OpenCores
URL https://opencores.org/ocsvn/ecg/ecg/trunk

Subversion Repositories ecg

[/] [ecg/] [trunk/] [rtl/] [ecg.v] - Blame information for rev 7

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 5 homer.xing 
/*
2 
    Copyright 2011, City University of Hong Kong
3 
    Author is Homer (Dongsheng) Xing.
4 
 
5 
    This file is part of Elliptic Curve Group Core.
6 
 
7 
    Elliptic Curve Group Core is free software: you can redistribute it and/or modify
8 
    it under the terms of the GNU Lesser General Public License as published by
9 
    the Free Software Foundation, either version 3 of the License, or
10 
    (at your option) any later version.
11 
 
12 
    Elliptic Curve Group Core is distributed in the hope that it will be useful,
13 
    but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
    GNU Lesser General Public License for more details.
16 
 
17 
    You should have received a copy of the GNU General Public License
18 
    along with Elliptic Curve Group Core.  If not, see http://www.gnu.org/licenses/lgpl.txt
19 
*/
20 
 
21 2 homer.xing 
`include "inc.v"
22 
 
23 5 homer.xing 
/* point scalar multiplication on the elliptic curve $y^2=x^3-x+1$ over a Galois field GF(3^M)
24 
 * whose irreducible polynomial is $x^97 + x^12 + 2$. */
25 
/* $P3(x3,y3) == c \cdot P1(x1,y1)$ */
26 
module point_scalar_mult(clk, reset, x1, y1, zero1, c, done, x3, y3, zero3);
27 
    input clk, reset;
28 
    input [`WIDTH:0] x1, y1;
29 
    input zero1;
30 
    input [`SCALAR_WIDTH:0] c;
31 
    output reg done;
32 
    output reg [`WIDTH:0] x3, y3;
33 
    output reg zero3;
34 
 
35 
    reg [`WIDTH:0] x2, y2; reg zero2; // the result
36 7 homer.xing 
    reg [`WIDTH:0] x4, y4; wire zero4;
37 5 homer.xing 
    wire [`WIDTH:0] x5, y5; wire zero5;
38 
    reg [`SCALAR_WIDTH   : 0] k; // the scalar value
39 
    reg [`SCALAR_WIDTH+1 : 0] i; // the counter
40 
    reg op;
41 
    wire p, p2, rst, done1;
42 
 
43 
    assign zero4 = (~op) ? zero2 : (k[`SCALAR_WIDTH]?zero1:1);
44 
    assign rst   = reset | p2 ;
45 
 
46 
    point_add
47 
        ins1 (clk, rst, x2, y2, zero2, x4, y4, zero4, done1, x5, y5, zero5);
48 
    func6
49 
        ins2 (clk, reset, done1, p),
50 
        ins3 (clk, reset, p, p2);
51 
 
52 
    always @ (posedge clk)
53 7 homer.xing 
        if (reset) begin x4 <= 0; y4 <= 0; end
54 
        else
55 
          begin
56 
            x4 <= (~op) ? x2 : (k[`SCALAR_WIDTH]?x1:0);
57 
            y4 <= (~op) ? y2 : (k[`SCALAR_WIDTH]?y1:0);
58 
          end
59 
 
60 
    always @ (posedge clk)
61 5 homer.xing 
        if (reset) i <= 1;
62 
        else if ((op & p) | i[`SCALAR_WIDTH+1]) i <= i << 1;
63 
 
64 
    always @ (posedge clk)
65 
        if (reset) k <= c;
66 
        else if (op & p) k <= k << 1;
67 
 
68 
    always @ (posedge clk)
69 
        if (reset) op <= 0;
70 
        else if (p) op <= ~op;
71 
 
72 
    always @ (posedge clk)
73 
        if (reset)  begin x2 <= 0; y2 <= 0; zero2 <= 1; end
74 
        else if (p) begin x2 <= x5; y2 <= y5; zero2 <= zero5; end
75 
 
76 
    always @ (posedge clk)
77 
        if (reset)  begin x3 <= 0; y3 <= 0; zero3 <= 1; done <= 0; end
78 
        else if (i[`SCALAR_WIDTH+1])
79 
          begin x3 <= x2; y3 <= y2; zero3 <= zero2; done <= 1; end
80 
endmodule
81 
 
