
Low-Latency Digital Signature Verification for V2X Communication
V2X (Vehicle-to-Everything) communication requires every transmitted message to be digitally authenticated in real time. At highway speeds this must happen in under 1 millisecond — far too fast for general-purpose software.
This project implements a dedicated hardware IP block that performs ECDSA (Elliptic Curve Digital Signature Algorithm) verification, the industry standard for V2X security defined in IEEE 1609.2.
V2X Packet Input ui_in[7:0] │ ┌──────▼───────┐ ┌──────────────┐ │ Auth │────▶│ Key Manager │ │ Coprocessor │ │ (cert cache)│ └──────┬───────┘ └──────────────┘ │ ┌──────▼────────────────────────┐ │ ECC Core │ │ ┌────────────────────────┐ │ │ │ Modular Inverse │ │ s⁻¹ mod n │ ├────────────────────────┤ │ │ │ Scalar Multiplier │ │ u1, u2 │ ├────────────────────────┤ │ │ │ Point Multiplier │ │ u1·G + u2·Q │ ├────────────────────────┤ │ │ │ Comparator │ │ R'.x mod n =?= r │ └────────────────────────┘ │ └──────┬────────────────────────┘ │ uo_out[0] auth_valid ✔ uo_out[1] auth_reject ✖
| Block | Function |
|---|---|
| Auth Coprocessor | Protocol parsing, FSM control, IEEE 1609.2 packet handling |
| Key Manager | Certificate and session key cache |
| Modular Inverse | Computes s⁻¹ mod n using Fermat's Little Theorem |
| Scalar Multiplier | Computes u1 = e·w mod n and u2 = r·w mod n |
| Point Multiplier | Computes u1·G + u2·Q using double-and-add |
| Comparator | Checks R'.x mod n == r to accept or reject |
e, signature (r, s), public key Qw = s⁻¹ mod nu1 = e·w mod n and u2 = r·w mod nR' = u1·G + u2·QR'.x mod n with r — match = VALID, mismatch = REJECT| Pin | Name | Description |
|---|---|---|
ui_in[7:0] |
data_in |
Serialised packet/key bytes |
ui_in[0] |
start |
Pulse HIGH to begin (in control mode) |
ui_in[1] |
soft_rst |
Soft reset |
ui_in[3:2] |
mode |
00=verify, 01=load_key |
uo_out[0] |
auth_valid |
HIGH = accepted |
uo_out[1] |
auth_reject |
HIGH = rejected |
uo_out[2] |
busy |
HIGH = computing |
uo_out[3] |
ecc_done |
Pulse on each ECC step done |
uo_out[4] |
key_loaded |
HIGH = key ready |
uo_out[5] |
packet_ready |
HIGH = packet received |
rst_n resetui_in[3:2] = 01 (load_key mode), pulse ui_in[0] (start)ui_in[7:0]uo_out[4] (key_loaded) = HIGHui_in[3:2] = 00 (verify mode), pulse ui_in[0] (start)ui_in[7:0]uo_out[2] (busy) = LOWuo_out[0] (auth_valid) or uo_out[1] (auth_reject)cd test/
make
None required.
| # | Input | Output | Bidirectional |
|---|---|---|---|
| 0 | start - Pulse HIGH to begin | auth_valid - HIGH when signature verified | |
| 1 | soft_rst - Soft reset active HIGH | auth_reject - HIGH when signature rejected | |
| 2 | mode0 - Mode select bit 0 | busy - HIGH while processing | |
| 3 | mode1 - Mode select bit 1 | ecc_done - Pulses when ECC step done | |
| 4 | data_in bit 4 | key_loaded - HIGH when key loaded | |
| 5 | data_in bit 5 | packet_ready - HIGH when packet received | |
| 6 | data_in bit 6 | ||
| 7 | data_in bit 7 |