Barrett reduction shown in Algorithm 14 finds T (mod N) with a given (k + 1)-bit value µ = ⌊bN2k⌋ and a suitably-chosen base b = 2L, where µ can be obtained from pre-computation. For example, as b = 2, µ = ⌊2N2k⌋; q1 = T >> (k − 1); q2 = q1 · µ;
q3 = q2 >> (k + 1); R1 = T [k : 0]; R2 = q3 · N; R2 = R2[k : 0]; R = R1 − R2; If (R < 0) then R = R + 2k+1; While (R ≥ N) R = R − N; Return R. To compute the value of µ required in Algorithm 14, it is shown in Algorithm 15.
Algorithm 14 Barrett Reduction
Input: 0 ≤ T = (T2k−1, T2k−2, T1, T0)b < b2k, N, b ≥ 3, k = ⌊logbN⌋ + 1, and µ Output: R ≡ (Rk−1, . . . , R0)b = T (mod N)
1: q1 = ⌊bk−1T ⌋ (Bitwise Shift Right)
2: q2 = q1· µ (Multiplication)
3: q3 = ⌊bk+1q2 ⌋ (Bitwise Shift Right)
4: R1 = T (mod bk+1) (Truncation)
5: R2 = q3· N (mod bk+1) (Multiplication + Truncation)
6: R = R1− R2 (Subtraction)
7: If (R < 0) then R = R + bk+1 (Addition)
8: While (R ≥ N) do R = R − N (Subtraction)
9: Return R
Both of Barrett reduction and Montgomery reduction are the approach to find the field element in GF (p) for an integer of double bit length without trial division. They
Algorithm 15 Computation of µ Input: p, and k = ⌊logbN⌋ + 1 Output: µ = ⌊bN2k⌋
1: µ = bk
2: Repeat
3: S = µ
4: µ = 2µ − ⌊⌊
µ2 bk⌋·N
bk ⌋
5: Until µ ≤ S
6: t = b2k− N · µ
7: While (t < 0) do
8: µ = µ − 1
9: t = t + N
10: Return R
need the domain conversion of primary inputs. In contrast, Montgomery reduction needs the domain conversion of primary inputs.
Bibliography
[1] R. Rivest, Rivest cipher 4 (RC4), Std., 1987.
[2] Federal Information Processing Standard (FIPS), Data encryption stan-dard (DES), FIPS Std. 46-3, Oct. 1999. [Online]. Available:
http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
[3] ——, Advanced encryption standard (AES), FIPS Std. 197, Nov. 2001. [Online].
Available: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
[4] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Comm. ACM, vol. 21, no. 2, pp. 120–126, 1978.
[5] V. Miller, “Use of elliptic curve in cryptography,” in Proc. Advances in Cryptology (Crypto), 1986, pp. 417–426.
[6] N. Koblitz, “Elliptic Curve Cryptosystems,” Math. Computing, vol. 48, pp. 203–209, 1987.
[7] Institute of Electrical and Electronics Engineers (IEEE), Standard specifications or public-key cryptography, IEEE Std. 1363, Jan. 2000. [Online]. Available:
http://grouper.ieee.org/groups/1363/
[8] ——, Standard specifications or public-key cryptography – Amendment 1:
Additional techniques, IEEE Std. 1363a, Sep. 2004. [Online]. Available:
http://grouper.ieee.org/groups/1363/P1363a/
[9] ——, Wireless medium access control and physical layer specifications for low-rate wireless personal area networks, IEEE Std. 802.15.4, May 2000.
[10] ——, IEEE standard for local and metropolitan area networks - Part 15.6: Wireless body area networks, IEEE Std. 802.15.6, Feb. 2012.
[11] Z. Alliance, ZigBee specifications, Std., 2006. [Online]. Available:
http://www.zigbee.org
[12] B. SIG, Bluetooth specification version 4.0 [vol 0], Std., Jun. 2010. [Online].
Available: http://www.bluetooth.org
[13] J.-Y. Yu, C.-C. Chung, W.-C. Liao, and C.-Y. Lee, “A sub-mW multi-tone CDMA baseband transceiver chipset for wireless body area network applications,” in ISSCC Dig. Tech. Papers, Feb. 2007.
[14] S. Mangard, E. Oswald, and T. Popp, Power analysis attacks - Revealing the secretes of smart cards. Springer, 2007.
