompanying drawing, the technique scheme of the embodiment of the present invention is described in detail.
Fig. 3 is the schematic diagram of the SM2 signature verification fpga chip internal structure of the embodiment of the present invention, as shown in figure 3, being based on
Fpga chip completes SM2 digital signature authentication, and chip is integrally realized including three parts:System bus interface 20, SM2 controller
22 and SM2 arithmetic elements 24.
Separately below system bus interface 20, SM2 controller 22 and SM2 arithmetic element 24 are illustrated.
1st, system bus interface 20
System bus interface 20 is realized more flexible, can be general industrial bus standard or user makes by oneself
Adopted bus inferface protocol, needs to be designed developing according to specific system requirements.The effect of system bus interface 20 is mainly:
Communicated with chip exterior system based on the SM2 signature verification chip of FPGA, including signature verification desired parameters data
Write, the control of SM2 chip and chip status inquiry and operation result inquiry.
2nd, SM2 controller 22
The realization of SM2 controller 22 is mainly register group.Functionally divide, main inclusion:Control register, data are posted
Storage, status register.The register group of SM2 controller 22 can regard EBI and the intermediate axle of SM2 arithmetic element 24 as
Beam or intermediate link, can realize external system to the control of SM2 arithmetic element 24 or access by SM2 controller 22.
Control register
Control register has two signal positions, is functionally divided into:SM2 enabling signal and SM2 reset signal.SM2 opens
Dynamic signal is mainly used in the computing startup function of SM2 chip, and this control function is completed by a trigger, can be level
Triggering or edge triggering, are weighed according to design requirement;External system passes through EBI to SM2 controller 22
Control register write triggers this signal.SM2 reset signal is mainly used in the reset of SM2 arithmetic element 24, and this reset signal is
Low level effective, external system is passed through EBI and is triggered this signal, this signal to the control register write of SM2 controller 22
General complete a SM2 signature verification computing in SM2 arithmetic element 24, external system after the result is taken away, put
Position, by set, can reset SM2 arithmetic element 24, in case new SM2 signature verification calculates.
Data register
Data register is mainly used in storing the data needed for SM2 arithmetic element 24 calculates, and these data include:SM2 number
Elliptic curve parameter needed for word signature verification algorithm(Scale q, two element a and b of elliptic curve equation, basic point G(Mainly
For basic point coordinate element), the rank n of basic point G and other option etc.), for checking calculate client public key PA, to be verified
The summary of messageSigned codevector (r', s') word calculating for checking etc.(Note, chip design of the present invention is main
Complete SM2 digital signature verification algorithm step 5 to step 7, due to the operand very little of above several steps, can be in FPGA core
Complete in piece external system, chip internal completes the big step of operand below, so can save the area of chip and become
This);Wherein, elliptic curve parameter may be referred to the reference parameter providing in SM2 standard it is also possible to count by the checking of user's early stage
Calculate the elliptic curve parameter voluntarily drawing.Data register as data buffer storage, before SM2 arithmetic element 24 triggering starts and calculates
By DSR, therefore before SM2 arithmetic element 24 startup, external system is needed to pass through external bus interface by above-mentioned data
Write;After SM2 arithmetic element 24 starts computing, SM2 arithmetic element 24 is by above-mentioned data read-out;After data read-out, this data
Register can be treated that this SM2 signature verification calculates and terminate, and empties to after SM2 arithmetic element 24 reset, and wait is new once
Again new data is write before SM2 computing.
Status register
Status register can be used for inquiring about the working condition of chip SM2 arithmetic element 24, including:In free time, calculating, count
Complete.Additionally, status register can comprise a computing complement mark position, for providing the interrupt identification of external system,
Can be calculated with proactive notification external system SM2 by this mark and complete.Meanwhile, status register also has a flag bit, referred to as
Result flag bit, for representing the result, including two classes:It is proved to be successful and authentication failed, external system can read this mark
Will position, obtains operation result.
