2024 02 v.35 185-196
零知识证明中椭圆曲线运算的硬件加速方法研究
基金项目(Foundation):
北京邮电大学网络与交换技术全国重点实验室开放课题资助项目(No.SKLNST-2023-1-13)
邮箱(Email):
lzq722@jiangnan.edu.cn;
DOI:
中文作者单位:
江南大学物联网工程学院;北京邮电大学网络与交换技术全国重点实验室;
摘要(Abstract):
目的:针对零知识证明协议纯软件部署存在的低时延、低功耗服务要求难以满足,以及硬件加速芯片协议适配性差和开发周期长的问题,提出了一种用于零知识证明的椭圆曲线点加计算流式计算架构。方法:实现了点加计算的硬件设计,对高位模运算设计了低时延、可扩展的硬件计算单元,在点加计算的各个计算阶段间规划数据流实现了流水设计,使用OpenCL与HLS,在基于FPGA的异构计算平台上,对不同规模的点乘、多标量乘法计算任务进行了软硬件协同加速。结果:在AMD Xilinx Alevo U50数据中心加速卡上,多标量乘法运算相比于AMD Ryzen 9 5900X(3.7 GHz)CPU单核及12核运行分别获得了41.5倍及3倍的加速比,硬件加速模块相比于纯软件方式获得了最高12.42倍的能效提升。结论:该计算架构有效提高了硬件资源利用率,降低了椭圆曲线运算时延以及功耗开销。
关键词(KeyWords):
现场可编程门阵列;椭圆曲线;零知识证明;高层次综合;异构计算
| 71 | 0 | 2565 |
| 下载次数 | 被引频次 | 阅读次数 |
参考文献
[1] GOLDWASSER S,MICALI S,RACKOFF C.The knowledge complexity of interactive proof-systems[M]//Providing Sound Foundations for Cryptography:On the Work of Shafi Goldwasser and Silvio Micali.New York:ACM,2019:203-225.
[2] BITANSKY N,CANETTI R,CHIESA A,et al.From extractable collision resistance to succinct non-interactive arguments of knowledge,and back again[C]//Proceedings of the 3rd Innovations in Theoretical Computer Science Conference.New York:Association for Computing Machinery,2012:326-349.
[3] DELIGNAT-LAVAUD A,FOURNET C,KOHLWEISS M,et al.Cinderella:Turning Shabby X.509 certificates into elegant anonymous credentials with the magic of verifiable computation[C]//2016 IEEE Symposium on Security and Privacy (SP).New York:IEEE,2016:235-254.
[4] SASSON E B,CHIESA A,GARMAN C,et al.Zerocash:Decentralized anonymous payments from Bitcoin[C]//2014 IEEE Symposium on Security and Privacy.New York:IEEE,2014:459-474.
[5] HUANG H S,CHANG T S,WU J Y.A Secure file sharing system based on IPFS and blockchain[C]//Proceedings of the 2020 2nd International Electronics Communication Conference.New York:Association for Computing Machinery,2020:96-100.
[6] 厉贤斌,崔晨,翁理想,等.基于跨层连接的多通道DBiSAC网络欺凌检测模型[J].中国计量大学学报,2023,34(1):92-100.LI X B,CUI C,WENG L X,et al.A DBiASC cyberbullying detection model based on cross-layer connection[J].Journal of China University of Metrology,2023,34(1):92-100.
[7] 项倩红,陈烘,林华明.面向分布式环境的分层数据采集技术研究[J].中国计量大学学报,2021,32(1):74-82.XIANG Q H,CHEN H,LIN H M.Research on hierarchical data acquisition technology for distributed environment[J].Journal of China University of Metrology,2021,32(1):74-82.
[8] ZHANG Y,WANG S,ZHANG X,et al.Pipezk:Accelerating zero-knowledge proof with a pipelined architecture[C]//2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA).New York:IEEE,2021:416-428.
[9] PENG B O,ZHU Y,JING N,et al.Design of a hardware accelerator for zero-knowledge proof in blockchains[C]//International Conference on Smart Computing and Communication.Cham:Springer,2020:136-145.
[10] LU T,WEI C K,YU R J,et al.cuZK:Accelerating zero-knowledge proof with a faster parallel multi-scalar multiplication algorithm on GPUs[J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2023(3):194-220.
[11] 黄平,梁伟洁.一种基于QAP问题的ZK-SNARK新协议[J].华南理工大学学报(自然科学版),2021,49(1):1-9.HUANG P,LIANG W J.A new ZK-SNARK protocol based on QAP problem[J].Journal of South China University of Technology(Natural Science Edition),2021,49(1):1-9.
