Yier Jin,Haibin Shen

DOI: https://doi.org/10.1109/icsict.2006.306633

2006-01-01

Abstract:A new unbalanced exponent modular reduction over GF(2m) is proposed. The algorithm can achieve high efficiency when computing on a certain class of fields generated by f(x) = xm + T(x) where deg[T(x)] Lt C m. The algorithm is applied in modular multiplication on the basis of scalable polynomial basis(SPB) to form scalable modular multiplication. Most of irreducible polynomials used in elliptic curve cryptography(ECC) fulfil the characteristic mentioned above well. So the scalable algorithm is implemented in ECC computation with high flexibility and efficiency both in theoretic calculation and application

Hai-bin SHEN,Hua-feng CHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.09.004

2006-01-01

Abstract:To accelerate point multiplication operation of elliptic curve cryptography (ECC), a fast reduction algorithm for modular operation was introduced. The algorithm applied the characteristic of the small second item's degree of irreducible polynomial in characteristic 2 finite field. Based on the algorithm and projective Montgomery point multiplication algorithm, a configurable ECC accelerator using very large scale integrated circuit technology was proposed. Scalable field design and unique pipeline technique was adapted in the accelerator. Simulation results show that the accelerator designed by the algorithm can rapidly complete ECC point multiplication operation. When 162 bits key and 192 bits key are selected, the point multiplication operation takes 0.22 ms and 0.43 ms respectively. The accelerator has simple interface and good flexibility, and provides a method for hardware implementation of public key cryptography algorithm.

Yi’er Jin,Haibin Shen,Huafeng Chen,Xiaolang Yan

DOI: https://doi.org/10.1007/s11767-006-0257-4

2008-01-01

Abstract:A new structure of bit-parallel Polynomial Basis (PB) multiplier is proposed, which is based on a fast modular reduction method. The method was recommended by the National Institute of Standards and Technology (NIST). It takes advantage of the characteristics of irreducible polynomial, i.e., the degree of the second item of irreducible polynomial is far less than the degree of the polynomial in the finite fields GF(2 m ). Deductions are made for a class of finite field in which trinomials are chosen as irreducible polynomials. Let the trinomial be x m + x h +1, where 1 ≤ k ≤ [m/1]. The proposed structure has shorter critical path than the best known one up to date, while the space requirement keeps the same. The structure is practical, especially in real time cryptographic applications.

ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

WANG Long,BAI Guo-qiang

2008-01-01

Abstract:RSA and ECC are two prevailing public-key crypto-systems.In order to demonstrate the feasibility of using an RSA coprocessor to accelerate the ECC algorithm,we presented a new method for implementing modular inversion which is required by the ECC algorithm.The new method is based on the Montgomery multiplication algorithm and the Montgomery inversion algorithm.We proposed a modification to the Montgomery inversion algorithm and improved the RSA coprocessor.With regard to performance and hardware cost,the new method compares favorably with other methods for modular inversion.The new method is 2.2 times and 7.2 times faster than the implementations based on the extended Euclidean algorithm and those based on Fermat's little theorem,respectively.

Jean-Guillaume Dumas,Laurent Fousse,Bruno Salvy

DOI: https://doi.org/10.1016/j.jsc.2010.08.015

2008-08-30

Abstract:We present algorithms to perform modular polynomial multiplication or modular dot product efficiently in a single machine word. We pack polynomials into integers and perform several modular operations with machine integer or floating point arithmetic. The modular polynomials are converted into integers using Kronecker substitution (evaluation at a sufficiently large integer). With some control on the sizes and degrees, arithmetic operations on the polynomials can be performed directly with machine integers or floating point numbers and the number of conversions can be reduced. We also present efficient ways to recover the modular values of the coefficients. This leads to practical gains of quite large constant factors for polynomial multiplication, prime field linear algebra and small extension field arithmetic.