82 2 homer.xing 
/* add two points on the elliptic curve $y^2=x^3-x+1$ over a Galois field GF(3^M)
83 
 * whose irreducible polynomial is $x^97 + x^12 + 2$. */
84 
/* $P3(x3,y3) == P1 + P2$ for any points $P1(x1,y1),P2(x2,y2)$ */
85 
module point_add(clk, reset, x1, y1, zero1, x2, y2, zero2, done, x3, y3, zero3);
86 
    input clk, reset;
87 3 homer.xing 
    input [`WIDTH:0] x1, y1; // this guy is $P1$
88 2 homer.xing 
    input zero1; // asserted if P1 == 0
89 3 homer.xing 
    input [`WIDTH:0] x2, y2; // and this guy is $P2$
90 2 homer.xing 
    input zero2; // asserted if P2 == 0
91 
    output reg done;
92 3 homer.xing 
    output reg [`WIDTH:0] x3, y3; // ha ha, this guy is $P3$
93 2 homer.xing 
    output reg zero3; // asserted if P3 == 0
94 3 homer.xing 
    wire [`WIDTH:0] x3a, x3b, x3c,
95 
                    y3a, y3b, y3c,
96 
                    ny2;
97 2 homer.xing 
    wire zero3a,
98 3 homer.xing 
         use1,  // asserted if $ins9$ did the work
99 
         done10, // asserted if $ins10$ finished
100 
         done11,
101 
         cond1,
102 
         cond2,
103 
         cond3,
104 
         cond4,
105 
         cond5;
106 2 homer.xing 
 
107 
    assign use1 = zero1 | zero2;
108 3 homer.xing 
    assign cond1 = (~use1) && cond2 && cond4; // asserted if $P1 == -P2$
109 
    assign cond2 = (x1 == x2);
110 
    assign cond3 = (y1 == y2);
111 
    assign cond4 = (y1 == ny2);
112 
    assign cond5 = (~use1) && cond2 && cond3; // asserted if $P1 == P2$
113 2 homer.xing 
 
114 3 homer.xing 
    f3m_neg
115 
        ins1 (y2, ny2); // ny2 == -y2
116 2 homer.xing 
    func9
117 
        ins9 (x1, y1, zero1, x2, y2, zero2, x3a, y3a, zero3a);
118 
    func10
119 3 homer.xing 
        ins10 (clk, reset, x1, y1, done10, x3b, y3b);
120 
    func11
121 
        ins11 (clk, reset, x1, y1, x2, y2, done11, x3c, y3c);
122 2 homer.xing 
 
123 
    always @ (posedge clk)
124 3 homer.xing 
        if (reset)
125 
            zero3 <= 0;
126 
        else
127 
            zero3 <= (use1 & zero3a) | cond1; // if both of $P1$ and $P2$ are inf point, or $P1 == -P2$, then $P3$ is inf point
128 2 homer.xing 
 
129 
    always @ (posedge clk)
130 
        if (reset)
131 
            done <= 0;
132 
        else
133 3 homer.xing 
            done <= (use1 | cond1) ? 1 : (cond5 ? done10 : done11);
134 2 homer.xing 
 
135 
    always @ (posedge clk)
136 
        if (reset)
137 
          begin
138 
            x3 <= 0; y3 <= 0;
139 
          end
140 
        else
141 
          begin
142 3 homer.xing 
            x3 <= use1 ? x3a : (cond5 ? x3b : x3c);
143 
            y3 <= use1 ? y3a : (cond5 ? y3b : y3c);
144 2 homer.xing 
          end
145 
endmodule
146 
 
147 3 homer.xing 
/* $P3 == P1+P2$ */
148 2 homer.xing 
/* $P1$ and/or $P2$ is the infinite point */
149 
module func9(x1, y1, zero1, x2, y2, zero2, x3, y3, zero3);
150 
    input [`WIDTH:0] x1, y1, x2, y2;
151 
    input zero1; // asserted if P1 == 0
152 
    input zero2; // asserted if P2 == 0
153 
    output [`WIDTH:0] x3, y3;
154 
    output zero3; // asserted if P3 == 0
155 
 
156 
    assign zero3 = zero1 & zero2;
157 
 
158 
    genvar i;
159 
    generate
160 
        for (i=0; i<=`WIDTH; i=i+1)
161 
          begin:label
162 3 homer.xing 
            assign x3[i] = (x2[i] & zero1) | (x1[i] & zero2);
163 
            assign y3[i] = (y2[i] & zero1) | (y1[i] & zero2);
164 2 homer.xing 
          end
165 
    endgenerate
166 
endmodule
167 
 
