Instruction set extensions for pairing-based cryptography

Abstract

A series of recent algorithmic advances has delivered highly effective methods for pairing evaluation and parameter generation. However, the resulting multitude of options means many different variations of base field must ideally be supported on the target platform. Typical hardware accelerators in the form of co-processors possess neither the flexibility nor the scalability to support fields of different characteristic and order. On the other hand, extending the instruction set of a general-purpose processor by custom instructions for field arithmetic allows to combine the performance of hardware with the flexibility of software. To this end, we investigate the integration of a tri-field multiply-accumulate (MAC) unit into a SPARC V8 processor core to support arithmetic in p, 2n and 3n. Besides integer multiplication, the MAC unit can also execute dedicated multiply and MAC instructions for binary and ternary polynomials. Our results show that the tri-field MAC unit adds only a small size overhead while significantly accelerating arithmetic in 2n and 3n, which sheds new light on the relative performance of p, 2n and 3n in the context of pairing-based cryptography. © 2007 Springer-Verlag Berlin Heidelberg.