diff options
| author | Joachim StroĢmbergson <joachim@secworks.se> | 2015-04-27 11:17:08 +0200 |
|---|---|---|
| committer | Joachim StroĢmbergson <joachim@secworks.se> | 2015-04-27 11:17:08 +0200 |
| commit | a315223f98fa6f1fdea2b1080c5f3e33352ebb13 (patch) | |
| tree | 0fb3f6c458df78f58017e9475ff3b0c5cb3b52d0 /README.md | |
| parent | 502f0f429a261628fe5e43582280012541c40804 (diff) | |
Updating modexp core to v 0.50. This version contains a working core that can perform sign and verify with big keys/values. The core builds ok in Altera and Xilinx FPGA tools. This commit also includes a new testgenerator capable of generating testbench for modexp with autgenerated test data of different lengths. The README has been updated with status and implementation results in for different FPGA devices.
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 88 |
1 files changed, 60 insertions, 28 deletions
@@ -4,19 +4,23 @@ modexp Modular exponentiation core for implementing public key algorithms such as RSA, DH, ElGamal etc. -The core calculates the following functions: +The core calculates the following function: C = M ** e mod N - M = C ** d mod N - d is the private key exponent. M is a message with a length of n bits - e is the exponent with a length of at most 32 bits + e is the exponent with a length of m bits N is the modulus with a length of n bits - n is can be 32 and up to and including 8192 bits in steps - of 32 bits. -The core has a 32-bit memory like interface. +The size n be one and up to and including 8192 bits in steps of 32 +bits. + +The size m be one and up to and including 8192 bits in steps of 32 +bits. + +The core has a 32-bit memory like interface, but provides status signals +to inform the system that a given operation has is done. Additionally, +any errors will also be asserted. The core is written in Verilog 2001 and suitable for implementation in FPGA and ASIC devices. No vendor specific macros are used in the code. @@ -24,39 +28,67 @@ FPGA and ASIC devices. No vendor specific macros are used in the code. ## Implementation details ## -The core is using Montgomery multiplication with 32-bit operands. The -core is iterative and will not be the fastest core on the -planet. The residue calculation is done in a separate process and the -calculated residue can be extracted and loaded by the application to -improve performance. +The core is iterative with 32-bit operands and not the fastest core on +the planet. + + +## Future developments ## -The core will perform blinding to protect against side channel -attacks. +- The core will perform blinding to protect against side channel + attacks. + +- Increased operands to 64-, 128-, or possibly even 256 bits for + increased performance. ## FPGA-results ## -No results yet. +## Altera Cyclone-V ### + +- 203 registers +- 387 ALMs +- 106496 block memory bits +- 107 MHz + + +### Xilinx Artix-7 100T ### + +- 160 registers +- 565 LUTs +- 13 RAMB18E1 block memories +- 160 MHz + +### Xilinx Spartan-6 LX45 ### + +- 169 registers +- 589 LUTs +- 13 RAMB8BWER block memories +- 136 MHz ## Status ## -***(2015-04-20)*** +***(2015-04-27)*** + +Modexp simulation with exponent and modolus with up to 1280 bits +simulates. The auto test generation system works. Implementation in +different FPGA types and vendors works. + + +***(2015-04-23)*** + +The Montgomery multiplication module works. The Residue calculation +module works. Top level integration and debugging is onging. The core +does not yet work and there are dragons to be found. -The Montgomery calculator has been implemented and debugged. The residue -calculator has been implemeted and debugged. The top level is being -developed and debugged. +***(2014-12-07)*** -***(2015-03-13)*** +Renamed the core tom modexp from rsa to make it more clear that it +provides generic modular exponentiation, not RSA. -A working, bit exact C model with test cases has been developed and is -used to drive the HW development. There is also a Java functional model -available as support for high level undertanding. -Development of the Montgomery product module started. Top level modexp -module with memories for all operands are being worked on. +***(2014-10-01)*** -The Montgomery calculator has been implemented and debugged. The residue -calculator has been implemeted and debugged. The top level is being -developed and debugged. +Very early phase. Started to collect information and drawing some rough +ideas on paper. |