A High-Performance Hardware Architecture for ECC Point Multiplication over Curve25519

As one of the most secure ECC curves, Curve25519 is employed by some secure protocols, such as TLS 1.3, IRTF’s RFC7748, Diffie-Hellman Private Set Intersection (DH-PSI) protocol, etc. High performance implementation of ECC is required, especially for the DH-PSI protocol. Point multiplication, the chief cryptographic primitive in ECC, is computationally expensive. To improve the performance of DH-PSI protocol, we propose a novel and high-performance hardware architecture for point multiplication over Curve25519. The proposed architecture features a pipelined Finite-field Arithmetic Unit (FAU) and a simple and highly efficient instruction set architecture (ISA). Compared to the best existing work on Xilinx Zynq 7000 series FPGA, our implementation with one Processing Element (PE) can achieve 3.14x speedup on the same device. To the best of our knowledge, our implementation appears to be the fastest among the state-of-the-art works. We also have implemented our proposed architecture consisting of 4 Compute Groups (CGs), each with 16 PEs, on an Intel Agilex AGF027 FPGA. The experimental results show the peak performance of 4.52 Mops/s (million point multiplication operations per seconds) can be achieved. Moreover, the measured performance of 4.48 Mops/s is achieved, with the PE utilization of 99% and at the cost of 86 Watts power, which is the record-setting performance for point multiplication over Curve25519 on FPGAs.