Elliptic Curve Cryptography (ECC) is a public-key cryptographic technology that uses the mathematics of so called “elliptic curves” and it is a part of the “Suite B” of cryptographic algorithms approved by the NSA.
The design is fully synchronous, with the exception of the seed part, and available in both source and netlist form.
The core is supplied as portable Verilog (VHDL version available) thus allowing customers to carry out an internal code review to ensure its security.
Function Description
The core implements either a point multiplication operation and the point verification operations, or (optionally) a complete digital signature operation (signing or signature verification). For the point multiplication version, the operands for the multiplication (k, Px, Py) are pushed into the core before the start of operation. Once the operation is completed, the result, Qx, Qy can be read from the core.
For the ECDSA version, for signing the input parameters (z, d, k) are pushed into the core and there (r,s) result can be read. For signature verification (z, Qx, Qy, r, s) are the input parameters. Here z is the hashed message, d is the private key, k is the nonce, r and s constitute the signature, Qx, Qy constitute the public key. A wrapper integrating multiple ECC7 cores with the hash cores and random number generators is available.
The curve and digital signature selections are fixed for the particular version of the core, for example the ECC7 P256-ECDSA-V core works with the NIST binary curve P-256 and implements the signature verification for the ECDSA algorithm.
The core implements either a point multiplication operation and the point verification operations, or (optionally) a complete digital signature operation (signing or signature verification). For the point multiplication version, the operands for the multiplication (k, Px, Py) are pushed into the core before the start of operation. Once the operation is completed, the result, Qx, Qy can be read from the core. For the ECDSA version, for signing the input parameters (z, d, k) are pushed into the core and there (r,s) result can be read. For signature verification (z, Qx, Qy, r, s) are the input parameters. Here z is the hashed message, d is the private key, k is the nonce, r and s constitute the signature, Qx, Qy constitute the public key. A wrapper integrating multiple ECC7 cores with the hash cores and random number generators is available. The curve and digital signature selections are fixed for the particular version of the core, for example the ECC7 P256-ECDSA-V core works with the NIST binary curve P-256 and implements the signature verification for the ECDSA algorithm.
