Page 343 - Hardware Implementation of Finite-Field Arithmetic
P. 343
Optimal Extension Fields 323
f = 632E27FB
44
f = 9CD1D681
45
f = 632E27FC
51
f = 632E27FB
52
f = FFFFFE7C
53
f = 9CD1D681
54
f = 9CD1D682
55
B.2.2 mod p Reduction
In order to avoid the use of long-operand multipliers, nonrestoring, or SRT
reducers should be used. Nonrestoring and SRT reducers for k = 32 and
n = 64 have been implemented. The parameter values are the following:
constant N: natural := 64;
constant K: natural := 32;
-- COUNTER_SIZE is the number of bits of N-K-1
constant COUNTER_SIZE: natural := 5;
It is important to observe that the final steps (decoding from
stored-carry form to normal form and correction if the obtained result
is negative) are computed with carry-propagate adders and that the
corresponding delays could be greater than the clock period. As
mentioned in Comment 2.1, some kind of synchronization of the final
operations should be introduced, for example, adding s clock periods
with s such that sT > T .
CLK final steps
The implementation results are the following (Table B.4):
FFs LUTs Slices Period Cycles Total time
Nonrestoring 70 197 101 7.7 32 246.4
SRT 100 425 216 6.2 32 198.4
TABLE B.4 Cost and Delay of 64-bit to 32-bit mod Reducers
B.2.3 mod p Addition and Subtraction
The adder-subtractor of Fig. 3.3 has been implemented. The package
storing the parameter values is the following:
package addsub_parameters is
constant k: integer := 32;
constant m: std_logic_vector(k-1 downto 0) := X
”fffffe7d”;
end addsub_parameters;