[15] J. Goodman and A. Chandrakasan, “An energy-efficient reconfigurable public-key cryptography processor,” IEEE J. Solid-State Circuits, vol. 36, no. 11, pp. 1808–
1820, Nov. 2001.
[16] A. Satoh and K. Takano, “A scalable dual-field elliptic curve cryptographic proces-sor,” IEEE Trans. Comput., vol. 52, no. 4, pp. 449–460, Apr. 2003.
[17] C. J. McIvor, M. McLoone, and J. V. McCanny, “Hardware elliptic curve crypto-graphic processor over GF (p),” IEEE Trans. Circuits Syst. I, vol. 53, no. 9, pp.
1946–1957, Sep. 2006.
[18] K. Sakiyama, L. Batina, B. Preneel, and I. Verbauwhede, “Superscalar coprocessor for high-speed curve-based cryptography,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 4249, Oct. 2006, pp. 415–429.
[19] G. Chen, G. Bai, and H. Chen, “A high-performance elliptic curve cryptographic processor for general curves over GF (p) based on a systolic arithmetic unit,” IEEE Trans. Circuits Syst. II, vol. 54, no. 5, pp. 412–416, May 2007.
[20] K. Sakiyama, L. Batina, B. Preneel, and I. Verbauwhede, “Multicore curve-based cryptoprocessor with reconfigurable modular arithmetic logic units over GF (2n),”
IEEE Trans. Comput., vol. 56, no. 9, pp. 1269–1282, Sep. 2007.
[21] T. G¨uneysu and C. Paar, “Ultra high performance ECC over NIST primes on com-mercial FPGAs,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 5154, Aug. 2008, pp. 62–78.
[22] Y. K. Lee, K. Sakiyama, L. Batina, and I. Verbauwhede, “Elliptic-curve-based se-curity processor for RFID,” IEEE Trans. Comput., vol. 57, no. 11, pp. 1514–1527, Nov. 2008.
[23] D. M. Schinianakis, A. P. Fournaris, H. E. Michail, A. P. Kakarountas, and T. Stouraitis, “An RNS implementation of an Fp elliptic curve point multiplier,”
IEEE Trans. Circuits Syst. I, vol. 56, no. 6, pp. 1202–1213, Jun. 2009.
[24] J.-Y. Lai and C.-T. Huang, “A highly efficient cipher processor for dual-field elliptic curve cryptography,” IEEE Trans. Circuits Syst. II, vol. 56, no. 5, pp. 394–398, May 2009.
[25] J.-H. Hong and W.-C. Wu, “The design of high performance elliptic curve crypto-graphic,” in IEEE Int. Midwest Symp. Circuits Syst. (MWSCAS), Aug. 2009, pp.
527–530.
[26] N. Guillermin, “A high speed coprocessor for elliptic curve scalar multiplications over Fp,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 6225, Aug. 2010, pp. 48–64.
[27] J.-H. Chen, M.-D. Shieh, and W.-C. Lin, “A high-performance unified-field recon-figurable cryptographic processor,” IEEE Trans. VLSI Syst., vol. 18, no. 8, pp. 1145 –1158, Aug. 2010.
[28] J.-Y. Lai and C.-T. Huang, “Energy-adaptive dual-field processor for high-performance elliptic curve cryptographic applications,” IEEE Trans. VLSI Syst., vol. 19, no. 8, pp. 1512–1517, Aug. 2011.
[29] F. F¨urbass and J. Wolkerstorfer, “ECC processor with low die size for RFID appli-cations,” in IEEE Int. Symp. on Circuits Syst. (ISCAS), May 2007, pp. 1835–1838.
[30] A. Karatsuba and Y. Ofman, “Multiplication of many-digital numbers by automatic
[31] S. M. Shohdy, A. B. El-Sisi, and N. Ismail, “Hardware implementation of efficient modified Karatsuba multiplier used in elliptic eurves,” International Journal of Network Security, vol. 11, no. 3, pp. 155–162, Nov. 2010.
[32] G. Zhou, H. Michalik, and L. Hinsenkamp, “Improving throughput of AES-GCM with pipelined karatsuba multipliers on FPGAs,” in Springer, vol. 5453, 2009, pp.
193–203.
[33] L. Henzen and W. Fichtner, “FPGA parallel-pipelined AES-GCM core for 100G Ethernet applications,” in European Solid-State Circuits Conference (ESSCIRC), Sep. 2010, pp. 202–205.
