低功耗嵌入式平台的SM2国密算法优化实现

doi:10.11959/j.issn.2096-109x.2022080

Abstract

Abstract:

With the development of wireless communication technology and the popularization of intelligent terminals, more and more cryptographic algorithms are applied to IoT devices to ensure the security of communication and data.Among them, the SM2 elliptic curve public key cryptography proposed by the State Cryptography Administration is an elliptic curve public key cryptography algorithm developed domestically, which has the advantages of high security and short key.SM2 has been widely deployed in various communication systems and is used in essential parts such as identity authentication and key negotiation.However, since SM2 involves large integer operations on finite fields, the computational cost is high, and its execution on a low-power embedded platform seriously affects the user experience.Therefore, an efficient implementation scheme of SM2 algorithm for low-power embedded platform was proposed for ARM-m series processors.Specifically, Thumb-2 instruction set was adopted to handle carry and save addressing cycles, basic operations such as modulo addition and sub-traction of large integers were optimized, and the number of available registers on the platform was combined to build efficient basic operations.Besides, based on the short multiplication and accumulation instruction cycle of ARM-m series processors, the implementation of Montgomery multiplication was optimized, and an efficient modular multiplication scheme was designed in combination with the CIOS algorithm.The scheme was no longer limited to Mersenne primes, and greatly improved the speed and flexibility of modular multiplication.Based on the theoretical analysis and experimental test, the window length selection method of the multiple point-scalar multiplication wNAF sliding window method on the embedded platform was given.The experimental test results show that the proposed scheme can effectively improve the computational efficiency of the SM2 algorithm on the resource-constrained low-power embedded platform.Without pre-calculation, the test signature speed can reach 0.204s/time, the signature verification speed is 0.388s/time, the encryption speed is 0.415s/time, and the decryption speed is 0.197s/time.

Key words: information security, elliptic curve cryptosystem, SM2, embedded platform, optimization

CLC Number:

TP393

Ganqin LIU, Hui LI, Hui ZHU, Yukun HUANG, Xingdong LIU. Public key cryptographic algorithm SM2 optimized implementation on low power embedded platform[J]. Chinese Journal of Network and Information Security, 2022, 8(6): 29-38.