3rd, SM2 arithmetic element 24
The embodiment of the present invention is based primarily upon above-mentioned SM2 signature verification fpga chip internal structure and is designed realizing, mainly
Work concentrates on SM2 arithmetic element 24.It is designed under affine coordinate system first, realize, verify;Then in Jacobi coordinate
Under system, optimization that the related algorithm of SM2 arithmetic element 24, computation structure are carried out, thus improve SM2 signature verification to calculate speed
Degree.This invention carries out chip design based on FPGA, basic structure three major parts still as shown in Figure 3, and difference is
The realization of SM2 arithmetic element 24 is different.It should be noted that the realization of the SM2 arithmetic element 24 of Fig. 3 is based on affine coordinate system
's.Two classes of SM2 arithmetic element 24 are realized:Under affine coordinate system, SM2 signature checking arithmetic element be embodied as substantially real
Existing;Under Jacobi Coordinate system, the checking arithmetic element of SM2 signature is realized, and is that a kind of optimization that can improve arithmetic speed is realized
Scheme, but more fpga chip resources can be taken.Concrete condition is with reference to description below.
The realization of SM2 signature verification arithmetic element under affine coordinate system
Fig. 4 be the embodiment of the present invention affine coordinate system under SM2 signature verification arithmetic element realize schematic diagram, as Fig. 4 institute
Show, SM2 arithmetic element 24 is communicated with SM2 controller 22, and signal type includes:Control signal write, data write, state
And result reads, its semiotic function corresponds to control register, data register and Status register in SM2 controller 22 respectively
The function of device.
It is important to note that this SM2 arithmetic element 24, mainly complete the step 5 of SM2 digital signature verification algorithm to
The calculating process of step 7.Because a few step calculating process amounts of calculation of signing are little, can complete in chip exterior.
According to shown in Fig. 4, the internal structure of SM2 arithmetic element 24 includes:State machine module, point doubling module, point add
Computing module(Point plus the point add operation referring to Point on Elliptic Curve, need bottom prime number domain operation to support, take advantage of including prime field
Method, prime field division and prime field addition and subtraction), mould add computing module.
1st, state machine module
According to fpga chip state machine design feature, the state machine major function in SM2 arithmetic element 24 is:SM2 computing
Row control, and the communication function with SM2 controller 22.The state of state machine controls the transfer flow to be:Read SM2 controller
The data of data register in 22>The enabling signal of control register in response SM2 controller 22>Carry out SM2 meter
Calculate>SM2 calculates and completes, and obtains operation result, and result and complement mark return to the Status register of SM2 control register
Device>Wait the reset signal of SM2 controller 22.
The function of state machine is specific as follows:
(1)SM2 digital independent, the main data reading data register in SM2 controller 22, this is state machine once
Before the computing of complete S M2, first have to the work completing.
(2)SM2 control signal responds:The enabling signal being given primarily responsive to SM2 controller 22 and reset signal.Response is opened
Dynamic signal, starts SM2 and calculates;Response reset signal, resets to SM2 arithmetic element 24, prepares once new calculating.
(3)Control SM2 calculating process, the calculating according to SM2 digital signature verification algorithm step 5 to step 7 requires, respectively
Dispatch each computing module in order once, specially:
Mould adds computing, mainly completes t=(r '+s ') modn and calculates;
Point doubling is successively each once, [s '] G and [t '] PA;
Point add operation, [s '] G+ [t '] PA;
Mould adds computing, R=(e '+x1′)modn.
(4)Provide checking SM2 signature verification result, and return state and checking to the status register of SM2 controller 22
Result.
2nd, point add operation module
This module mainly completes [s '] G and [t '] P of SM2 digital signature verification algorithm step 6AThe point of two points adds fortune
Calculate, i.e. (x ', y ')=[s '] G+ [t '] PA.
Point add operation rule is listed below, as follows:
(1)If two point P1=(x1,y1) and P2=(x2,y2), seek P3=(x3,y3)=P1+P2;
(2)Then With
According to above-mentioned operation rule, elliptic curve point add operation, need bottom prime field signed magnitude arithmetic(al), prime field
Multiplying and the support of prime field division arithmetic.
3rd, point doubling module
Point doubling module is mainly responsible for completing [s '] G in SM2 digital signature verification algorithm step 6 and [t '] PATwice
Computing.
In the embodiment of the present invention, [s '] G is the point doubling completing first, [t '] PAIt is times point fortune subsequently to be completed
Calculate.G is the basic point of elliptic curve, PAIt is client public key, be also a point on elliptic curve.[s '] G refers to s ' times of point of G,
[t′]PARefer to PAT ' times of point.Correlation theories knowledge according to elliptic curve understands, the point on elliptic curve completes point doubling
Point after one-tenth, still on this elliptic curve, namely this point is also the point of elliptic curve, therefore [s '] G and [t '] PAIt is oval
Two points on curve.The result that this two points carry out point add operation is also the point on elliptic curve.
