Exploring the speed limit of SM2

In this paper, we explore the serial and parallel point multiplication speed limit of SM2 public key cryptographic algorithm. The optimization criteria for our design is speed, we carry out a thorough analysis on SM2 point multiplication structure and summarize three main factors that contributes to the ultra high-speed realization of point multiplication: the performance of modular multiplier, point coordinates representation and scheduling, scalar representation. For the first time, we introduce a one-cycle 256-bit multiplier to speedup point multiplication. Based on the multiplier, we rearrange the scheduling algorithm of point doubling and addition. A detailed performance comparison between NAF and w-NAF encoding is also conducted. Synthesized in 0.13μm CMOS standard cell library, our serial architecture can perform more than 49000 point multiplications per second, the fastest in the open literature. With 2 multipliers in parallel, the speed can reach as high as 56617. However, the multiplier utilization in parallel architecture is only 66.7%, so we propose to use multi-cores instead of multi-multipliers scheme to obtain better area-time product.