[12] DANEZIS G,FOURNET C,KOHLWEISS M,et al.Pinocchio coin:Building zerocoin from a succinct pairing-based proof system[C]//Proceedings of the First ACM Workshop on Language Support for Privacy-Enhancing Technologies.New York:ACM,2013:27-30.
[13] GROTH J.On the size of pairing-based non-interactive arguments[C]//Annual International Conference on The Theory and Applications of Cryptographic Techniques.New York:Springer,2016:305-326.
[14] FILECOIN.Bellman:Zk-snark Library[EB/OL].(2018-01-01)[2023-12-01].https://github.com/zkcrypto/bellman.
[15] HANKERSON D,MENEZES A J,VANSTONE S.Guide to Elliptic Curve Cryptography[M].New York:Springer,2006:72-152.
[16] JAVEED K,WANG X.Low latency flexible FPGA implementation of point multiplication on elliptic curves over GF (p)[J].International Journal of Circuit Theory and Applications,2017,45(2):214-228.
[17] 车光宁,张钊锋.GF(2m)域上的低功耗可配置ECC点乘算法ASIC设计实现[J].微电子学与计算机,2018,35(1):15-20.CHE G N,ZHANG Z F.Low power consumption configurable ECC dot multiplication algorithm in GF (2m) domain is designed and implemented[J].Microelectronics & Computer,2018,35(1):15-20.
[18] MONTGOMERY P L.Modular multiplication without trial division[J].Mathematics of Computation,1985,44(170):519-521.
[19] KARATSUBA A.Multiplication of multidigit numbers on automata[J].Soviet Physics Doklady,1963,7:595-596.
[20] PIPPENGER N.On the evaluation of powers and related problems[C]//17th Annual Symposium on Foundations of Computer Science (sfcs 1976).Houston,TX,USA:IEEE,1976:258-263.
[21] 戴紫彬,易肃汶,李伟,等.椭圆曲线密码处理器的高效并行处理架构研究与设计[J].电子与信息学报,2017,39(10):2487-2494.DAI Z B,YI S W,LI W,et al.Research and design of efficient parallel processing architecture for elliptic curve cryptoprocessors[J].Journal of Electronics & Information Technology,2017,39(10):2487-2494.
[22] 杨晓辉,戴紫彬,李淼,等.面向椭圆曲线密码的处理器并行体系结构研究与设计[J].通信学报,2011,32(5):70-77.YANG X H,DAI Z B,LI M,et al.Research and design of processor parallel architecture for elliptic curve cryptography[J].Journal on Communications,2011,32(5):70-77.
[23] NIASAR M B,El KHATIB R,AZARDERAKHSH R,et al.Fast,small,and area-time efficient architectures for key-exchange on Curve25519[C]//2020 IEEE 27th Symposium on Computer Arithmetic (ARITH).Portland,OR,USA:IEEE,2020:72-79.
[24] SALARIFARD R,BAYAT-SARMADI S.An efficient low-latency point-multiplication over curve25519[J].IEEE Transactions on Circuits and Systems I:Regular Papers,2019,66(10):3854-3862.
[25] WU G M,HE Q W,JIANG J L,et al.A high-performance hardware architecture for ECC point multiplication over Curve25519[C]//2022 IEEE 30th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM).New York:IEEE,2022:1-9.
[2] BITANSKY N,CANETTI R,CHIESA A,et al.From extractable collision resistance to succinct non-interactive arguments of knowledge,and back again[C]//Proceedings of the 3rd Innovations in Theoretical Computer Science Conference.New York:Association for Computing Machinery,2012:326-349.
[3] DELIGNAT-LAVAUD A,FOURNET C,KOHLWEISS M,et al.Cinderella:Turning Shabby X.509 certificates into elegant anonymous credentials with the magic of verifiable computation[C]//2016 IEEE Symposium on Security and Privacy (SP).New York:IEEE,2016:235-254.
[4] SASSON E B,CHIESA A,GARMAN C,et al.Zerocash:Decentralized anonymous payments from Bitcoin[C]//2014 IEEE Symposium on Security and Privacy.New York:IEEE,2014:459-474.
[5] HUANG H S,CHANG T S,WU J Y.A Secure file sharing system based on IPFS and blockchain[C]//Proceedings of the 2020 2nd International Electronics Communication Conference.New York:Association for Computing Machinery,2020:96-100.
[6] 厉贤斌,崔晨,翁理想,等.基于跨层连接的多通道DBiSAC网络欺凌检测模型[J].中国计量大学学报,2023,34(1):92-100.LI X B,CUI C,WENG L X,et al.A DBiASC cyberbullying detection model based on cross-layer connection[J].Journal of China University of Metrology,2023,34(1):92-100.
[7] 项倩红,陈烘,林华明.面向分布式环境的分层数据采集技术研究[J].中国计量大学学报,2021,32(1):74-82.XIANG Q H,CHEN H,LIN H M.Research on hierarchical data acquisition technology for distributed environment[J].Journal of China University of Metrology,2021,32(1):74-82.