In terms of calculating process, the essence of point doubling can regard multiple point add operation as, and therefore point doubling still needs
The prime field signed magnitude arithmetic(al) of bottom to be called, prime field multiplying and prime field division arithmetic module.
4th, mould adds computing module
It is relatively simple that mould adds computing, that is, after data summation, then carries out modulus computing.Mainly it is responsible for completing SM2 digital signature
T=(r '+s ') modn of verification algorithm step 5 calculates, and the R=(e '+x of step 71') modn calculating.
The above-mentioned SM2 signature verification arithmetic element under affine coordinate system, realized based on fpga chip, completes a SM2
Signature computing, generally requires more than 500 additional calculation, corresponding division calculation then needs more than 20,000 time.For example, according to SM2 point
Plus the computation rule of computing, need 1 division calculation and three multiplication to calculate, but the division calculation amount in prime field is multiplication
50 times, therefore can it is clear that:Maximum Calculation bottleneck is exactly substantial amounts of division arithmetic.
Here, in order to reduce the division arithmetic amount under affine coordinate system, Jacobi Coordinate system can be introduced.Sit in Jacobi
Coordinate under mark system can be expressed as, and it correspond to affine coordinate, therefore can be considered as coordinate vector in Jacobi coordinate system
Intermediate variable, using the mutual conversion that can complete affine coordinate system and Jacobi Coordinate system.
By the mutual conversion of affine coordinate system and Jacobi Coordinate system so that SM2 signature verification calculates in Jacobi's seat
Mark system is lower to be realized, and can be prevented effectively from substantial amounts of division calculation hence it is evident that reducing amount of calculation.And complete a SM2 computing
During, affine coordinate system only needs 1 time with the mutual conversion of Jacobi Coordinate system.Even one time SM2 signature computing, also only
Need division arithmetic two or three times, can greatly optimize arithmetic element and arithmetic speed.Inherently see, by affine coordinate system with
The conversion of Jacobi Coordinate system, effectively eliminates division calculation amount call number, be mainly reflected in effectively reduce times put and point plus
The call number to prime field division for the calculating process.
Above know, by the mutual conversion of affine coordinate system and Jacobi Coordinate system, can effectively reduce division arithmetic.
Therefore, after division arithmetic optimization realization, main Calculation bottleneck is then multiplying.
Multiplying in prime field is all modular multiplication, i.e. c=a × bmodp.Or traditional multiplying needs to borrow
Division is helped to take the remainder, or realizing by the subtraction of low rate.The present invention adopts Montgomery multiplication(Meng Gema
Sharp multiplication)The multiplication that then can effectively optimize prime field calculates, and complicated computing is changed into the multiplication of simply low precision
Computing is realizing.Montgomery multiplying is as follows:
Algorithm:Montgomery Multiplication(Montgomery multiplication calculates)
Input:
1st, domain Fp, mould p, orderP=n1□2D+n0,
2nd, integer a, b ∈ [0, p-1], a=a1□2D+a0, b=b1□2D+b0;
3rd, integer Integer m.
Output:C=a b × R-1modp
Step:
Step 1, T=a0b0
Step 2, m=(t0n′0)mod2D;
Step 3, T=(T+mn0) > > D;
Step 4, T=T+a0b1+a1b0+mn1;
Step 5, m=(t0n′0)mod2D;
Step 6, T=(T+mn0) > > D;
Step 7, c=(T+a1b1+mn1)modp.
By the step of realizing in the description of above-mentioned algorithm, a modular multiplication was originally completed on prime field, can
To be converted into the multiplying of simply low precision several times.Therefore can effectively reduce the computing week of original prime field multiplying
Phase, improve the arithmetic speed of SM2 digital signature authentication computing.But it is based on above-mentioned Montgomery multiplying, the present invention is
By FPGA programming realization, need to take more fpga logic resources.Therefore under Jacobi coordinate system, realize SM2 numeral
Signature verification computing, fpga chip area is big compared with the realization under affine coordinate system.Below under Jacobi coordinate system, SM2 number
The situation of realizing of word signature verification arithmetic element illustrates.
