Haibin Shen,Yier Jin,Rongquan You

DOI: https://doi.org/10.1109/ICICIC.2006.180

2006-01-01

Abstract:Modular reduction is the basic operation of cryptographic systems. The Barrett's algorithm and Montgomery's algorithm are widely used nowadays and they are both based on pre-computation. In the field of elliptic curve cryptosystem (ECC) over GF(2m), the reduction polynomials recommended by SEC have few items and the degree of second item is much less than that of the first one. Making use of this characteristic, the paper presents a new method to accelerate modular reduction without pre-computation which speeds up modular reduction by 10-30 times over GF(2m) and speeds up ECC point multiplication by 40%-50%. This algorithm has been implemented in a high-speed public-key cipher accelerator

Hai-bin SHEN,Hua-feng CHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.09.004

2006-01-01

Abstract:To accelerate point multiplication operation of elliptic curve cryptography (ECC), a fast reduction algorithm for modular operation was introduced. The algorithm applied the characteristic of the small second item's degree of irreducible polynomial in characteristic 2 finite field. Based on the algorithm and projective Montgomery point multiplication algorithm, a configurable ECC accelerator using very large scale integrated circuit technology was proposed. Scalable field design and unique pipeline technique was adapted in the accelerator. Simulation results show that the accelerator designed by the algorithm can rapidly complete ECC point multiplication operation. When 162 bits key and 192 bits key are selected, the point multiplication operation takes 0.22 ms and 0.43 ms respectively. The accelerator has simple interface and good flexibility, and provides a method for hardware implementation of public key cryptography algorithm.

Yi’er Jin,Haibin Shen,Huafeng Chen,Xiaolang Yan

DOI: https://doi.org/10.1007/s11767-006-0257-4

2008-01-01

Abstract:A new structure of bit-parallel Polynomial Basis (PB) multiplier is proposed, which is based on a fast modular reduction method. The method was recommended by the National Institute of Standards and Technology (NIST). It takes advantage of the characteristics of irreducible polynomial, i.e., the degree of the second item of irreducible polynomial is far less than the degree of the polynomial in the finite fields GF(2 m ). Deductions are made for a class of finite field in which trinomials are chosen as irreducible polynomials. Let the trinomial be x m + x h +1, where 1 ≤ k ≤ [m/1]. The proposed structure has shorter critical path than the best known one up to date, while the space requirement keeps the same. The structure is practical, especially in real time cryptographic applications.

ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

Tao Wu,Shuguo Li,Litian Liu

DOI: https://doi.org/10.1109/iccsnt.2012.6525895

2012-01-01

Abstract:Due to complex hardware architecture and heavy computation, it is difficult to perform modular multiplications over large integers. In this paper, we propose a low-latency scalable modular multiplier for multi-precision modular multiplications. Unlike popular scalable architectures by Montgomery algorithm, the classic modular multiplication A · B mod M is directly implemented here. Low latency can be obtained by deferring the uses of most significant bits during the interleaving modular multiplications. Also, the critical path of processing elements is greatly reduced by carry-save additions. While the scalable modular multiplier obtains comparable performance with optimal scalable Montgomery modular multiplier, its area overhead increases since more registers and selection logics are employed. The proposed modular multiplier is convenient for variant operands and nonsuccessive modular multiplications, where it is more energy-efficient than popular scalable Montgomery modular multipliers.

Yuxuan Zhang,Hua Guo,Chen Chen,Yewei Guan,Xiyong Zhang,Zhenyu Guan

2024-07-18

Abstract:Montgomery modular multiplication is widely-used in public key cryptosystems (PKC) and affects the efficiency of upper systems directly. However, modulus is getting larger due to the increasing demand of security, which results in a heavy computing cost. High-performance implementation of Montgomery modular multiplication is urgently required to ensure the highly-efficient operations in PKC. However, existing high-speed implementations still need a large amount redundant computing to simplify the intermediate result. Supports to the redundant representation is extremely limited on Montgomery modular multiplication. In this paper, we propose an efficient parallel variant of iterative Montgomery modular multiplication, called DRMMM, that allows the quotient can be computed in multiple iterations. In this variant, terms in intermediate result and the quotient in each iteration are computed in different radix such that computation of the quotient can be pipelined. Based on proposed variant, we also design high-performance hardware implementation architecture for faster operation. In the architecture, intermediate result in every iteration is denoted as three parts to free from redundant computations. Finally, to support FPGA-based systems, we design operators based on FPGA underlying architecture for better area-time performance. The result of implementation and experiment shows that our method reduces the output latency by 38.3\% than the fastest design on FPGA.