[34] D. Hankerson, A. Menezes, and S. Vanstone, Guide to elliptic curve cryptography.
New York: Springer, 2004.
[35] H. Nozaki, M. Motoyama, A. Shimbo, and S. Kawamura, “Implementation of RSA algorithm based on RNS Montgomery multiplication,” in Workshop on Crypto-graphic Hardware and Embedded Systems (CHES), vol. 2162, May 2001, pp. 364–
376.
[36] J.-C. Bajard and L. Imbert, “A full RNS implementation of RSA,” IEEE Trans.
Comput., vol. 53, no. 6, pp. 769–774, Jun. 2004.
[37] P. L. Montgomery, “Modular multiplication without trial division,” Math. Comput-ing, vol. 44, no. 170, pp. 519–521, Apr. 1985.
[38] J.-W. Lee, Y.-L. Chen, C.-Y. Tseng, H.-C. Chang, and C.-Y. Lee, “A 521-bit dual-field elliptic curve cryptographic processor with power analysis resistance,” in Eu-ropean Solid-State Circuits Conference (ESSCIRC), Sep. 2010, pp. 206–209.
[39] A. F. Tenca and C¸ etin K. Ko¸c, “A scalable architecture for Montgomery multipli-cation,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 1717, 1999, pp. 94–108.
[40] W.-C. Lin, J.-H. Ye, and M.-D. Shieh, “Scalable Montgomery modular multiplica-tion architecture with low latency and low memory bandwidth requirement,” IEEE Trans. Comput.
[41] A. Miyamoto, N. Homma, T. Aoki, and A. Satoh, “Systematic design of RSA processors based on high-radix Montgomery multipliers,” IEEE Trans. VLSI Syst., vol. 19, no. 7, pp. 1136–1146, Jun. 2011.
[42] S.-C. Chung, J.-W. Lee, H.-C. Chang, and C.-Y. Lee, “A high-performance elliptic curve cryptographic processor over GF (p) with SPA resistance,” in IEEE Int. Symp.
on Circuits Syst. (ISCAS), May 2012, pp. 1456–1459.
[43] S. M. H. Rodr´ıguez and F. Rodr´ıguez-Henr´ıquez, “An FPGA arithmetic logic unit for computing scalar multiplication using the half-and-add method,” in Interna-tional Conference on Reconfigurable Computing and FPGAs (ReConFig), Sep. 2005.
[44] ISO/IEC, Information technology-radio frequency identification (RFID) for item management-part 3: parameters for air interface communications at 13.56 MHz, ISO/IEC Std. 18 000-3, 2004.
[45] J. Wolkerstorfer, “Is elliptic-curve cryptography suitable to secure RFID tags?” in Proc. Workshop RFID and Light-Weight Cryptography (RFIDSec), Aug. 2005.
[46] S. S. Kumar and C. Paar, “Are standards compliant elliptic curve cryptosystems feasible on RFID?” in Proc. Workshop on RFID Security (RFIDSec), Jul. 2006.
[47] F. I. P. S. (FIPS), Secure Hash Standard (SHS), FIPS Std. 180-3, Oct. 2008.
[48] J. L´opez and R. Dahab, “Fast multiplication on elliptic curves over GF (2m) without precomputation,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 1717, 1999, pp. 316–327.
[49] A. W. M. Koschuch, J. Lechner and J. G. sch¨adl, “Hardware/software co-design of elliptic curve cryptography on an 8051 microcontroller,” in Workshop on Crypto-graphic Hardware and Embedded Systems (CHES), vol. 4249, Oct. 2006, pp. 430–444.
[50] A. de la Piedra, A. Touhafi, and G. Cornetta, “Cryptographic accelerator for 802.15.4 transceivers with key agreement engine based on Montgomery arithmetic,”
in IEEE Symposium on Communications and Vehicular Technology in the Benelux (SCVT), Nov. 2011, pp. 1–5.
[51] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in International Cryptology Conference on Advances in Cryptology., 1999, pp. 388–397.
[52] T. Popp and S. Mangard, “Masked dual-rail pre-charge logic: DPA resistance with-out rwith-outing constraints,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 3659, Aug. 2005, pp. 172–186.
[53] K. Tiri, M. Akmal, and I. Verbauwhede, “A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards,” in European Solid-State Circuits Conference (ESSCIRC), Sep.
2002, pp. 403–406.