The realization of SM2 signature verification arithmetic element under Jacobi Coordinate system
Fig. 5 be the embodiment of the present invention Jacobi Coordinate system under SM2 signature verification arithmetic element realize schematic diagram, such as Fig. 5
Shown, contrast with Fig. 4, the main distinction is:
1st, increased coordinate transferring, sat to Jacobi from affine coordinate system for the point coordinate data on elliptic curve
The conversion of mark system, the point data of data register mainly in SM2 controller, first finished after conversion by coordinate transferring, then
Write SM2 arithmetic element, calculates and point plus calculating for putting again;
2nd, in Fig. 5, point calculates and point adds calculating and all completes under Jacobi Coordinate system again, and it is to bottom arithmetic element
Call number significantly reduce, particularly prime field division and multiplying are called;
3rd, in Fig. 5, replace original prime field multiplying with Montgomery multiplying module, can effectively improve
System operations speed.
Each several part shown in Fig. 5, its function and module are realized, substantially same as shown in Figure 4, will not be described here.
It should be noted that comprising DSP resource inside the fpga chip of certain model, these DSP resources are through optimizing
Multiply-accumulate module, DSP quantity allow under conditions of, using DSP realize simply low precision multiplying, be better than
The internal general multiplier of fpga chip.
Therefore by using abundant DSP resource inside fpga chip, can be to low essence in Montgomery multiplying
Degree multiplication calculates makees further hardware optimization.Utilize the internal DSP substitution of resources original Montgomery computing of fpga chip
Required multiplier.Then the computational efficiency of Montgomery multiplication can improve by about one time, this be also in concrete application demand and
A kind of optimization means under system cost enabled condition.
Table 1 is that M2 algorithm FPGA realizes and its optimize resource efficiency comparing situation, and as shown in table 1, listed FPGA realizes
Mode is mainly:Under affine coordinate system and Jacobi Coordinate system, averagely complete the comparing result of SM2 signature verification calculating.
Including:Affine coordinate system is realized, Jacobi Coordinate system realizes(General multipliers are replaced using 1 times of DSP resource), Jacobi
Coordinate system is realized and prioritization scheme 1(General multipliers are replaced using 1 times of DSP resource, and it is excellent to carry out adder to synthesis tool
Change), Jacobi Coordinate system realize and prioritization scheme 2(Replace general multipliers using 2 times of DSP resources).
Table 1
In sum, by means of the technical scheme of the embodiment of the present invention, sat with Jacobi using affine coordinate system coordinate system
The method of mark system mutually conversion, and make full use of fpga chip resource, can effectively lift the arithmetic speed of SM2 algorithm.This
The implementation method of invention and optimization method, can apply to all kinds of safety certification fields, simultaneously according to specific application scenarios and
Technical need, takes flexible configuration mode, realizes system resource and the reasonable distribution of operation efficiency.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various
Programming language realizes the content of invention described herein, and the description above language-specific done is to disclose this
Bright preferred forms.
In specification mentioned herein, illustrate a large amount of details.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of not having these details.In some instances, known method, structure are not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly it will be appreciated that in order to simplify the disclosure and help understand one or more of each inventive aspect,
Above in the description to the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield more features than the feature being expressly recited in each claim.More precisely, it is such as following
Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
The claims following specific embodiment are thus expressly incorporated in this specific embodiment, wherein each claim itself
All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that and the module in the equipment in embodiment can be carried out adaptively
Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list
Unit or assembly be combined into a module or unit or assembly, and can be divided in addition multiple submodule or subelement or
Sub-component.In addition to such feature and/or at least some of process or unit exclude each other, can adopt any
Combination is to this specification(Including adjoint claim, summary and accompanying drawing)Disclosed in all features and so disclosed
Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification(Including adjoint power
Profit requires, makes a summary and accompanying drawing)Disclosed in each feature can carry out generation by the alternative features providing identical, equivalent or similar purpose
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint
One of meaning can in any combination mode using.
