OpenCores
URL https://opencores.org/ocsvn/ecg/ecg/trunk

Subversion Repositories ecg

[/] [ecg/] [trunk/] [rtl/] [ecg.v] - Blame information for rev 5

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 5 homer.xing 
/*
2 
    Copyright 2011, City University of Hong Kong
3 
    Author is Homer (Dongsheng) Xing.
4 
 
5 
    This file is part of Elliptic Curve Group Core.
6 
 
7 
    Elliptic Curve Group Core is free software: you can redistribute it and/or modify
8 
    it under the terms of the GNU Lesser General Public License as published by
9 
    the Free Software Foundation, either version 3 of the License, or
10 
    (at your option) any later version.
11 
 
12 
    Elliptic Curve Group Core is distributed in the hope that it will be useful,
13 
    but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
    GNU Lesser General Public License for more details.
16 
 
17 
    You should have received a copy of the GNU General Public License
18 
    along with Elliptic Curve Group Core.  If not, see http://www.gnu.org/licenses/lgpl.txt
19 
*/
20 
 
21 2 homer.xing 
`include "inc.v"
22 5 homer.xing 
`define SCALAR_WIDTH (151-1) // the width for the scalar value
23 2 homer.xing 
 
24 5 homer.xing 
/* point scalar multiplication on the elliptic curve $y^2=x^3-x+1$ over a Galois field GF(3^M)
25 
 * whose irreducible polynomial is $x^97 + x^12 + 2$. */
26 
/* $P3(x3,y3) == c \cdot P1(x1,y1)$ */
27 
module point_scalar_mult(clk, reset, x1, y1, zero1, c, done, x3, y3, zero3);
28 
    input clk, reset;
29 
    input [`WIDTH:0] x1, y1;
30 
    input zero1;
31 
    input [`SCALAR_WIDTH:0] c;
32 
    output reg done;
33 
    output reg [`WIDTH:0] x3, y3;
34 
    output reg zero3;
35 
 
36 
    reg [`WIDTH:0] x2, y2; reg zero2; // the result
37 
    wire [`WIDTH:0] x4, y4; wire zero4;
38 
    wire [`WIDTH:0] x5, y5; wire zero5;
39 
    reg [`SCALAR_WIDTH   : 0] k; // the scalar value
40 
    reg [`SCALAR_WIDTH+1 : 0] i; // the counter
41 
    reg op;
42 
    wire p, p2, rst, done1;
43 
 
44 
    assign x4    = (~op) ? x2    : (k[`SCALAR_WIDTH]?x1:0);
45 
    assign y4    = (~op) ? y2    : (k[`SCALAR_WIDTH]?y1:0);
46 
    assign zero4 = (~op) ? zero2 : (k[`SCALAR_WIDTH]?zero1:1);
47 
    assign rst   = reset | p2 ;
48 
 
49 
    point_add
50 
        ins1 (clk, rst, x2, y2, zero2, x4, y4, zero4, done1, x5, y5, zero5);
51 
    func6
52 
        ins2 (clk, reset, done1, p),
53 
        ins3 (clk, reset, p, p2);
54 
 
55 
    always @ (posedge clk)
56 
        if (reset) i <= 1;
57 
        else if ((op & p) | i[`SCALAR_WIDTH+1]) i <= i << 1;
58 
 
59 
    always @ (posedge clk)
60 
        if (reset) k <= c;
61 
        else if (op & p) k <= k << 1;
62 
 
63 
    always @ (posedge clk)
64 
        if (reset) op <= 0;
65 
        else if (p) op <= ~op;
66 
 
67 
    always @ (posedge clk)
68 
        if (reset)  begin x2 <= 0; y2 <= 0; zero2 <= 1; end
69 
        else if (p) begin x2 <= x5; y2 <= y5; zero2 <= zero5; end
70 
 
71 
    always @ (posedge clk)
72 
        if (reset)  begin x3 <= 0; y3 <= 0; zero3 <= 1; done <= 0; end
73 
        else if (i[`SCALAR_WIDTH+1])
74 
          begin x3 <= x2; y3 <= y2; zero3 <= zero2; done <= 1; end
75 
endmodule
76 
 