[8] ZHANG Y,WANG S,ZHANG X,et al.Pipezk:Accelerating zero-knowledge proof with a pipelined architecture[C]//2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA).New York:IEEE,2021:416-428.
[9] PENG B O,ZHU Y,JING N,et al.Design of a hardware accelerator for zero-knowledge proof in blockchains[C]//International Conference on Smart Computing and Communication.Cham:Springer,2020:136-145.
[10] LU T,WEI C K,YU R J,et al.cuZK:Accelerating zero-knowledge proof with a faster parallel multi-scalar multiplication algorithm on GPUs[J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2023(3):194-220.
[11] 黄平,梁伟洁.一种基于QAP问题的ZK-SNARK新协议[J].华南理工大学学报(自然科学版),2021,49(1):1-9.HUANG P,LIANG W J.A new ZK-SNARK protocol based on QAP problem[J].Journal of South China University of Technology(Natural Science Edition),2021,49(1):1-9.
[12] DANEZIS G,FOURNET C,KOHLWEISS M,et al.Pinocchio coin:Building zerocoin from a succinct pairing-based proof system[C]//Proceedings of the First ACM Workshop on Language Support for Privacy-Enhancing Technologies.New York:ACM,2013:27-30.
[13] GROTH J.On the size of pairing-based non-interactive arguments[C]//Annual International Conference on The Theory and Applications of Cryptographic Techniques.New York:Springer,2016:305-326.
[14] FILECOIN.Bellman:Zk-snark Library[EB/OL].(2018-01-01)[2023-12-01].https://github.com/zkcrypto/bellman.
[15] HANKERSON D,MENEZES A J,VANSTONE S.Guide to Elliptic Curve Cryptography[M].New York:Springer,2006:72-152.
[16] JAVEED K,WANG X.Low latency flexible FPGA implementation of point multiplication on elliptic curves over GF (p)[J].International Journal of Circuit Theory and Applications,2017,45(2):214-228.
[17] 车光宁,张钊锋.GF(2m)域上的低功耗可配置ECC点乘算法ASIC设计实现[J].微电子学与计算机,2018,35(1):15-20.CHE G N,ZHANG Z F.Low power consumption configurable ECC dot multiplication algorithm in GF (2m) domain is designed and implemented[J].Microelectronics & Computer,2018,35(1):15-20.
[18] MONTGOMERY P L.Modular multiplication without trial division[J].Mathematics of Computation,1985,44(170):519-521.
[19] KARATSUBA A.Multiplication of multidigit numbers on automata[J].Soviet Physics Doklady,1963,7:595-596.
[20] PIPPENGER N.On the evaluation of powers and related problems[C]//17th Annual Symposium on Foundations of Computer Science (sfcs 1976).Houston,TX,USA:IEEE,1976:258-263.
[21] 戴紫彬,易肃汶,李伟,等.椭圆曲线密码处理器的高效并行处理架构研究与设计[J].电子与信息学报,2017,39(10):2487-2494.DAI Z B,YI S W,LI W,et al.Research and design of efficient parallel processing architecture for elliptic curve cryptoprocessors[J].Journal of Electronics & Information Technology,2017,39(10):2487-2494.
[22] 杨晓辉,戴紫彬,李淼,等.面向椭圆曲线密码的处理器并行体系结构研究与设计[J].通信学报,2011,32(5):70-77.YANG X H,DAI Z B,LI M,et al.Research and design of processor parallel architecture for elliptic curve cryptography[J].Journal on Communications,2011,32(5):70-77.
[23] NIASAR M B,El KHATIB R,AZARDERAKHSH R,et al.Fast,small,and area-time efficient architectures for key-exchange on Curve25519[C]//2020 IEEE 27th Symposium on Computer Arithmetic (ARITH).Portland,OR,USA:IEEE,2020:72-79.
[24] SALARIFARD R,BAYAT-SARMADI S.An efficient low-latency point-multiplication over curve25519[J].IEEE Transactions on Circuits and Systems I:Regular Papers,2019,66(10):3854-3862.
[25] WU G M,HE Q W,JIANG J L,et al.A high-performance hardware architecture for ECC point multiplication over Curve25519[C]//2022 IEEE 30th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM).New York:IEEE,2022:1-9.
基本信息:
DOI:
中图分类号:TP309.7
引用信息:
[1]丁冬,李正权.零知识证明中椭圆曲线运算的硬件加速方法研究[J].中国计量大学学报,2024,35(02):185-196.
基金信息:
北京邮电大学网络与交换技术全国重点实验室开放课题资助项目(No.SKLNST-2023-1-13)