The all parts embodiment of the present invention can be realized with hardware, or to run on one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor(DSP)To realize according to embodiments of the present invention calculating for SM2 digital signature authentication
The some or all functions of some or all parts in the fpga chip of method.The present invention is also implemented as executing
Some or all equipment of method as described herein or program of device(For example, computer program and computer journey
Sequence product).Such program realizing the present invention can store on a computer-readable medium, or can have one or
The form of multiple signals.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or
There is provided with any other form.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can come real by means of the hardware including some different elements and by means of properly programmed computer
Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
Claims (9)
1. a kind of fpga chip for SM2 digital signature verification algorithm is it is characterised in that include:
System bus interface, for being communicated with the external system of described fpga chip, obtains SM2 number from described external system
Parameter data needed for word signature verification, and write described SM2 controller, the control receiving described external system transmission disappears
Breath, working condition query messages and operation result query messages, and it is sent to described SM2 controller;
SM2 controller, is connected with described system bus interface and described SM2 arithmetic element, for being touched according to described control message
Send out SM2 arithmetic element described, after receiving described working condition query messages and described operation result query messages, by institute
State working condition and the result that system bus interface sends described SM2 arithmetic element to described external system;
SM2 arithmetic element, under the triggering of described SM2 controller, reading this SM2 numeral from described SM2 controller
Parameter data needed for signature verification, carries out carrying out checking calculating according to described SM2 digital signature verification algorithm, will checking knot
Fruit is sent to described SM2 controller;
Described SM2 arithmetic element specifically includes:
Coordinate transferring, for being carried out turning to Jacobi Coordinate system from affine coordinate system to the point coordinate data on elliptic curve
Change;
Second state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is carried out with described SM2 controller
Communication;
Second mould adds computing module, for complete under Jacobi Coordinate system the t=in SM2 digital signature verification algorithm (r '+
S ') modn calculating, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates the summary of message
ValueHv() is digest calculations function,Represent the splicing of former and later two character strings, n is
The rank of elliptic curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
Second point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division
Under the support of computing, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under Jacobi Coordinate systemA, wherein, G
It is the basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) equation two
Individual element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PAIt is
Refer to PAT ' times of point;
Second point adds computing module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division
Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under Jacobi Coordinate systemATwo points
Point add operation, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
2. fpga chip as claimed in claim 1 is it is characterised in that described system bus interface includes:Meet universal industrial
The system bus interface of bus standard;Or meet the system bus interface of User Defined bus inferface protocol.
3. fpga chip as claimed in claim 1 is it is characterised in that described SM2 controller specifically includes:
Control register, for receiving, by described system bus interface, the described control message that described external system sends
In the case of, according to described control message, started by the described SM2 arithmetic element of SM2 enabling signal triggering, resetted by SM2
The described SM2 arithmetic element of signal triggering resets;
Data register, for receiving, by described system bus interface, this SM2 digital signature that described external system sends
The required parameter data of checking, and stored, after described control register resets described SM2 arithmetic element, empty this
Parameter data needed for secondary SM2 digital signature authentication;
Status register, for, in the case of receiving described working condition query messages, inquiring about described SM2 arithmetic element
Working condition, and described working condition is sent to by described external system by described system bus interface;Described in proactive notification
SM2 arithmetic element described in external system has completed this SM2 digital signature authentication;Receiving described operation result query messages
In the case of, send the result of this SM2 digital signature authentication to described external system by described system bus interface.
4. fpga chip as claimed in claim 1 it is characterised in that or, described SM2 arithmetic element specifically includes:
First state machine module, is used for carrying out SM2 digital signature authentication computing Row control, and is carried out with described SM2 controller
Communication;
First mould adds computing module, for completing the t=(r '+s ') in SM2 digital signature verification algorithm under affine coordinate system
The calculating of modn, and R=(e '+x1') calculating of modn, wherein, (r '+s ') is signature code word, calculates the digest value of messageHv() is digest calculations function," | | " represents the splicing of former and later two character strings, and n is ellipse
The rank of circular curve, x1' it is one of elliptic curve point (x ', y ') coordinate element;
First point doubling module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division
Under the support of computing, calculate [s '] G and [t '] P in SM2 digital signature verification algorithm under affine coordinate systemA, wherein, G is
The basic point of elliptic curve, G=(xG,yG) (G ≠ O), xGAnd yGIt is FpIn two elements, elliptic curve E (Fq) two of equation
Element a, b ∈ Fq、PAIt is client public key, is also a point on elliptic curve, [s '] G refers to s ' times of point of G, [t '] PARefer to
PAT ' times of point;
First point add operation module, in bottom prime field signed magnitude arithmetic(al), prime field multiplying and prime field division
Under the support of computing, complete [s '] G in SM2 digital signature verification algorithm and [t '] P under affine coordinate systemAThe point of two points
Plus computing, i.e. (x ', y ')=[s '] G+ [t '] PA, wherein, (x ', y ') is the point on elliptic curve.