77 2 homer.xing 
/* add two points on the elliptic curve $y^2=x^3-x+1$ over a Galois field GF(3^M)
78 
 * whose irreducible polynomial is $x^97 + x^12 + 2$. */
79 
/* $P3(x3,y3) == P1 + P2$ for any points $P1(x1,y1),P2(x2,y2)$ */
80 
module point_add(clk, reset, x1, y1, zero1, x2, y2, zero2, done, x3, y3, zero3);
81 
    input clk, reset;
82 3 homer.xing 
    input [`WIDTH:0] x1, y1; // this guy is $P1$
83 2 homer.xing 
    input zero1; // asserted if P1 == 0
84 3 homer.xing 
    input [`WIDTH:0] x2, y2; // and this guy is $P2$
85 2 homer.xing 
    input zero2; // asserted if P2 == 0
86 
    output reg done;
87 3 homer.xing 
    output reg [`WIDTH:0] x3, y3; // ha ha, this guy is $P3$
88 2 homer.xing 
    output reg zero3; // asserted if P3 == 0
89 3 homer.xing 
    wire [`WIDTH:0] x3a, x3b, x3c,
90 
                    y3a, y3b, y3c,
91 
                    ny2;
92 2 homer.xing 
    wire zero3a,
93 3 homer.xing 
         use1,  // asserted if $ins9$ did the work
94 
         done10, // asserted if $ins10$ finished
95 
         done11,
96 
         cond1,
97 
         cond2,
98 
         cond3,
99 
         cond4,
100 
         cond5;
101 2 homer.xing 
 
102 
    assign use1 = zero1 | zero2;
103 3 homer.xing 
    assign cond1 = (~use1) && cond2 && cond4; // asserted if $P1 == -P2$
104 
    assign cond2 = (x1 == x2);
105 
    assign cond3 = (y1 == y2);
106 
    assign cond4 = (y1 == ny2);
107 
    assign cond5 = (~use1) && cond2 && cond3; // asserted if $P1 == P2$
108 2 homer.xing 
 
109 3 homer.xing 
    f3m_neg
110 
        ins1 (y2, ny2); // ny2 == -y2
111 2 homer.xing 
    func9
112 
        ins9 (x1, y1, zero1, x2, y2, zero2, x3a, y3a, zero3a);
113 
    func10
114 3 homer.xing 
        ins10 (clk, reset, x1, y1, done10, x3b, y3b);
115 
    func11
116 
        ins11 (clk, reset, x1, y1, x2, y2, done11, x3c, y3c);
117 2 homer.xing 
 
118 
    always @ (posedge clk)
119 3 homer.xing 
        if (reset)
120 
            zero3 <= 0;
121 
        else
122 
            zero3 <= (use1 & zero3a) | cond1; // if both of $P1$ and $P2$ are inf point, or $P1 == -P2$, then $P3$ is inf point
123 2 homer.xing 
 
124 
    always @ (posedge clk)
125 
        if (reset)
126 
            done <= 0;
127 
        else
128 3 homer.xing 
            done <= (use1 | cond1) ? 1 : (cond5 ? done10 : done11);
129 2 homer.xing 
 
130 
    always @ (posedge clk)
131 
        if (reset)
132 
          begin
133 
            x3 <= 0; y3 <= 0;
134 
          end
135 
        else
136 
          begin
137 3 homer.xing 
            x3 <= use1 ? x3a : (cond5 ? x3b : x3c);
138 
            y3 <= use1 ? y3a : (cond5 ? y3b : y3c);
139 2 homer.xing 
          end
140 
endmodule
141 
 
142 3 homer.xing 
/* $P3 == P1+P2$ */
143 2 homer.xing 
/* $P1$ and/or $P2$ is the infinite point */
144 
module func9(x1, y1, zero1, x2, y2, zero2, x3, y3, zero3);
145 
    input [`WIDTH:0] x1, y1, x2, y2;
146 
    input zero1; // asserted if P1 == 0
147 
    input zero2; // asserted if P2 == 0
148 
    output [`WIDTH:0] x3, y3;
149 
    output zero3; // asserted if P3 == 0
150 
 
151 
    assign zero3 = zero1 & zero2;
152 
 
153 
    genvar i;
154 
    generate
155 
        for (i=0; i<=`WIDTH; i=i+1)
156 
          begin:label
157 3 homer.xing 
            assign x3[i] = (x2[i] & zero1) | (x1[i] & zero2);
158 
            assign y3[i] = (y2[i] & zero1) | (y1[i] & zero2);
159 2 homer.xing 
          end
160 
    endgenerate
161 
endmodule
162 
 
