OpenCores

* Tate Bilinear Pairing

Project maintainers

Details

Name: pairing
Created: Jan 17, 2012
Updated: Apr 18, 2017
SVN Updated: Mar 4, 2012
SVN: Browse
Latest version: download (might take a bit to start...)
Statistics: View
Bugs: 0 reported / 0 solved
Star1you like it: star it!

Other project properties

Category:Arithmetic core
Language:Verilog
Development status:Stable
Additional info:Design done, FPGA proven, Specification done
WishBone compliant: No
WishBone version: n/a
License: LGPL

Description

The Tate Bilinear Pairing core is specially designed for running Tate bilinear pairing algorithm for hyperelliptic curve $y^2=x^3-x+1$ defined over $GF(3^m)$, where $m=97$ and $GF(3^m)$ is defined by $x^97+x^12+2$.

Generally speaking, The Tate bilinear pairing algorithm is a transformation that takes two points on an elliptic curve and outputs a nonzero element in the extension field $GF(3^{6m})$. Details of the algorithm is in the document.

The core is written in Verilog 2001, and it is carefully optimized for FPGA. For example, input signals are synchronous and sampled at the rising edge of the clock. Output signals are driven by flip-flops, and not directly connected to input signals by combinational logic. There is no latch, and only one clock domain in entire core.

The core runs at 131MHz on the Xilinx Virtex-4 XC4VLX200-11FF1513 FPGA board. It computes one Tate bilinear pairing within 75,839 clock cycles, which is 0.76 milliseconds @ 100MHz clock.

The core uses 49205(27%) LUTs, 35381(39%) slices, 31425(17%) flip-flops of the XC4VLX200-11FF1513 FPGA board.

The core is an open source Tate Bilinear Pairing core, under the license of LGPL version 3.

Technical specification

Specification rev 0.1

Features

- Tate bilinear pairing for hyper-elliptic curve $y^2=x^3-x+1$
- The irreducible polynomial is $x^97+x^12+2$
- Input length is 4*194 bits and output length is 1164 bits
- Fully synchronous design
- Fully synthesize-able
- ONLY ONE clock domain in entire core
- NO latch
- All output signals are buffered
- Vendor independent code

Status

- The core is ready and available in Verilog from OpenCores svn

TODO

- Increase the degree of the irreducible polynomial for improving the security level
- Use a better algorithm for the final exponentiation in $GF(3^{6m})$

About Author

https://www.linkedin.com/in/homerhsing/