5. fpga chip as claimed in claim 4 it is characterised in that described first state machine module specifically for:
Read this parameter data needed for SM2 digital signature authentication in described SM2 controller;
Receive the described SM2 enabling signal that described SM2 controller sends, start described SM2 arithmetic element;
According to the computing process invocation of SM2 digital signature verification algorithm the first point doubling module, described first point add fortune
Calculate module, described first mould adds computing module, and the parameter data according to needed for this SM2 digital signature authentication is verified
Calculate;
After the completion of this SM2 digital signature authentication, obtain the result, described the result and complement mark are returned to institute
State SM2 controller;
Receive the described SM2 reset signal that described SM2 controller sends, reset described SM2 arithmetic element.
6. fpga chip as claimed in claim 5 it is characterised in that described first state machine module specifically for:
Call described first mould to add computing module and calculate t=(r '+s ') modn;
Described first point doubling module is called to calculate [s '] G and [t '] PA;
Described first point add operation module is called to calculate (x ', y ')=[s '] G+ [t '] PA;
Call described first mould to add computing module and calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, verifies
Pass through, otherwise verify and do not pass through.
7. the fpga chip as described in claim 1 or 4 is it is characterised in that replace with illiteracy brother by described prime field multiplying
Horse profit Montgomery multiplying.
8. fpga chip as claimed in claim 7 is it is characterised in that pass through the digital signal processor in described fpga chip
DSP resource replaces the multiplier needed for described Montgomery multiplying.
9. fpga chip as claimed in claim 1 it is characterised in that described second state machine module specifically for:
Read this parameter data needed for SM2 digital signature authentication in described SM2 controller;
Receive the described SM2 enabling signal that described SM2 controller sends, start described SM2 arithmetic element;
Call described second mould to add computing module and calculate t=(r '+s ') modn;
Described second point doubling module is called to calculate [s '] G and [t '] PA;
Call described second point to add computing module and calculate (x ', y ')=[s '] G+ [t '] PA;
Call described second mould to add computing module and calculate R=(e '+x1') modn, whether checking R=r ' sets up, if setting up, verifies
Pass through, otherwise verify and do not pass through;
After the completion of this SM2 digital signature authentication, obtain the result, described the result and complement mark are returned to institute
State SM2 controller;
Receive the described SM2 reset signal that described SM2 controller sends, reset described SM2 arithmetic element.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210540967.XA CN103049710B (en) | 2012-12-13 | 2012-12-13 | Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210540967.XA CN103049710B (en) | 2012-12-13 | 2012-12-13 | Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103049710A CN103049710A (en) | 2013-04-17 |
CN103049710B true CN103049710B (en) | 2017-02-08 |
Family
ID=48062343
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210540967.XA Active CN103049710B (en) | 2012-12-13 | 2012-12-13 | Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103049710B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103888246A (en) * | 2014-03-10 | 2014-06-25 | 深圳华视微电子有限公司 | Low-energy-consumption small-area data processing method and data processing device thereof |
CN106789078A (en) * | 2016-12-29 | 2017-05-31 | 记忆科技(深圳)有限公司 | A kind of digital signature identification system based on ahb bus |
CN107026859A (en) * | 2017-03-31 | 2017-08-08 | 西安电子科技大学 | A kind of safe transmission method of privacy cloud medical data |
US10505744B2 (en) * | 2017-06-29 | 2019-12-10 | Intel Corporation | Technologies for robust computation of elliptic curve digital signatures |
CN108322308B (en) * | 2017-12-14 | 2021-01-12 | 天津津航计算技术研究所 | Hardware implementation system of digital signature algorithm for identity authentication |
CN109977702B (en) * | 2019-04-08 | 2023-08-04 | 成都靖尧通信技术有限公司 | FPGA equipment encryption authentication system based on DS2432 chip |