Figures/Tables 11

References 29

[1]	国家密码管理局. SM2 椭圆曲线公钥密码算法第 1 部分:总则:GM/T 0003.1-2012[S]. 北京:中国标准出版社, 2012:8.
	State Cryptography Administration. SM2 elliptic curve public key cryptography algorithm part 1:general provisions:GM/T 0003.1-2012[S]. 8 Beijing:China Standard Press, 2012:8.
[2]	罗玙榕, 曹进, 李晖 ,等. 基于SM2联合签名的电子发票公开验证方案[J]. 网络与信息安全学报, 2022,8(2): 122-131.
	LUO Y R , CAO J , LI H ,et al. Electronic invoice public verification scheme based on SM2 joint signature[J]. Journal of Network and Information Security, 2022,8(2): 122-131.
[3]	陈锋, 邹洪, 吴亚楠 ,等. 基于SM2密码体系的电力信息安全监控系统设计[J]. 电子设计工程, 2022,30(5): 100-103,108.
	CHEN F , ZOU H , WU Y N ,et al. Design of power information security monitoring system based on sm2 cipher system[J]. Electronic Design Engineering, 2022,30(5): 100-103,108.
[4]	程朝辉 . 基于SM2的无证书加密算法[J]. 密码学报, 2021,8(1): 87-95.
	CHENG C H . Certificateless encryption algorithm based on SM2[J]. Journal of Cryptography, 2021,8(1): 87-95.
[5]	MONTGOMERY P L . Modular multiplication without trial division[J]. Mathematics of Computation, 1985,44(170): 519-521.
[6]	KOC C , ACAR T , JR B . Analyzing and comparing montgomery multiplication algorithms[J]. Micro,IEEE, 1996,16(3): 26-33.
[7]	SOLINAS J A . Generalized mersenne numbers[M]. Faculty of Mathematics,University of Waterloo, 1999.
[8]	PARIHAR A , NAKHATE S . High-speed high-throughput VLSI Architecture for RSA montgomery modular multiplication with efficient format conversion[J]. Journal of the Institution of Engineers (India) Series B, 2019,100(2): 217-222.
[9]	RAHMAN M S , HOSSAIN M S , RAHAT E H ,et al. Efficient hardware implementation of 256-bit ECC processor over prime field[C]// 2019 International Conference on Electrical,Computer and Communication Engineering (ECCE). 2019: 1-6.
[10]	王腾飞, 张海峰, 许森 . SM2专用指令协处理器设计与实现[J]. 计算机工程与应用, 2022,58(2): 102-109.
	WANG T F , ZHANG H F , XU S . Design and implementation of SM2 special instruction coprocessor[J]. Computer Engineering and Applications, 2022,58(2): 102-109.
[11]	DING J N , LI S G , GU Z . High-speed ECC processor over NIST prime fields applied with toom–cook multiplication[J]. IEEE Transactions on Circuits and Systems I, 2019,66(3): 1003-1016.
[12]	李斌, 周清雷, 陈晓杰 ,等. 可重构的素域SM2算法优化方法[J]. 通信学报, 2022,43(3): 30-41.
	LI B , ZHOU Q L , CHEN X J ,et al. Optimization of reconfigurable SM2 algorithm over prime field[J]. Journal of Communication, 2022,43(3): 30-41.
[13]	HOSSAIN M S , KONG Y . High-performance FPGA implementation of modular inversion over F_256 for elliptic curve cryptography[C]// 2015 IEEE International Conference on Data Science and Data Intensive Systems. 2015: 169-174.
[14]	ZHOU L , SU C , HU Z ,et al. Lightweight implementations of NIST P-256 and SM2 ECC on 8-bit resource-constraint embedded device[J]. ACM Transactions on Embedded Computing Systems (TECS), 2019,18(3): 1-13.
[15]	朱辉, 黄煜坤, 王枫为 ,等. 一种基于图形处理器的高吞吐量SM2 数字签名计算方案[J]. 电子与信息学报, 2022,44(10): 1-10.
	ZHU H , HUANG Y K , WANG F W ,et al. A high throughput SM2 digital signature computing scheme based on graphics processor[J]. Journal of Electronics and Information Technology, 2022,44(10): 1-10.
[16]	LONGA P , GEBOTYS C . Efficient techniques for high-speed elliptic curve cryptography[C]// International Workshop on Cryptographic Hardware and Embedded Systems. Heidelberg, 2010: 80-94.
[17]	COHEN H , MIYAJI A , ONO T . Efficient elliptic curve exponentiation using mixed coordinates[C]// International Conference on the Theory and Application of Cryptology and Information Security. 1998: 51-65.
[18]	SETIADI I , KISTIJANTORO A I , MIYAJI A . Elliptic curve cryptography:Algorithms and implementation analysis over coordinate systems[C]// 2015 2nd International Conference on Advanced Informatics:Concepts,Theory and Applications (ICAICTA). 2015: 1-6.
[19]	LONGA P , MIRI A . Fast and flexible elliptic curve point arithmetic over prime fields[J]. IEEE Transactions on Computers, 2008,57(3): 289-302.
[20]	HANKERSON D , MENEZES A J , VANSTONE S . Guide to elliptic curve cryptography[M]. Springer Science ＆ Business Media, 2006.
[21]	ISLAM M M , HOSSAIN M S , HASAN M K ,et al. FPGA implementation of high-speed area-efficient processor for elliptic curve point multiplication over prime field[J]. IEEE Access, 2019,7: 178811-178826.
[22]	国家密码管理局. SM3 密码杂凑算法:GMT 0004.4-2012[S]. 北京:中国标准出版社, 2012:8.
	National Cryptography Administration. SM3 password hashing algorithm:GMT 0004.4-2012[S]. Beijing:Standards Press of China, 2012:8.
[23]	RIVAIN M . Fast and regular algorithms for scalar multiplication over elliptic curves[J]. Cryptology ePrint Archive, 2011.
[24]	GURA N , Patel A , Wander A ,et al. Comparing elliptic curve cryptography and RSA on 8-bit CPUs[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2004: 119-132.
[25]	Advanced Micro Devices,Inc. AMD graphic core next[R]. Advanced Micro Devices,Inc, 2011.
[26]	DUSSE S R , KALISKI B S . A cryptographic library for the Motorola DSP56000[C]// Workshop on the Theory and Application of Cryptographic Techniques. 1990: 230-244.
[27]	MUIR J , STINSON D . Minimality and other properties of the width-? nonadjacent form[J]. Mathematics of Computation, 2006,75(253): 369-384.
[28]	国家密码管理局. SM2椭圆曲线公钥密码算法第5部分:参数定义:GMT 0003.4-2012[S]. 北京:中国标准出版社, 2012.
	National Cryptography Administration. SM2 Elliptic curve public key cryptography algorithm Part 5:Parameter definition:GMT 0003.4-2012[S]. Beijing:Standards Press of China, 2012.
[29]	闫闵 . 基于GPU的SM2数字签名和验证算法的快速实现与优化[D]. 上海:上海交通大学, 2020.
	YAN M . Fast implementation and optimization of SM2 digital signature and verification algorithm based on GPU[D]. Shanghai:Shanghai Jiaotong University, 2020.

Metrics

Recommended 0

No Suggested Reading articles found!