[54] M. Bucci, L. Giancane, R. Luzzi, and A. Trifiletti, “Three-phase dual-rail pre-charge logic,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 4249, Oct. 2006, pp. 232–241.
[55] M. Bucci, L. Giancane, R. Luzzi, G. Scotti, and A. Trifiletti, “Delay-based dual-rail precharge logic,” IEEE Trans. VLSI Syst., vol. 19, no. 7, pp. 1147–1153, Jul. 2011.
[56] J. Fan, X. Guo, E. D. Mulder, P. Schaumont, B. Preneel, and I. Verbauwhede,
“State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures,” in IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), 2010, pp. 76–87.
[57] J. Wolkerstorfer, “Scaling ECC hardware to a minimum,” in ECRYPT Workshop -Cryptographic Advances in Secure Hardware (CRASH), 2005.
[58] Y.-L. Chen, J.-W. Lee, P.-C. Liu, H.-C. Chang, and C.-Y. Lee, “A dual-field elliptic curve cryptographic processor with a radix-4 unified division unit,” in IEEE Int.
Symp. on Circuits Syst. (ISCAS), May 2011, pp. 713–716.
[59] J.-W. Lee, J.-H. Hsiao, H.-C. Chang, and C.-Y. Lee, “An efficient DPA counter-measure with randomized Montgomery operations for DF-ECC processor,” IEEE Trans. Circuits Syst. II, vol. 59, no. 5, pp. 287–291, May 2012.
[60] W. Diffie and M. E. Hellman, “Multiuser cryptographic techniques,” in Proceedings of the AFIPS National Computer Conference, vol. 45, Jun. 1976, pp. 109–112.
[61] B. Kaliski and M. Robshaw, “The secure use of RSA,” CryptoBytes, 1995.
[62] L. C. Washington, Elliptic curves: number theory and cryptography. Chapman and Hall/CRC, 2003.
[63] H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen, and F. Vercauteren, Handbook of elliptic and hyperelliptic curve cryptography. Chapman and Hall/CRC, 2005.
[64] H. Cohen, A. Miyaji, and T. Ono, “Efficient elliptic curve exponentiation using mixed coordinates,” in Proc. Adv. Cryptolog. (Asiacrypt), vol. 1514, 1998, pp. 51–
65.
[65] W. Diffie and M. E. Hellman, “New directions in cryptography,” IEEE Trans. Info.
Theory, vol. IT-22, pp. 644–654, Nov. 1976.
[66] L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone, “An efficient protocol for authenticated key agreement,” CORR 98-05, Dept. of C & O, University of Waterloo, Canada, Tech. Rep., Mar. 1998. [Online]. Available:
http://www.cacr.math.uwaterloo.ca/
[67] K. Nyberg and R. Rueppel, “A new signature scheme based on the DSA giving message recovery,” in Proceedings of First ACM Conference on Computer and Com-munications Security, ACM Press, 1993, pp. 58–61.
[68] D. W. Kravitz, “Digital signature algorithm,” Patent 5,231,668, Jul., 1993.
[69] American National Standards Institute (ANSI), Public Key Cryptography for the Financial Services Industry: Key Agreement and Transport Using Elliptic Curve Cryptography, ANSI Std. X9.63-2002, 2002.
[70] National Institute of Standards and Technology (NIST), Recommendation for block cipher modes of operation - methods and techniques, NIST Std. 800-38A, Dec. 2001. [Online]. Available: http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
[71] ——, Recommendation for block cipher modes of operation - The CMAC mode for authentication, NIST Std. 800-38B, May 2005. [Online]. Available:
http://csrc.nist.gov/publications/nistpubs/800-38B/SP 800-38B.pdf
[72] A. Kerckhoffs, “La cryptographie militaire,” Journal des sciences militaires, vol. 9, pp. 5–38, Jan. 1883.
[73] C. Tokunaga and D. Blaauw, “Secure AES engine with a local switched-capacitor current equalizer,” in ISSCC Dig. Tech. Papers, Feb. 2009, pp. 64–65.
[74] J. Fan, B. Gierlichs, and F. Vercauteren, “To infinity and beyond: combined attack on ECC using points of low order,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 6917, Sep. 2011, pp. 143–159.
[75] N. Homma, A. Miyamoto, T. Aoki, A. Satoh, and A. Shamir, “Collision-based power analysis of modular exponentiation using chosen-message pairs,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 5154, Aug. 2008, pp.
