Flexible Prime-Field Genus 2 Hyperelliptic Curve Cryptography Processor with Low Power Consumption and Uniform Power Draw

  • Ahmadi, Hamid-Reza (Faculty of New Sciences and Technologies, University of Tehran) ;
  • Afzali-Kusha, Ali (School of Electrical and Computer Engineering, University of Tehran) ;
  • Pedram, Massoud (Department of Electrical Engineering, University of Southern California) ;
  • Mosaffa, Mahdi (School of Electrical and Computer Engineering, University of Tehran)
  • Received : 2014.04.04
  • Accepted : 2014.10.02
  • Published : 2015.02.01


This paper presents an energy-efficient (low power) prime-field hyperelliptic curve cryptography (HECC) processor with uniform power draw. The HECC processor performs divisor scalar multiplication on the Jacobian of genus 2 hyperelliptic curves defined over prime fields for arbitrary field and curve parameters. It supports the most frequent case of divisor doubling and addition. The optimized implementation, which is synthesized in a $0.13{\mu}m$ standard CMOS technology, performs an 81-bit divisor multiplication in 503 ms consuming only $6.55{\mu}J$ of energy (average power consumption is $12.76{\mu}W$). In addition, we present a technique to make the power consumption of the HECC processor more uniform and lower the peaks of its power consumption.


  1. K. Finkenzeller, "RFID Handbook, 3rd ed.," West Sussex, UK: John Wiley & Sons Inc., 2010.
  2. D. Culler, D. Estrin, and M. Srivastava, "Overview of Sensor Networks," Computer, vol. 37, no. 8, Aug. 2004, pp. 41-49.
  3. W. Rankl and W. Effing, "Smart Card Handbook, 3rd ed.," West Sussex, UK: John Wiley & Sons Inc., 2003.
  4. A. Perrig et al., "SPINS: Security Protocols for Sensor Networks," Wireless Netw., vol. 8, no. 5, Sept. 2002, pp. 521-534.
  5. P.P. Lopez, "Lightweight Cryptography in Radio Frequency Identification (RFID) Systems," Ph.D. dissertation, Computer Science Department, Carlos III Univ. of Madrid, Spain, 2008.
  6. J.P. Kaps, G. Gaubatz, and B. Sunar, "Cryptography on a Speck of Dust," Computer, vol. 40, no. 2, Feb. 2007, pp. 38-44.
  7. M. Aigner, "Seven Reasons for Application of Standardized Crypto Functionality on Low Cost Tags," EU RFID Forum, Brussels, Belgium, Mar. 13-14, 2007, pp. 70-73.
  8. Y.K. Lee et al., "Elliptic Curve-Based Security Processor for RFID," IEEE Trans. Comput., vol. 57, no. 11, Nov. 2008, pp. 1514-1527.
  9. H.R. Ahmadi and A. Afzali-Kusha, "A Low-Power and Low- Energy Flexible GF(p) ECC Processor," J. Zhejiang University - Sci. C, vol. 11, no. 9, Sept. 2010, pp. 724-736.
  10. K. Sakiyama, "Secure Design Methodology and Implementation for Embedded Public-Key Cryptosystems," Ph.D. dissertation, Katholieke Universiteit Leuven, Leuven, Belgium, 2007.
  11. J. Fan, L. Batina, and I. Verbauwhede, "Light-Weight Implementation Options for Curve-Based Cryptography: HECC is also Ready for RFID," Int. Conf. Internet Technol. Secured Trans., London, UK, Nov. 9-12, 2009, pp. 1-6.
  12. D. Hankerson, A.J. Menezes, and S. Vanstone, "Guide to Elliptic Curve Cryptography," New York, USA: Springer-Verlag New York Inc., 2004.
  13. H. Cohen et al., "Handbook of Elliptic and Hyperelliptic Curve Cryptography," FL, USA: Chapman and Hall/CRC, 2006.
  14. P. Gaudry, "Hyperelliptic Curves and the HCDLP," in Advances in Elliptic Curve Cryptography, Cambridge, UK: Cambridge University Press, 2005, pp. 133-150.
  15. N. Koblitz et al., "Algebraic Aspects of Cryptography," Berlin, Germany: Springer-Verlag, 1998.
  16. T. Wollinger, J. Pelzl, and C. Paar, "Cantor versus Harley: Optimization and Analysis of Explicit Formulae for Hyperelliptic Curve Cryptosystems," IEEE Trans. Comput., vol. 54, no. 7, July 2005, pp. 861-872.
  17. T. Lange, "Formulae for Arithmetic on Genus 2 Hyperelliptic Curves," Appl. Algebra Eng. Commun. Comput., vol. 15, no. 5, Feb. 2005, pp. 295-328.
  18. T. Lange and P.K. Mishra, "SCA Resistant Parallel Explicit Formula for Addition and Doubling of Divisors in the Jacobian of Hyperelliptic Curves of Genus 2," Int. Conf. Cryptology India, Bangalore, India, Dec. 10-12, 2005, pp. 403-416.
  19. X. Fan and G. Gong, "Efficient Explicit Formulae for Genus 2 Hyperelliptic Curves over Prime Fields and their Implementations," Int. Workshop Sel. Areas Cryptography, Ottawa, Canada, Aug. 16-17, 2007, pp. 155-172.
  20. G. Elias, A. Miri, and T.H. Yeap, "FPGA Design of HECC Coprocessors," IEEE Int. Conf. Field-Programmable Technol., Brisbane, Australia, Dec. 6-8, 2004, pp. 343-346.
  21. J. Fan, L. Batina, and I. Verbauwhede, "HECC Goes Embedded: An Area-Efficient Implementation of HECC," Int. Workshop Sel. Areas Cryptography, New Brunswick, Canada, Aug. 14-15, 2008, pp. 387-400.
  22. J. Pelzl et al., "Hyperelliptic Curve Cryptosystems: Closing the Performance Gap to Elliptic Curves," Int. Workshop Cryptographic Hardware Embedded Syst., Cologne, Germany, Sept. 8-10, 2003, pp. 351-365.
  23. A. Hodjat et al., "A Hyperelliptic Curve Crypto Coprocessor for an 8051 Microcontroller," IEEE Workshop Signal Process. Syst. Des. Implementation, Athens, Greece, Nov. 2-4, 2005, pp. 93-98.
  24. H. Kim et al., "Hyperelliptic Curve Crypto-Coprocessor over Affine and Projective Coordinates," ETRI J., vol. 30, no. 3, June 2008, pp. 365-376.
  25. K. Sakiyama et al., "Small-Footprint ALU for Public-Key Processors for Pervasive Security," Workshop RFID Security, Graz, Austria, July 12-14, 2006, pp. 93-104.
  26. L. Batina, K. Sakiyama, and I.M.R. Verbauwhede, "Compact Public-Key Implementations for RFID and Sensor Nodes," in Secure Integrated Circuits and System, New York, USA: Springer US, 2010, pp. 179-195.
  27. H.R. Ahmadi, A. Afzali-Kusha, and M. Pedram, "A Power- Optimized Low-Energy Elliptic-Curve Crypto-Processor," IEICE Electron. Exp., vol. 7, no. 23, Dec. 2010, pp. 1752-1759.
  28. P. Rong and M. Pedram, "An Analytical Model for Predicting the Remaining Battery Capacity of Lithium-Ion Batteries," IEEE Trans. VLSI syst., vol. 14, no. 5, May 2006, pp. 441-451.