Symbolic Computation,Number Theory

Haibo Yu,Guoqiang Bai,Huikang Hao

DOI: https://doi.org/10.1007/978-3-319-19647-3_28

2015-01-01

Abstract:In this paper, we propose an efficient modular reduction algorithm without correction phase based on Barrett reduction algorithm. We eliminate the error between the estimated quotient and the real one, which leads that the proposed algorithm can perform modular reduction with less operation steps. On the other hand, it can also make for a decrease in extra subtraction circuits. According to the data flow diagram, it is crystal clear that the number of control steps of original Barrett algorithm is twice the proposed algorithm. Therefore, the throughput of our method is doubled compared with Barrett algorithm with same clock frequency. Additionally, the proposed method can be a good solution for high-speed applications.

LIU Qiang,Tong Dong,CHENG Xu

DOI: https://doi.org/10.3321/j.issn:0372-2112.2005.05.033

2005-01-01

Abstract:AbstrcatThe rapid advance in communication technology brings a request for cryptoprocessors of higher performance.In the design of the RSA modular exponentiator,the Montgomery modular multiplication algorithm and the right-to-left binary method are used and modified considering large-bit modular multiplication and VLSI implementation.A Carry Save Adder structure is used in the modular multiplier,to avoid the long carry propagation.We propose a Signal Multi-Backup strategy to resolve the problem of large loads that are caused by the signal broadcasting of large-bit operation structures.

Ping Luo,Yiqi Dai

2004-01-01

Abstract:A modular multiplication is one of the most important operations in public-key cryptography like RSA cryptosystem. This paper is just devoted to a practical method and construction of speeding up such operation. Furthermore, the modular multiplication expansions are given and based on these expansions the fast modular multiplication and parallel algorithms axe proposed.

Bo Zhang,Zeming Cheng,Massoud Pedram

DOI: https://doi.org/10.1109/tvlsi.2024.3368002

2024-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:Modular multiplication (MM) is a fundamental operation in many cryptographic and arithmetic applications. In this article, we present an improved Barrett modular multiplication (BMM) algorithm and its hardware-efficient implementation. The proposed algorithm leverages parallel computation of quotient and intermediate results, enhancing overall efficiency. To further optimize the algorithm, two optimizations are introduced, replacing expensive multiplications and additions with more efficient compression and encoding operations at each iteration. We first introduce a novel data model that enables the use of a 2-bit adder to handle potential overflow in signed addition. Moreover, by employing a 3-bit addition on intermediate results, we eliminate the need for complete round operations while ensuring the desired result range. The experimental results demonstrate significant improvements in terms of area and computation time compared to existing classic BMM and Montgomery modular multiplication (MMM) designs. Our improved BMM outperforms these designs, particularly in high-radix scenarios. This work provides a valuable contribution to the field of MM, offering a hardware-efficient solution for achieving improved performance in cryptographic and arithmetic systems.

engineering, electrical & electronic,computer science, hardware & architecture

Yuxuan Zhang,Hua Guo,Chen Chen,Yewei Guan,Xiyong Zhang,Zhenyu Guan

2024-07-18

Abstract:Montgomery modular multiplication is widely-used in public key cryptosystems (PKC) and affects the efficiency of upper systems directly. However, modulus is getting larger due to the increasing demand of security, which results in a heavy computing cost. High-performance implementation of Montgomery modular multiplication is urgently required to ensure the highly-efficient operations in PKC. However, existing high-speed implementations still need a large amount redundant computing to simplify the intermediate result. Supports to the redundant representation is extremely limited on Montgomery modular multiplication. In this paper, we propose an efficient parallel variant of iterative Montgomery modular multiplication, called DRMMM, that allows the quotient can be computed in multiple iterations. In this variant, terms in intermediate result and the quotient in each iteration are computed in different radix such that computation of the quotient can be pipelined. Based on proposed variant, we also design high-performance hardware implementation architecture for faster operation. In the architecture, intermediate result in every iteration is denoted as three parts to free from redundant computations. Finally, to support FPGA-based systems, we design operators based on FPGA underlying architecture for better area-time performance. The result of implementation and experiment shows that our method reduces the output latency by 38.3\% than the fastest design on FPGA.