15–29.
[76] D. Hwang, K. Tiri, A. Hodjat, B.-C. Lai, S. Yang, P. Schaumont, and I. Ver-bauwhede, “AES-based security coprocessor IC in 0.18-µm CMOS with resistance to differential power analysis side-channel attacks,” IEEE J. Solid-State Circuits, vol. 41, no. 4, pp. 781–792, Apr. 2006.
[77] C. Tokunaga and D. Blaauw, “Securing encryption systems with a switched capac-itor current equalizer,” IEEE J. Solid-State Circuits, vol. 45, no. 1, pp. 23–31, Jan.
2010.
[78] P.-C. Liu, H.-C. Chang, and C.-Y. Lee, “A low overhead DPA countermeasure circuit based on ring oscillators,” IEEE Trans. Circuits Syst. II, vol. 57, no. 7, pp.
546–550, Jul. 2010.
[79] J. S. Coron, “Resistance against differential power analysis for elliptic curve cryptosystems,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 1717, Aug. 1999, pp. 725–725.
[80] M. Joye and C. Tymen, “Protections against differential analysis for elliptic curve cryptography – an algebraic approach,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 2162, May 2001, pp. 377–390.
[81] L. Goubin, “A refined power-analysis attack on elliptic curve cryptosystems,” in Workshop on Theory and Practice in Public Key Cryptography, vol. 2567, 2003.
[82] B. S. Kaliski, “The Montgomery inverse and its applications,” IEEE Trans. Com-put., vol. 44, no. 8, pp. 1064–1065, Aug. 1995.
[83] H. Wang and H. Zhang, “A fast pseudorandom number generator with BLAKE hash function,” Wuhan University Journal of Natural Sciences, vol. 15, no. 5, pp.
393–397, 2010.
[84] P.-C. Liu, H.-C. Chang, and C.-Y. Lee, “A true random-based differential power analysis countermeasure circuit for an AES engine,” IEEE Trans. Circuits Syst. II, vol. 59, no. 2, pp. 103–107, Feb. 2012.
[85] C. S. Petrie and J. A. Connelly, “A noise-based IC random number generator for applications in cryptography,” IEEE Trans. Circuits Syst. I, vol. 47, pp. 615–621, May 2000.
[86] J. Golic, “New methods for digital generation and postprocessing of random data,”
IEEE Trans. Comput., vol. 55, no. 10, pp. 1217–1229, Oct. 2006.
[87] M. Bucci and R. Luzzi, “Fully digital random bit generators for cryptographic applications,” IEEE Trans. Circuits Syst. I, vol. 55, no. 3, pp. 861–875, Apr. 2008.
[88] National Institute of Standards and Technology (NIST), A statistical test suite for the validation of random number generators and pseudorandom number generators for cryptographic applications, NIST Std. 800-22, May 2001. [Online]. Available:
http://csrc.nist.gov/groups/ST/toolkit/rng/documents/SP800-22rev1a.pdf
[89] J.-W. Lee, S.-C. Chung, H.-C. Chang, and C.-Y. Lee, “A 3.40ms/GF (p521) and 2.77ms/GF (2521) DF-ECC processor with side-channel attack resistance,” in ISSCC Dig. Tech. Papers, Feb. 2013, pp. 50–52.
[90] H. Bock, M. Bucci, and R. Luzzi, “An offset-compensated oscillator-based random bit source for security applications,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 3156, Aug. 2004, pp. 268–281.
[91] C.-Y. Yu, C.-C. Chung, C.-J. Yu, and C.-Y. Lee, “A low-power DCO using interlaced hysteresis delay cells,” IEEE Trans. Circuits Syst. II, vol. 59, no. 10, pp. 673–677, Oct. 2012.
[92] S. Ghosh, D. Mukhopadhyay, and D. Roychowdhury, “Petrel: power and timing attack resistant elliptic curve scalar multiplier based on programmable GF (p) arith-metic unit,” IEEE Trans. Circuits Syst. I, vol. 58, no. 8, pp. 1798–1812, Aug. 2011.
[93] A. Daly, W. Marnane, T. Kerins, and E. Popovici, “An FPGA implementation of a GF (p) ALU for encryption processors,” Microprocess. Microsyst., vol. 28, pp.
253–260, 2004.