163 3 homer.xing 
/* $P3 == P1+P2$ */
164 
/* $P1$ or $P2$ is not the infinite point. $P1 == P2$ */
165 
module func10(clk, reset, x1, y1, done, x3, y3);
166 2 homer.xing 
    input clk, reset;
167 3 homer.xing 
    input [`WIDTH:0] x1, y1;
168 
    output reg done;
169 
    output reg [`WIDTH:0] x3, y3;
170 
    wire [`WIDTH:0] v1, v2, v3, v4, v5, v6;
171 
    wire rst2, done1, done2;
172 
    reg [2:0] K;
173 2 homer.xing 
 
174 3 homer.xing 
    f3m_inv
175 
        ins1 (clk, reset, y1, v1, done1); // v1 == inv y1
176 
    f3m_mult
177 
        ins2 (clk, rst2, v1, v1, v2, done2); // v2 == v1^2
178 
    f3m_cubic
179 
        ins3 (v1, v3); // v3 == v1^3
180 
    f3m_add
181 
        ins4 (x1, v2, v4), // v4 == x1+v2 == x1 + (inv y1)^2
182 
        ins5 (y1, v3, v5); // v5 == y1+v3 == y1 + (inv y1)^3
183 
    f3m_neg
184 
        ins6 (v5, v6); // v6 == -[y1 + (inv y1)^3]
185 
    func6
186 
        ins7 (clk, reset, done1, rst2);
187 
 
188 
    always @ (posedge clk)
189 
        if (reset)
190 
            K <= 3'b100;
191 
        else if ((K[2]&rst2)|(K[1]&done2)|K[0])
192 
            K <= K >> 1;
193 
 
194 
    always @ (posedge clk)
195 
        if (reset)
196 
          begin
197 
            done <= 0; x3 <= 0; y3 <= 0;
198 
          end
199 
        else if (K[0])
200 
          begin
201 
            done <= 1; x3 <= v4; y3 <= v6;
202 
          end
203 2 homer.xing 
endmodule
204 3 homer.xing 
 
205 
/* $P3 == P1+P2$ */
206 
/* $P1$ or $P2$ is not the infinite point. $P1 != P2, and P1 != -P2$ */
207 
module func11(clk, reset, x1, y1, x2, y2, done, x3, y3);
208 
    input clk, reset;
209 
    input [`WIDTH:0] x1, y1, x2, y2;
210 
    output reg done;
211 
    output reg [`WIDTH:0] x3, y3;
212 
    wire [`WIDTH:0] v1, v2, v3, v4, v5, v6, v7, v8, v9, v10;
213 
    wire rst2, rst3, done1, done2, done3;
214 
    reg [3:0] K;
215 
 
216 
    f3m_sub
217 
        ins1 (x2, x1, v1), // v1 == x2-x1
218 
        ins2 (y2, y1, v2); // v2 == y2-y1
219 
    f3m_inv
220 
        ins3 (clk, reset, v1, v3, done1); // v3 == inv v1 == inv(x2-x1)
221 
    f3m_mult
222 
        ins4 (clk, rst2, v2, v3, v4, done2), // v4 == v2*v3 == (y2-y1)/(x2-x1)
223 
        ins5 (clk, rst3, v4, v4, v5, done3); // v5 == v4^2
224 
    f3m_cubic
225 
        ins6 (v4, v6); // v6 == v4^3
226 
    f3m_add
227 
        ins7 (x1, x2, v7), // v7 == x1+x2
228 
        ins8 (y1, y2, v8); // v8 == y1+y2
229 
    f3m_sub
230 
        ins9 (v5, v7, v9), // v9 == v5-v7 == v4^2 - (x1+x2)
231 
        ins10 (v8, v6, v10); // v10 == (y1+y2) - v4^3
232 
    func6
233 
        ins11 (clk, reset, done1, rst2),
234 
        ins12 (clk, reset, done2, rst3);
235 
 
236 
    always @ (posedge clk)
237 
        if (reset)
238 
            K <= 4'b1000;
239 
        else if ((K[3]&rst2)|(K[2]&rst3)|(K[1]&done3)|K[0])
240 
            K <= K >> 1;
241 
 
242 
    always @ (posedge clk)
243 
        if (reset)
244 
          begin
245 
            done <= 0; x3 <= 0; y3 <= 0;
246 
          end
247 
        else if (K[0])
248 
          begin
249 
            done <= 1; x3 <= v9; y3 <= v10;
250 
          end
251 
endmodule

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.