aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPavel V. Shatov (Meister) <meisterpaul1@yandex.ru>2017-09-04 00:57:28 +0300
committerPavel V. Shatov (Meister) <meisterpaul1@yandex.ru>2017-09-04 00:57:28 +0300
commit2be841c2288d86f4703b860c6c14d173ca8c052d (patch)
tree96ff169b71490ab76d8fc3a09c622d0e7dd32668
parent30b2cc57c3b5f0b4c97082e0c0e31e88c28ad5f9 (diff)
Updated the readme file.
-rw-r--r--README.md26
1 files changed, 17 insertions, 9 deletions
diff --git a/README.md b/README.md
index 35532d7..7d6e35c 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ Register bits:
[31:2] Don't care, always read as 0
[1] "next" control bit
[0] "init" control bit
-The core uses Montgomery modular multiplier, that requires precomputation of modulus-dependent speed-up coefficient. Every time a new modulus is loaded into the core, this coefficient must be precalculated before exponentiation can be started. Changing the "init" bit from 0 to 1 starts precomputation. The core is edge-triggered, this way to start another precomputation the bit must be cleared first and then set to 1 again. The "next" control bit works the same way as the "init" bit, changing the bit from 0 to 1 triggers new exponentiation operation. When repeatedly encrypting/signing using the same modulus, precomputation needs to be done only once before the very first exponentiation.
+The core uses Montgomery modular multiplier, that requires precomputation of modulus-dependent speed-up coefficient. Every time a new modulus is loaded into the core, this coefficient must be precalculated before exponentiation can be started. Changing the "init" bit from 0 to 1 starts precomputation. The core is edge-triggered, this way to start another precomputation the bit must be cleared first and then set to 1 again. The "next" control bit works the same way as the "init" bit, changing the bit from 0 to 1 triggers new exponentiation operation. The "init" bit has priority over the "next" bit, if both bits go high at the same time, precomputation will be started. When repeatedly encrypting/signing using the same modulus, precomputation needs to be done only once before the very first exponentiation.
* **STATUS**
Read-only register bits:
@@ -81,18 +81,26 @@ Length of operand buffer in bits. This read-only parameter returns the length of
Length of systolic array in bits. This read-only parameter returns the length of internal systolic multiplier array, it allows SYSTOLIC_ARRAY_POWER compile-time setting to be determined at run-time.
-The second part of the address space contains four operand banks.
+The second part of the address space contains eight operand banks.
Length of each bank (BANK_LENGTH) depends on the largest supported operand width: 0x80 bytes for 1024-bit core (OPERAND_ADDR_WIDTH = 5), 0x100 bytes for 2048-bit core (OPERAND_ADDR_WIDTH = 6), 0x200 bytes for 4096-bit core (OPERAND_ADDR_WIDTH = 7) and so on.
-The offset of the second part is 4 * BANK_LENGTH: 0x200 for 1024-bit core, 0x400 for 2048-bit core, 0x800 for 4096-bit core and so on. The core has the following four banks:
+The offset of the second part is 8 * BANK_LENGTH: 0x400 for 1024-bit core, 0x800 for 2048-bit core, 0x1000 for 4096-bit core and so on. The core has the following eight banks:
-| Offset | Register |
-|-----------------|----------------|
-| 4 * BANK_LENGTH | MODULUS |
-| 5 * BANK_LENGTH | MESSAGE (BASE) |
-| 6 * BANK_LENGTH | EXPONENT |
-| 7 * BANK_LENGTH | RESULT |
+| Offset | Bank |
+|------------------|-----------------------|
+| 8 * BANK_LENGTH | MODULUS |
+| 9 * BANK_LENGTH | MESSAGE (BASE) |
+| 10 * BANK_LENGTH | EXPONENT |
+| 11 * BANK_LENGTH | RESULT |
+| 12 * BANK_LENGTH | MODULUS_COEFF_OUT |
+| 13 * BANK_LENGTH | MODULUS_COEFF_IN |
+| 14 * BANK_LENGTH | MONTGOMERY_FACTOR_OUT |
+| 15 * BANK_LENGTH | MONTGOMERY_FACTOR_IN |
+
+MODULUS, MESSAGE and EXPONENT banks are read-write, the RESULT bank stores the result of the exponentiation and is read-only.
+
+After precomputation the modulus-dependent speed-up coefficient and the Montgomery factor are placed in "output" MODULUS_COEFF_OUT and MONTGOMERY_FACTOR_OUT banks, the two banks are read-only. Before exponentiation corresponding modulus-dependent coefficient and Montgomery factor must be placed in "input" MODULUS_COEFF_IN and MONTGOMERY_FACTOR_IN banks, they are read-write. This split input/output banks design allows precomputed quantities to be retrieved from the core and stored along with the key for later reuse. Note that each key requires three pairs of precomputed numbers: one for the public key and two for each of the secret key components.
## Implementation Details