[94] J.-W. Lee, S.-C. Chung, H.-C. Chang, and C.-Y. Lee, “Efficient power-analysis-resistant field elliptic curve cryptographic processor using heterogeneous dual-processing-element architecture,” IEEE Trans. VLSI Syst., 2013.
[95] S. M¨uller, “On the computation of square roots in finite fields,” Designs, Codes and Cryptography, vol. 31, no. 3, pp. 301–312, 2004.
[96] ARM, “AMBA Design Kit,” 2007. [Online]. Available:
http://infocenter.arm.com/help/topic/com.arm.doc.ddi0243c/DDI0243C adk r3p0 trm.pdf [97] J.-W. Lee, S.-C. Chung, H.-C. Chang, and C.-Y. Lee, “An efficient countermeasure
against correlation power-analysis attacks with randomized Montgomery operations for DF-ECC processor,” in Workshop on Cryptographic Hardware and Embedded Systems (CHES), vol. 7428, Sep. 2012, pp. 548–564.
[98] S.-Y. Hsu, Y.-C. Ho, Y.-W. Tseng, T.-Y. Lin, P.-Y. Chang, J.-W. Lee, J.-H. Hsiao, S.-M. Chuang, T.-Z. Yang, P.-C. Liu, T.-F. Yang, R.-J. Chen, C.-C. Su, and C.-Y.
Lee, “A sub-100µW multi-functional cardiac signal processor for mobile healthcare applications,” in Symposium on VLSI Circuits (VLSIC), Jun. 2012, pp. 156–157.
[99] Andes, Andes, Tech. Rep. [Online]. Available: http://www.andestech.com/p2-3.htm
[100] T.-W. Chen, J.-Y. Yu, C.-Y. Yu, and C.-Y. Lee, “A 0.5V 4.85 Mbps dual-mode baseband transceiver with extended frequency calibration for biotelemetry applica-tions,” IEEE J. Solid-State Circuits, vol. 44, no. 11, pp. 2966–2976, Nov. 2009.
[101] H.-Y. Hsu, A.-Y. Wu, and J.-C. Yeo, “Area-efficient VLSI design of Reed-Solomon decoder for 10GBase-LX4 optical communication systems,” IEEE Trans. Circuits Syst. II, vol. 43, no. 4, pp. 1019–1027, Nov. 2006.
[102] C.-C. Wong and H.-C. Chang, “High-efficiency processing schedule for parallel turbo decoders using QPP interleaver,” IEEE Trans. Circuits Syst. I, vol. 58, no. 6, pp.
1412–1420, Jun. 2011.
[103] J. Park, J.-T. Hwang, and Y.-C. Kim, “FPGA and ASIC implementation of ECC processor for security on medical embedded system,” in Proc. IEEE Int. Conf. Inf.
Technol. Appl., vol. 2, 2005, pp. 547–551.
[104] S. K. Mathew, F. Sheikh, M. Kounavis, S. Gueron, A. Agarwal, S. K. Hsu, H. Kaul, M. A. Anders, and R. K. Krishnamurthy, “53 Gbps native GF (24)2 composite-field AES-encrypt/decrypt accelerator for content-protection in 45 nm high-performance microprocessors,” IEEE J. Solid-State Circuits, vol. 46, no. 4, pp. 767–776, Apr.
2011.
[105] P.-C. Liu, J.-H. Hsiao, H.-C. Chang, and C.-Y. Lee, “A 2.97 Gb/s DPA-resistant AES engine with self-Generated random sequence,” in European Solid-State Circuits Conference (ESSCIRC), Sep. 2011, pp. 71–74.
[106] C. Tokunaga and D. Blaauw, “Securing encryption systems with a switched capac-itor current equalizer,” vol. 45, no. 1, pp. 23–31, Jan. 2010.
[107] T. Good and M. Benaissa, “692-nW advanced encryption standard (AES) on a 0.13-µm CMOS,” IEEE Trans. VLSI Syst., vol. 18, no. 12, pp. 1753–1757, Dec.
2010.
[108] F. Rodriguez-Henriquez, N. A. Saqib, A. Diaz-P´erez, and C¸ etin Kaya Ko¸c, “Crypto-graphic algorithms on reconfigurable hardware,” in Springer Series on Signals and Communication Technology, 2006.
[109] C. Gentry, “A fully homomorphic encryption scheme,” Ph.D. dissertation, Stanford University, 2009. [Online]. Available: http://crypto.stanford.edu/craig/