密码学报2024,Vol.11Issue(6) :1354-1369.DOI:10.13868/j.cnki.jcr.000741

低功耗软硬结合SM2算法实现

Implementation of Low-Power Software and Hardware Combination for SM2 Algorithm

孔团结 郑昉昱 郭润 荆继武 张子昂
密码学报2024,Vol.11Issue(6) :1354-1369.DOI:10.13868/j.cnki.jcr.000741
  • 国家科技期刊平台
  • NETL
  • NSTL
  • 万方数据

低功耗软硬结合SM2算法实现

Implementation of Low-Power Software and Hardware Combination for SM2 Algorithm

孔团结 1郑昉昱 1郭润 1荆继武 1张子昂1
扫码查看

作者信息

  • 1. 中国科学院大学 密码学院,北京 100049
  • 折叠

摘要

本文提出一种低功耗软硬结合 SM2 算法实现方案,利用低功耗处理器 Cortex-M0 调用硬件中SM2 协处理器的功能模块,可以在资源受限的 RFID 设备中实现.为减少 SM2 域运算层的功耗和资源,本文使用 KOM 算法的串行计算和并行计算设计低功耗乘法器,并且优化模约减,合并模加减.在多倍点运算层中采用了固定窗口 NAF 标量乘算法,并对其进行部分改进,该算法在面对 SPA 攻击时既保持了良好的安全性,又通过减少计算量的方式提高了性能,并降低了功耗.本文采用软硬结合的方式来实现Barrett 算法、SM2 签名和验签算法,达到提升整体的性能并降低资源消耗的目标.实验测试结果表明,SM2 协处理器在时钟频率为 50 MHz的条件下,计算任意标量点的速度可达到 0.869 ms/次,且仅消耗了4.9 µJ 的能量.Cortex-M0 和 SM2 协处理器通过软硬件结合方式,签名速度可达 0.98 ms/次,验签速度为 1.74 ms/次.

Abstract

This study proposes a low-power software-hardware combined SM2 algorithm imple-mentation scheme.Utilizing a low-power Cortex-M0 processor to call the functionality module of the SM2 coprocessor in the hardware,it could be realized in RFID of restricted resources.To re-duce the power consumption and resource usage in the SM2 field arithmetic layer,this study designs low-power multipliers using both serial and parallel computations based on the KOM algorithm.Addi-tionally,optimizations such as modular reduction and merging of modular additions and subtractions are applied.In the multiple-point arithmetic layer,a width-w NAF scalar multiplication algorithm is adopted and partially improved,which maintains good security against SPA attacks while improv-ing performance and reducing power consumption by reducing computational complexity.This study adopts a software-hardware combined approach to implement the Barrett algorithm,SM2 signature,and verification algorithm,aiming to improve overall performance and reduce resource consumption.Experimental test results show that the SM2 coprocessor can compute arbitrary scalar points at a speed of 0.869 ms per calculation with a clock frequency of 50 MHz,consuming only 4.9µJ of energy.Through the software-hardware combination of Cortex-M0 and the SM2 coprocessor,the signature speed reaches 0.98 ms per calculation,and the verification speed is 1.74 ms per calculation.

关键词

RFID/SM2算法/软硬件结合/低功耗

Key words

RFID/SM2/hardware and software/low power

引用本文复制引用

出版年

2024
密码学报
中国密码学会,北京信息科学技术研究院,中国科学技术出版社

密码学报

CSTPCD北大核心
ISSN:2095-7025
段落导航相关论文