US11323268B2 (en) * | 2019-06-28 | 2022-05-03 | Intel Corporation | Digital signature verification engine for reconfigurable circuit devices |
CN113055189B (en) * | 2021-06-02 | 2021-08-10 | 工业信息安全(四川)创新中心有限公司 | SM2 digital signature verification failure reason judgment method, device, equipment and medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1700641A (en) * | 2004-03-18 | 2005-11-23 | 株式会社东芝 | Digital signature assurance system, method, program and apparatus |
CN102104482A (en) * | 2009-12-21 | 2011-06-22 | 上海华虹集成电路有限责任公司 | Method for infinity point representation under affine coordinate system in elliptic curve cryptosystem |
CN102737270A (en) * | 2011-04-15 | 2012-10-17 | 航天信息股份有限公司 | Security co-processor of bank smart card chip based on domestic algorithms |
CN102761413A (en) * | 2011-04-27 | 2012-10-31 | 航天信息股份有限公司 | Implementation system of p-element domain SM2 elliptic curve public key cryptographic algorithm |
-
2012
- 2012-12-13 CN CN201210540967.XA patent/CN103049710B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1700641A (en) * | 2004-03-18 | 2005-11-23 | 株式会社东芝 | Digital signature assurance system, method, program and apparatus |
CN102104482A (en) * | 2009-12-21 | 2011-06-22 | 上海华虹集成电路有限责任公司 | Method for infinity point representation under affine coordinate system in elliptic curve cryptosystem |
CN102737270A (en) * | 2011-04-15 | 2012-10-17 | 航天信息股份有限公司 | Security co-processor of bank smart card chip based on domestic algorithms |
CN102761413A (en) * | 2011-04-27 | 2012-10-31 | 航天信息股份有限公司 | Implementation system of p-element domain SM2 elliptic curve public key cryptographic algorithm |
Also Published As
Publication number | Publication date |
---|---|
CN103049710A (en) | 2013-04-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103049710B (en) | Field-programmable gate array (FPGA) chip for SM2 digital signature verification algorithm | |
JP7534024B2 (en) | A system for protecting verification keys from modification and for verifying proofs of correctness | |
US11177957B2 (en) | Hardware security modules for executing zero-knowledge proofs | |
Pan et al. | An efficient elliptic curve cryptography signature server with GPU acceleration | |
CN106105093B (en) | The method and apparatus that elliptic curve point for resisting other channel information leakage is multiplied | |
US8428252B1 (en) | Using multiples above two with running totals in elliptic curve cryptography scalar multiplication acceleration tables | |
CN103970720B (en) | Based on extensive coarseness imbedded reconfigurable system and its processing method | |
CN104579656A (en) | Hardware acceleration coprocessor for elliptic curve public key cryptosystem SM2 algorithm | |
CN108063758A (en) | For the node in the signature verification method of block chain network and block chain network | |
Kudithi | An efficient hardware implementation of the elliptic curve cryptographic processor over prime field | |
CN104461449A (en) | Large integer multiplication realizing method and device based on vector instructions | |
CN107135078B (en) | PBKDF2 cryptographic algorithm acceleration method and device used thereby | |
CN103942031A (en) | Elliptic domain curve operational method and elliptic domain curve arithmetic unit | |
CN103761068A (en) | Optimized Montgomery modular multiplication method, optimized modular square method and optimized modular multiplication hardware | |
CN108228754A (en) | flow generation method and terminal device | |
Pajuelo-Holguera et al. | Fast montgomery modular multiplier using FPGAs | |
US12047514B2 (en) | Digital signature verification engine for reconfigurable circuit devices | |
CN117882334A (en) | Efficient hybridization of classical and postquantum signatures | |
CN109144472B (en) | Scalar multiplication of binary extended field elliptic curve and implementation circuit thereof | |
Le et al. | Mrsa: A high-efficiency multi romix scrypt accelerator for cryptocurrency mining and data security | |
WO2021164047A1 (en) | Zero knowledge proof hardware accelerator and the method thereof | |
CN103107879A (en) | RAS accelerator | |
CN102135871B (en) | Device for generating random number by using chaos theory and dynamic password token thereof | |
CN104298897A (en) | Embedded copyright authentication method based on chaos technology and special processor | |
CN103198258B (en) | The method of compound system and transmission data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |