AC435: Using ECC System Service in SmartFusion2 - Libero SoC v11.4 Application Note

Application Note AC435
Using ECC System Service in SmartFusion2 Libero SoC v11.4
Table of Contents
ECC and Services . . . . .
Point Addition . . . . . .
Scalar Point Multiplication
Generating a Public Key .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
ed
ed
Purpose . . . . . . . . . . . . . . . . . . . . . .
Introduction . . . . . . . . . . . . . . . . . . . .
References . . . . . . . . . . . . . . . . . . . .
System Controller Block in SmartFusion2 Device
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
1
1
1
1
.2
.3
.4
.5
Design Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Design Description . . . .
Hardware Implementation
Software Implementation
Firmware Drivers . . . .
Setting up the Design . .
Running the Design . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.5
.6
.6
.6
.7
.8
pe
rs
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Appendix A - Design and Programming Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
List of Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Purpose
This application note explains how to access an elliptic curve cryptography (ECC) services in the
SmartFusion®2 system-on-chip (SoC) field programmable gate array (FPGA) devices.
Su
Introduction
ECC is a public key encryption technique based on the elliptic curve theory. ECC is a different
mathematical approach used to encrypt and is based on a one-way property in which it is easy to
perform a calculation, but not feasible to invert the results of the calculation to find the original numbers.
ECC is used:
•
To implement faster, smaller size, and efficient cryptographic keys.
•
In digital signatures through elliptic curve digital signature algorithm (ECDSA) and in key
exchange through elliptic curve diffie-hellman (ECDH).
ECC feature is available in the larger SmartFusion2 devices such as: M2S090TS and M2S150TS.
ECC has two mathematical services such as: scalar point multiplication and point addition based on the
NIST recommended P-384 elliptic curve domain parameters.
In SmartFusion2 SoC devices, ECC services is accessible through the system services. The system
services are system controller actions initiated by asynchronous events from the ARM® Cortex®-M3
processor or a fabric master in the SmartFusion2. ECC is used for data and design security applications
and can be disabled through factory or user security settings.
October 2014
© 2014 Microsemi Corporation
1
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
This application note provides a design example to implement and access the following ECC services:
•
ECC Point Addition
•
Scalar Point Multiplication
•
Generate Public Key
References
The following are the references used:
SmartFusion2 Microcontroller Subsystem User Guide
•
SmartFusion2 System Controller User Guide
•
SmartFusion2 Security and Reliability User Guide
ed
ed
•
System Controller Block in SmartFusion2 Device
The ECC services provide access to the System Controller's ECC core. ECC Core block is accessed
through the communication block (COMM_BLK).
There are two COMM_BLK instances:
•
One in the microcontroller subsystem (MSS) that the user interfaces with
•
The other that communicates with the first block that is located in the system controller
The COMM_BLK consists of an APB interface, eight byte transmits FIFO, and eight byte receives FIFO.
The COMM_BLK provides a bi-directional message passing facility between the MSS and the system
controller.
rs
The ECC system services are initiated using the COMM_BLK in the MSS, which can be read or written
by any master on the AMBA high performance bus (AHB) matrix; typically either the Cortex-M3
processor or a design in the FPGA fabric (also known as a fabric master).
The system controller receives the command through the COMM_BLK in the system controller. On
completion of the requested service, the system controller returns a status message through the
COMM_BLK. The responses generated are based on the selected command.
Su
pe
Figure 1 shows the System Controller block in the SmartFusion2.
Figure 1 • System Controller Block in SmartFusion2 Device
2
R e vi s i o n 1
System Controller Block in SmartFusion2 Device
For more information about "System Controller", refer to the SmartFusion2 System Controller User
Guide.
For more information about "COMM_BLK", refer to the "Communication Block" chapter in the
SmartFusion2 Microcontroller Subsystem User Guide.
ECC and Services
An elliptic curve defined as the set of points (X, Y), which satisfy an elliptic curve equation of the form:
Y2=X3+aX+b;
rs
Figure 2 • Elliptical Curves
ed
ed
Where a and b are the elements of a finite field with pn (n=192, 224, 256, or 384) elements, where p is a
prime number larger than 3. And an example of the Elliptical curve is as shown in Figure 2.
If X3+aX+b contains no repeated factors, or equivalently if 4a3+27b2 is not 0 (zero), then the elliptic curve
Y2=X3+aX+b can be used to form a group.
The elliptic curve groups are additive groups (that is, their basic function is addition).
pe
This application note uses NIST recommended P-384 curve to implement the ECC system services. The
domain parameters for the curve P-384 are the prime, a, b and base point G. The recommended values
for these parameters are:
The Prime P384= 2384 − 2128 − 296 + 232 − 1:
In hexadecimal form:
Su
p384 = ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe ffffffff
00000000 00000000 ffffffff
The parameter a in hexadecimal form:
a = ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff fffffffe ffffffff
00000000 00000000 fffffffc
The parameter b in hexadecimal form:
b = b3312fa7 e23ee7e4 988e056b e3f82d19 181d9c6e fe814112
0314088f 5013875a c656398d 8a2ed19d 2a85c8ed d3ec2aef
The base point G in hexadecimal form:
Gx = aa87ca22 be8b0537 8eb1c71e f320ad74 6e1d3b62 8ba79b98
59f741e0 82542a38 5502f25d bf55296c 3a545e38 72760aB7
Gy = 3617de4a 96262c6f 5d9e98bf 9292dc29 f8f41dbd 289a147c
e9da3113 b5f0b8c0 0a60b1ce 1d7e819d 7a431d7c 90ea0e5F
The following ECC services are implemented in this application note:
Revision 1
3
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
Point Addition
The Elliptic point addition service, adds two points according to the definition of elliptic curve point
addition. The inputs are two points (x, y), each lying on the P-384 curve and the resulting point (x, y),
which is guaranteed to be on the curve.
Point addition service computes the results as the following:
R(Rx,Ry) = P(Px, Py) + Q(Qx, Qy)
P and Q are two 384 bit input points (Px, Py) and (Qx, Qy) on the P-384 elliptic curve.
pe
rs
ed
ed
In order to add the points P and Q, a line is drawn through the two points. This line will intersect the
elliptic curve in exactly one more point, call -R. The point -R is reflected in the x-axis to the point R. The
law for addition in an elliptic curve group is P + Q = R, where R is the result of addition, as shown in
Figure 3.
Figure 3 • Addition on an Elliptic Curve
Su
The example input points P and Q are provided in this application note for P-384 elliptic curve, user can
enter any P and Q points on the curve to perform the addition operation.
Note: Input points are not tested for validity by the ECC. If an input point is not a valid point on the P-384
curve (including the point at infinity), then the result will be undefined and no warning message are
displayed. User can find NIST recommended input test vectors at the following location:
http://csrc.nist.gov/groups/STM/cavp/documents/components/ecccdhtestvectors.zip.
Table 1 shows the command value to perform the ECC Point Addition in the SmartFusion2 device.
Table 1 • ECC Point Addition
System Service Name
Point Addition
Command Value
17
Response Status
0:Success completion
127:HRESP error occurred during MSS transfer
253:License not available in device
254:Service disabled by factory security
255:Service disabled by user security
4
R e vi s i o n 1
Design Requirements
Scalar Point Multiplication
The scalar point multiplication service, multiplies the scalar point with the point on the P-384 curve.
The multiplication service computes the result as per the standard:
Q=dXP
d is the scalar input (384 bit) and P is the 384bit point (Px, Py) on the curve.
Table 2 shows the command value to perform the ECC point multiplication.
Table 2 • ECC Point Multiplication
System Service Name
Point Multiplication
Command Value
Response Status
16
0:Success completion
127:HRESP error occurred during MSS transfer
ed
ed
253:License not available in device
254:Service disabled by factory security
255:Service disabled by user security
Generating a Public Key
The point multiplication is used for generating a public key given the private key (384 bit integer). The
domain parameter G, specifies the base point on the curve P-384 to use. This domain base point is built
into hardware accelerator, which has a special form of the scalar multiplication command that uses base
point without the user having to enter.
The generated public key is used further to encrypt the data or an application. The data or the application
can be decrypted using the private key.
rs
Design Requirements
Table 3 shows the design requirements.
Table 3 • Design Requirements
Design Requirements
pe
Hardware Requirements
SmartFusion2 Evaluation Kit:
•
12 V adapter
•
FlashPro4 programmer
Su
• USB A to Mini-B cable
Host PC or Laptop
Rev D or later
Any 64-bit Windows Operating System
Software Requirements
Libero® System-on-Chip (SoC)
v11.4 SP 1
FlashPro programming software
v11.4 SP 1
USB to UART drivers
-
One of the following serial terminal emulation programs:
-
•
HyperTerminal
•
TeraTerm
•
PuTTY
Revision 1
Description
5
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
Design Description
The design is implemented on the SmartFusion2 Evaluation Kit Board using M2S090TS-1FGG484
device.
The design example consists of:
•
RC oscillator
•
Fabric CCC
•
CORERESET
•
MSS
ed
ed
The fabric PLL is used to provide the base clock for the MSS. The system services are run using various
C routine in the MSS, as shown in the following sections. In addition, a universal asynchronous
receiver/transmitter (UART1) in the MSS is used to display the operation of the ECC system service.
Hardware Implementation
Figure 4 shows a block diagram of the design example. The RC oscillator generates a 50 MHz input
clock and the fabric PLL generates a 100 MHz clock from the RC oscillator. This 100 MHz clock is used
as the base clock for the MSS.
Su
pe
rs
The MMUART_1 signals are for communicating with the serial terminal program.
Figure 4 • Block Diagram of SmartFusion2 ECC Design Example
6
R e vi s i o n 1
Design Requirements
Software Implementation
The software design example performs the following operations:
•
ECC point addition
•
Scalar point multiplication
•
Public key generation
Firmware Drivers
The following firmware drivers are used in this application:
•
MSS MMUART driver: To communicate with the serial terminal program on the Host PC.
•
MSS System Services driver: Provides access to the SmartFusion2 System Services.
List of APIs
ed
ed
The following APIs in Table 4 are used in software design to access the ECC Services.
Table 4 • APIs to access the ECC System Services
API
MSS_SYS_ecc_point_addition()
Description
Point addition
MSS_SYS_ecc_point_multiplication ()
MSS_SYS_ecc_get_base_point()
Setting up the Design
Scalar point multiplication
To get base point
Plug the FlashPro4 ribbon cable into the connector J5 (JTAG Programming Header) on the
SmartFusion2 Evaluation Kit Board.
rs
1. Connect the mini USB cable between the FlashPro4 and the USB port of the PC.
2. Connect the power supply to the J6 connector.
3. Connect one end of the USB mini cable to the J18 connector provided on the SmartFusion2
Evaluation Kit. Connect the other end of the USB cable to the host PC.
pe
4. Ensure that the USB to UART bridge drivers are automatically detected. This can be verified in
the Device Manager.
Su
Figure 5 shows example device manager window. If USB to UART bridge drivers are not
installed, download and install the drivers from:
Revision 1
7
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
rs
Figure 5 • Device Manager Window
ed
ed
www.microsemi.com/soc/documents/CDM_2.08.24_WHQL_Certified.zip
5. Connect the jumpers on the SmartFusion2 Evaluation Kit as shown in Table 5.
Su
pe
Note: Ensure that power supply switch SW7 is switched off while connecting the jumpers on the SF2 Kit.
8
R e vi s i o n 1
Design Requirements
Table 5 • SmartFusion2 SoC FPGA Evaluation Kit Jumper Settings
Jumper
J22
Pin (from)
1
Pin (to)
2
Comments
default
J23
1
2
default
J24
1
2
default
J8
1
2
default
J3
1
2
default
Su
pe
rs
ed
ed
Figure 6 shows the board setup for running the ECC services design on the SmartFusion2 Evaluation
Kit.
Figure 6 • SmartFusion2 Evaluation Kit
Running the Design
The following steps describes how to run the design on the SmartFusion2 Evaluation Kit Board using the
M2S090TS-1FGG484 device:
1. Switch ON the power supply switch, SW7.
2. Start a PUTTY or HyperTerminal session with 115200 baud rate, 8 data bits, 1 stop bit, no parity,
and no flow control. Use any free serial terminal emulation program such as: HyperTerminal or
Tera Term, if the computer does not have the PUTTY program. For more information about
configuring HyperTerminal, Tera Term, or PuTTY, refer to Configuring Serial Terminal Emulation
Programs Tutorial.
3. Program the SmartFusion2 Evaluation Kit Board with the provided STAPL file using FlashPro4.
Refer to "Appendix A - Design and Programming Files" on page 19" for more information.
Revision 1
9
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
ed
ed
4. After programming, HyperTerminal displays a message to run the ECC Services as shown in
Figure 7.
Figure 7 • Welcome Message
rs
1. Enter "a" to perform point addition, HyperTerminal displays "Enter the X Coordinate of input point
P". Enter the following X coordinate of P in Hyper terminal (or) copy each line, right click in the
HyperTerminal and click paste to host to paste the coordinate as shown in Figure 8.
Su
pe
a7c76b970c3b5fe8
b05d2838ae04ab47
697b9eaf52e76459
2efda27fe7513272
734466b400091adb
f2d68c58e0c50066
10
R e visio n 1
Figure 8 • Point Addition Input
ed
ed
Design Requirements
2. Enter the Y Coordinate of P (Py), X and Y coordinates of Q (Qx, Qy) as shown in: Figure 9,
Figure 10, and Figure 11.
rs
Y Coordinate of P:
Su
pe
ac68f19f2e1cb879
aed43a9969b91a08
39c4c38a49749b66
1efedf243451915e
d0905a32b060992b
468c64766fc8437a
Revision 1
11
Figure 9 • Point Addition Input P
X Coordinate of Q:
rs
9803807f2f6d2fd9
66cdd0290bd410c0
190352fbec7ff624
7de1302df86f25d3
4fe4a97bef60cff5
48355c015dbb3e5f
ed
ed
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
pe
Y Coordinate of Q:
Su
ba26ca69ec2f5b5d
9dad20cc9da71138
3a9dbe34ea3fa5a2
af75b46502629ad5
4dd8b7d73a8abb06
a3a3be47d650cc99
12
R e visio n 1
Su
pe
rs
Figure 10 • Point Addition Input
ed
ed
Design Requirements
Figure 11 • Point Addition Input
Revision 1
13
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
rs
ed
ed
3. Point addition result is displayed on HyperTerminal as shown in Figure 12.
Figure 12 • Point Addition Result
pe
4. Enter "m" to perform point multiplication and enter the 384 bit input scalar D as shown in
Figure 13
Input Scalar D:
D=
Su
b7847b54eb40d602
dbe18b5386ac9a99
e0a584e3d01e2ef5
a5700be26e7076ca
c390d423a0033b07
e4ecbe709001fc39
14
R e visio n 1
Figure 13 • Point Multiplication
ed
ed
Design Requirements
5. Enter 48 byte X, Y coordinates of Input point P (Px, Py) as shown in Figure 14, Figure 15.
X, Y coordinates of the point P on the elliptic curve are:
rs
X Coordinate of P:
pe
8c19da9344ffda65
b72b2f83da40d806
40da85a220a0ccea
03788ef0b395b2ed
9a6a7cc5c2c60a80
54268c9d33dda7fe
Y Coordinate of P:
Su
a86d11a4ab265d8d
c4aa0d86e16bdbdb
8c78914f4ef6aef0
9c382b689460eacb
363fc795ec1914c0
276a7b75b562fe6b
Revision 1
15
ed
ed
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
Su
pe
rs
Figure 14 • X Input of Point P
Figure 15 • Y Input of Point P
16
R e visio n 1
Design Requirements
rs
ed
ed
6. Point Multiplication result is displayed on the HyperTerminal as shown in Figure 16.
Figure 16 • Point Multiplication Result
7. Enter g to generate a public key and enter 384bit private key as shown in Figure 17.
Private Key:
Su
pe
b7847b54eb40d602
dbe18b5386ac9a99
e0a584e3d01e2ef5
a5700be26e7076ca
c390d423a0033b07
e4ecbe709001fc39
Revision 1
17
ed
ed
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
Figure 17 • Input Private Key
Su
pe
rs
This service uses the internal 384 bit base point and performs the point multiplication with a private key
to generate the public key. Generated public key X, Y coordinates are displayed on the HyperTerminal as
shown in Figure 18.
Figure 18 • X, Y Coordinates of Public Key
18
R e visio n 1
Conclusion
Conclusion
This application note explains how to access the ECC services in the SmartFusion2 SoC FPGAs. It
implements how to perform the ECC point addition, scalar point multiplication, and public key generation.
Appendix A - Design and Programming Files
Download the design files fromthe Microsemi SoCProducts Group website:
http://soc.microsemi.com/download/rsc/?f=SF2_AC435_11p4_DF
The design files consist of a Libero Verilog project and programming files (*.stp) for the SmartFusion2
Evaluation Kit.
Refer to the readme.txt file included in the design files for the directory structure and description.
ed
ed
Download the programming files (*.stp) in release mode from the Microsemi SoC Products Group
website:
www.microsemi.com/soc/download/rsc/?f=SF2_AC435_11p4_PF
Su
pe
rs
The programming zip file consists of the STAPL programming file (*.stp) for the SmartFusion2 Evaluation
Kit.
Revision 1
19
Using ECC System Service in SmartFusion2 - Libero SoC v11.4
List of Changes
The following table lists critical changes that were made in each revision of the chapter in the application
note.
Date*
Changes
Revision 1
(October, 2014)
Initial release.
Page
N/A
Su
pe
rs
ed
ed
Note: *The revision number is located in the part number after the hyphen. The part number is displayed
at the bottom of the last page of the document. The digits following the slash indicate the month and
year of publication.
20
R e visio n 1
ed
ed
rs
pe
Su
Microsemi Corporate Headquarters
One Enterprise, Aliso Viejo CA 92656 USA
Within the USA: +1 (800) 713-4113
Outside the USA: +1 (949) 380-6100
Sales: +1 (949) 380-6136
Fax: +1 (949) 215-4996
E-mail: [email protected]
Microsemi Corporation (Nasdaq: MSCC) offers a comprehensive portfolio of semiconductor
and system solutions for communications, defense and security, aerospace, and industrial
markets. Products include high-performance and radiation-hardened analog mixed-signal
integrated circuits, FPGAs, SoCs, and ASICs; power management products; timing and
synchronization devices and precise time solutions, setting the world's standard for time; voice
processing devices; RF solutions; discrete components; security technologies and scalable
anti-tamper products; Power-over-Ethernet ICs and midspans; as well as custom design
capabilities and services. Microsemi is headquartered in Aliso Viejo, Calif. and has
approximately 3,400 employees globally. Learn more at www.microsemi.com.
© 2014 Microsemi Corporation. All rights reserved. Microsemi and the Microsemi logo are trademarks of
Microsemi Corporation. All other trademarks and service marks are the property of their respective owners.
51900303-1/10.14
Similar pages