168 3 homer.xing 
/* $P3 == P1+P2$ */
169 
/* $P1$ or $P2$ is not the infinite point. $P1 == P2$ */
170 
module func10(clk, reset, x1, y1, done, x3, y3);
171 2 homer.xing 
    input clk, reset;
172 3 homer.xing 
    input [`WIDTH:0] x1, y1;
173 
    output reg done;
174 
    output reg [`WIDTH:0] x3, y3;
175 
    wire [`WIDTH:0] v1, v2, v3, v4, v5, v6;
176 
    wire rst2, done1, done2;
177 
    reg [2:0] K;
178 2 homer.xing 
 
179 3 homer.xing 
    f3m_inv
180 
        ins1 (clk, reset, y1, v1, done1); // v1 == inv y1
181 
    f3m_mult
182 
        ins2 (clk, rst2, v1, v1, v2, done2); // v2 == v1^2
183 
    f3m_cubic
184 
        ins3 (v1, v3); // v3 == v1^3
185 
    f3m_add
186 
        ins4 (x1, v2, v4), // v4 == x1+v2 == x1 + (inv y1)^2
187 
        ins5 (y1, v3, v5); // v5 == y1+v3 == y1 + (inv y1)^3
188 
    f3m_neg
189 
        ins6 (v5, v6); // v6 == -[y1 + (inv y1)^3]
190 
    func6
191 
        ins7 (clk, reset, done1, rst2);
192 
 
193 
    always @ (posedge clk)
194 
        if (reset)
195 
            K <= 3'b100;
196 
        else if ((K[2]&rst2)|(K[1]&done2)|K[0])
197 
            K <= K >> 1;
198 
 
199 
    always @ (posedge clk)
200 
        if (reset)
201 
          begin
202 
            done <= 0; x3 <= 0; y3 <= 0;
203 
          end
204 
        else if (K[0])
205 
          begin
206 
            done <= 1; x3 <= v4; y3 <= v6;
207 
          end
208 2 homer.xing 
endmodule
209 3 homer.xing 
 
210 
/* $P3 == P1+P2$ */
211 
/* $P1$ or $P2$ is not the infinite point. $P1 != P2, and P1 != -P2$ */
212 
module func11(clk, reset, x1, y1, x2, y2, done, x3, y3);
213 
    input clk, reset;
214 
    input [`WIDTH:0] x1, y1, x2, y2;
215 
    output reg done;
216 
    output reg [`WIDTH:0] x3, y3;
217 
    wire [`WIDTH:0] v1, v2, v3, v4, v5, v6, v7, v8, v9, v10;
218 
    wire rst2, rst3, done1, done2, done3;
219 
    reg [3:0] K;
220 
 
221 
    f3m_sub
222 
        ins1 (x2, x1, v1), // v1 == x2-x1
223 
        ins2 (y2, y1, v2); // v2 == y2-y1
224 
    f3m_inv
225 
        ins3 (clk, reset, v1, v3, done1); // v3 == inv v1 == inv(x2-x1)
226 
    f3m_mult
227 
        ins4 (clk, rst2, v2, v3, v4, done2), // v4 == v2*v3 == (y2-y1)/(x2-x1)
228 
        ins5 (clk, rst3, v4, v4, v5, done3); // v5 == v4^2
229 
    f3m_cubic
230 
        ins6 (v4, v6); // v6 == v4^3
231 
    f3m_add
232 
        ins7 (x1, x2, v7), // v7 == x1+x2
233 
        ins8 (y1, y2, v8); // v8 == y1+y2
234 
    f3m_sub
235 
        ins9 (v5, v7, v9), // v9 == v5-v7 == v4^2 - (x1+x2)
236 
        ins10 (v8, v6, v10); // v10 == (y1+y2) - v4^3
237 
    func6
238 
        ins11 (clk, reset, done1, rst2),
239 
        ins12 (clk, reset, done2, rst3);
240 
 
241 
    always @ (posedge clk)
242 
        if (reset)
243 
            K <= 4'b1000;
244 
        else if ((K[3]&rst2)|(K[2]&rst3)|(K[1]&done3)|K[0])
245 
            K <= K >> 1;
246 
 
247 
    always @ (posedge clk)
248 
        if (reset)
249 
          begin
250 
            done <= 0; x3 <= 0; y3 <= 0;
251 
          end
252 
        else if (K[0])
253 
          begin
254 
            done <= 1; x3 <= v9; y3 <= v10;
255 
          end
256 
endmodule

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.