指令	说明
LDMIA/STMIA Rn <reg list>	从指定存储器位置读取/写入多
	个字到reg list给出的寄存器列
	表中
CMP Ra,Rb	比较两寄存器内容并修改标
	志位
ADDS/SUBS Ra,Rb,Rc	Ra=Rb+/-Rc，修改标志位
ADD/SUB Ra,Rb,Rc	Ra=Rb+/-Rc，不修改标志位
ADCS/SBCS Ra,Rb,Rc	Ra=Rb+/-Rc+/-进位/借位，修改
	标志位
LDR Ra,[Rb,#immed]	将 Rb 中地址偏移量为 immed
	的字加载到Ra
UMLAL RdLo,RdHi,Rn,Rm	{RdHi,RdLo}+=Rn*Rm
EOR Rd,Rn	将Rd与Rn按位异或结果保存
	在Rd

寄存器	功能
r0~r2	x、y、p地址
r3	当前操作数
r4~r11	指令LDMIA加载的256位变量
r12	临时存放r3操作数，模减时使用

窗口长度w	预计算阶段计算量	乘法阶段计算量	总计算量
2	A+D	86A+256D	87A+257D
3	3A+D	64A+256D	67A+257D
4	7A+D	52A+256D	59A+257D
5	15A+D	43A+256D	58A+257D
6	31A+D	37A+256D	68A+257D
7	63A+D	32A+256D	95A+257D
注：A代表点加运算，D代表倍点运算

方法	约占运行时间总比例	耗时/ms	平均每次耗时/μs
本文	2%	51.972	1.175 8
LibTomMath库	6%	177.628	4.018 7

模乘算法	SM2签名时间/s	SM2验签时间/s	SM2加密时间/s	SM2解密时间/s
蒙哥马利乘法^[5]	0.652 8	1.293 8	1.276 3	0.649 0
文献[29]	0.412 9	0.810 5	0.807 0	0.410 3
梅森素数法^[12]	0.219 9	0.422 0	0.429 2	0.218 2
SOS^[6]	0.258 1	0.498 8	0.503 9	0.256 1
FIOS^[6]	0.369 6	0.722 4	0.722 1	0.367 1
本文	0.207 2	0.396 4	0.404 4	0.205 5

Public key cryptographic algorithm SM2 optimized implementation on low power embedded platform

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 11

References 29

Related Articles 15

Metrics

Recommended 0

多倍点标量乘法算法	预计算时间占比	预计算耗时/s	标量乘法耗时/s
二进制展开	0%	0	255.418
滑动窗（w=5）	7.6%	14.976	196.451
滑动窗（w=4）	3.7%	7.253	196.944
wNAF（w=5）	7.7%	14.951	194.268
wNAF（w=4）	3.8%	7.272	192.161

[1]	Xiangdong HU, Lingling TANG. Method on intrusion detection for industrial internet based on light gradient boosting machine [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 46-55.
[2]	Xue BAI, Baodong QIN, Rui GUO, Dong ZHENG. Two-party cooperative blind signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 39-51.
[3]	Jun LIU, Lin YUAN, Zhishang FENG. Survey of key management schemes for cluster networks [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 52-69.
[4]	Rongna XIE, Zhuhong MA, Zongyu LI, Ye TIAN. Encrypted traffic classification method based on convolutional neural network [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 84-91.
[5]	Yi XIA, Mingjng LAN, Xiaohui CHEN, Junyong LUO, Gang ZHOU, Peng HE. Survey on explainable knowledge graph reasoning methods [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 1-25.
[6]	Mingying ZHANG, Bing HUA, Yuguang ZHANG, Haidong LI, Mohong ZHENG. Robust reinforcement learning algorithm based on pigeon-inspired optimization [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 66-74.
[7]	Baoqin ZHAI, Jian WANG, Lei HAN, Jiqiang LIU, Jiahao HE, Tianhao LIU. Hierarchical proxy consensus optimization for IoV based on blockchain and trust value [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 142-153.
[8]	Rongna XIE, Xiaonan FAN, Lin YUAN, Zichen GUO, Jiayu ZHU, Guozhen SHI. Research on extended access control mechanism in online social network [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 123-131.
[9]	Pei CHEN, Fenghua LI, Zifu LI, Yunchuan GUO, Lin CHENG. Using rule association to generate data collection policies [J]. Chinese Journal of Network and Information Security, 2021, 7(5): 132-148.
[10]	Wenchao WU, Zhiyu REN, Xuehui DU. Permission clustering-based attribute value optimization [J]. Chinese Journal of Network and Information Security, 2021, 7(4): 175-182.
[11]	Tao WANG, Hongchang CHEN. Multi-objective optimization placement strategy for SDN security controller considering Byzantine attributes [J]. Chinese Journal of Network and Information Security, 2021, 7(3): 72-84.
[12]	Jin LI, Jin CAO, Yueyu ZHANG, Meiru ZHANG, Hui LI. Reverse teaching design of curriculum ideological and political in information security major—Take the wireless communication network security course of Xidian University as an example [J]. Chinese Journal of Network and Information Security, 2021, 7(3): 166-174.
[13]	Qi CAO, Shuhua RUAN, Xingshu CHEN, Xiao LAN, Hongxia ZHANG, Hongjian JIN. Embedding of national cryptographic algorithm in Hyperledger Fabric [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 65-75.
[14]	Guojie LIU,Jianbiao ZHANG. TPCM-based trusted PXE boot method for servers [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 105-111.
[15]	Qiao HU,Yupeng HU,Xin LIAO,Zheng QIN,Jianhua SUN,Jiliang ZHANG. Investigation,analysis and improvement mentality of the revision on information security’s training program to undergraduates in Hunan University [J]. Chinese Journal of Network and Information Security, 2020, 6(4): 153-158.