Cryptography and Security

Shuguo Li,Zhen Gu

DOI: https://doi.org/10.1109/apccas.2018.8605566

2018-01-01

Abstract:Lazy reduction and multi-precision division are significant methods in fields involving Residue Number Systems like pairings and fully homomorphic encryption. In this paper, we present lazy reductions and multi-precision divisions based on Montgomery and Barrett modular reductions. Also, simplified parameter choices in modular reductions and a new method of multi-precision division are proposed. The proposed method of multi-precision division requires fewer cycles than the block-wise method and fewer multiplier resources than the lazy Barrett modular reduction.

Renfeng Dou,Jun Han,Yifan Bo,Zhiyi Yu,Xiaoyang Zeng

DOI: https://doi.org/10.1109/tvlsi.2013.2294339

2014-11-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:The modular multiplication (MM) is a key operation in cryptographic algorithms, such as RSA and elliptic-curve cryptography. Multicore processor is a suitable platform to implement MM because of its flexibility, high performance, and energy-efficiency. In this paper, we propose a block-level parallel algorithm for MM with quotient pipelining and optimally map it on a network-on-chip-based multicore platform equipped with broadcasting mechanism. Aiming at highest performance, a theoretical speedup model for parallel MM is also developed for parameter exploration that optimizes task partitioning. Experimental results based on a multicore prototype show that compared with the sequential MM on single core, the parallel implementation proposed in this paper maximizes the speedup ratio with regard to given intercore communication latency.

engineering, electrical & electronic,computer science, hardware & architecture

Yongcheng He,Changhao Zhao,Genting Dai,Kaiyong He,Xiao Geng,Jianshe Liu,Wei Chen

DOI: https://doi.org/10.1007/s11128-022-03736-x

IF: 1.965

2022-01-01

Quantum Information Processing

Abstract:Shor’s factoring algorithm contains controlled modular exponentiation which can be further reduced as a series of controlled modular multipliers with constant. For the controlled modular multiplier with constant, this paper proposes a binary-exponent-based recombination (BER) protocol which could substantially reduce the number of addends. Based on the BER protocol, BER algorithms are constructed by the topdown hierarchy of controlled modular exponentiation, controlled modular multiplier with constant, controlled modular adder and plain adders. A complexity analysis reveals that BER algorithm reduces the number of plain adders in the controlled modular exponentiation by an average of about 42% compared with Vedral–Barenco–Ekert algorithm, thus significantly decreasing the depth and total Toffoli gates of the quantum circuits. The BER protocol can be widely used in various controlled modular multipliers as a promising ingredient of quantum factoring algorithm.

Tao Wu,Shu-Guo Li,Li-Lian Liu

DOI: https://doi.org/10.1109/icsict.2012.6467863

2012-01-01

Abstract:Modular multipliers of medium or small sizes can be implemented by Barrett modular reduction algorithm. In this work, based on the folded Barrett modular reduction algorithm, we propose a two-stage pipelined modular multiplier for residue arithmetic. In terms of Time×Area, the proposed architecture is more efficient than the modular multiplier by present Barrett modular reduction algorithm.

Tao Wu,ShuGuo Li,LiTian Liu

DOI: https://doi.org/10.1007/s11432-014-5215-4

2015-01-01

Science China Information Sciences

Abstract:This paper improves the quotient-pipelined high radix scalable Montgomery modular multiplier by processing w-bit and k-bit words in carry save form instead of some(w + k)-bit length operands. It directly reduces both the critical path and the area overhead of the original processing elements. Then based on this improved high-radix scalable Montgomery modular multiplier, we propose an efficient hardware architecture for RSA decryption with Chinese Remainder Theorem. With simple configuration logics, the hardware unit works in three modes:(1) scalable modular reduction for precomputation,(2) scalable Montgomery modular multiplication for modular exponentiation, where an approximation method is developed to reduce the expanded result below the modulus, and(3) scalable multiplication for post-processing. Hardware implementation shows that the proposed architecture is optimal with reference to the literature in terms of speed, area, and frequency.A 4096-bit RSA decryption in XC2V6000-6 FPGA can be completed in 11.05 ms with 14041 slices/17409 LUTs,128 16 × 16 multipliers, and 70 kbits of block RAMs. Finally, by the use of Montogmery powering ladder the modular exponentiation unit based on the improved high radix scalable Montgomery modular multiplier can be built resistant to fault and simple power attacks. A 1024-bit modular exponentiation unit with such resistances costs about 255 K NAND2 gates in.18 μm CMOS process, and one full modular exponentiation takes about1.44 ms at 250 MHz.

Wei Li,Juhua Liu,Guoqiang Bai

DOI: https://doi.org/10.1109/cstic.2018.8369323

2018-01-01

Abstract:In this paper, we explore the fast modulus inverse algorithm and its implementation. For the first time, we proposed a radix-8 modulus algorithm to speed up the point multiplication in SM2 public key cryptographic algorithm, which is established as the ECC standard of China for commercial applications released by the State Cryptographic Administration of China in December 2010. The critical path delay of our hardware implementation of SM2 is the delay of a one-cycle 256-bit multiplier, which is difficult to get a further reduction. The possibility of further optimization is reducing the number of cycles needed by the binary modulus inverse without changing the critical path delay when converting the Jacob coordinates back to affine coordinates. The radix-8 binary inverse algorithm can reduce the number of cycles significantly by 33.2% on average compared with the radix-4 binary inverse algorithm, which needs 256 cycles at most to complete the conversion.

Tao Wu,Shuguo Li,Litian Liu

DOI: https://doi.org/10.1016/j.vlsi.2012.09.002

IF: 1.345

2013-01-01

Integration

Abstract:In this paper, the primitive common-multiplicand Montgomery modular multiplication is developed for modular exponentiation. Together with Montgomery powering ladder, a fast, compact and symmetric modular exponentiation architecture is proposed for hardware implementation. The architecture consists of one group of processing elements along the central line and two symmetric groups of accumulation units on two sides. The central elements perform modular reductions, while the symmetric units on both sides accumulate the modular multiplication results. A feedforwarding architecture is employed to decrease the latency between processing elements, in parallel with the word-based accumulation units, which are also pipelined. Meanwhile, due to the symmetric architecture and Montgomery powering ladder, the modular exponentiation is immune from fault and simple power attacks. Implemented in FPGA platform, the performance of our proposed design outperforms most results so far in the literature.

Xingjun Wu,Hongyi Chen,Yihe Sun,Weixin Gai

DOI: https://doi.org/10.1023/a:1021110405895

2003-01-01

Abstract:In this paper, a fully-pipeline linear systolic array based on adjusted Montgomery's algorithm is presented to perform modular multiplication at extremely high speed. The processing element ( PE) consists of only 4 full-adders and 14 flip-flops. Three-stage internal pipelined PE results in a very short critical path with only a one-bit full-adder delay. Thus, it can run at a very high cycle rate. The total execution time for an n-bit modular multiplication is 2n + 11 cycles with only (n/2+ 2) PEs. A modular exponentiation based on it takes (3n + 16.5)n cycles in average. Compared with most published VLSI modular multipliers, the hardware complexity is greatly reduced while keeping very high throughput. Therefore it is a good candidate of the arithmetic units used in the many public-key crypto-systems, e.g. RSA, Elliptic Curve and so on, especially for the embedded applications concerning information security.

Zhen Gu,Shuguo Li

DOI: https://doi.org/10.1109/edssc.2017.8126447

2017-01-01

Abstract:Karatsuba Multiplication Algorithm is commonly used in modular multiplications of public-key cryptosystems with large key sizes. The overlapped summation in Karatsuba Multiplication is difficult for parallel acceleration in hardware implementations. This paper proposes a method of avoiding the overlapped summation under the circumstances of calculating Montgomery Modular Multiplication. The proposed method has fewer addition rows and better parallelism.