Cryptography and Security

Zhihua Chen,Yihe Sun,Guoqiang Bai

DOI: https://doi.org/10.1109/ICASIC.2003.1277442

2003-01-01

Abstract:This paper describes a new scalable architecture of Montgomery modular multiplier (MMM) using our improved FIOS algorithm. This algorithm and architecture can manipulate operands of any precision (bit length) in dual field (prime field and binary field) and has the advantage of using relatively smaller latency (clock cycles) to complete one modular multiplication. Our architecture is reusable and has high performance with respect to latency, timing, area, etc.

Tao Wu,ShuGuo Li,LiTian Liu

DOI: https://doi.org/10.1007/s11432-014-5215-4

2015-01-01

Science China Information Sciences

Abstract:This paper improves the quotient-pipelined high radix scalable Montgomery modular multiplier by processing w-bit and k-bit words in carry save form instead of some(w + k)-bit length operands. It directly reduces both the critical path and the area overhead of the original processing elements. Then based on this improved high-radix scalable Montgomery modular multiplier, we propose an efficient hardware architecture for RSA decryption with Chinese Remainder Theorem. With simple configuration logics, the hardware unit works in three modes:(1) scalable modular reduction for precomputation,(2) scalable Montgomery modular multiplication for modular exponentiation, where an approximation method is developed to reduce the expanded result below the modulus, and(3) scalable multiplication for post-processing. Hardware implementation shows that the proposed architecture is optimal with reference to the literature in terms of speed, area, and frequency.A 4096-bit RSA decryption in XC2V6000-6 FPGA can be completed in 11.05 ms with 14041 slices/17409 LUTs,128 16 × 16 multipliers, and 70 kbits of block RAMs. Finally, by the use of Montogmery powering ladder the modular exponentiation unit based on the improved high radix scalable Montgomery modular multiplier can be built resistant to fault and simple power attacks. A 1024-bit modular exponentiation unit with such resistances costs about 255 K NAND2 gates in.18 μm CMOS process, and one full modular exponentiation takes about1.44 ms at 250 MHz.

Nian Xue,Yun Pan,Zhang Yuhong,Xiaolang Yan

2010-01-01

Abstract:A radix-4 Montgomery modular multiplication and the optimized circuit architecture are presented.It can reduce iterations of traditional radix-2 modular multiplication to about 50%.Based on this module,the implementation of high speed RSA encryption processor follows completely parallel modular exponentiation flow with Carry Save Addition(CSA) structure to perform long integer arithmetic.This avoids the repeated interim output/output format conversion.Result shows that the optimization is technology independent and thus should suit well for not only FPGA implementation but also ASIC.This design can complete a standard 1 024 bit RSA encrypt operation with only 9 836 clock cycles.Compared to the recently proposed design in the literature,the proposed design can achieve an increase of over 50% in throughput.

Zhaoji Zhang,Peiyong Zhang

DOI: https://doi.org/10.3390/electronics11223712

IF: 2.9

2022-01-01

Electronics

Abstract:The Montgomery modular multiplication is an integral operation unit in the public key cryptographic algorithm system. Previous work achieved good performance at low input widths by combining Redundant Binary Representation (RBR) with Montgomery modular multiplication, but it is difficult to strike a good balance between area and time as input bit widths increase. To solve this problem, based on the redundant Montgomery modular multiplication, in this paper, we propose a flexible and pipeline hardware implementation of the Montgomery modular multiplication. Our proposed structure guarantees a single-cycle delay between two-stage pipeline units and reduces the length of the critical path by redistributing the data paths between the pipelines and preprocessing the input in the loop. By analyzing the structure and comparing the related work in this paper, our structure ensures a lower area-time product while achieving a controllable and small area consumption. The comprehensive results under different Taiwan Semiconductor Manufacturing Company (TSMC) processes demonstrate the advantages of our structure in terms of flexibility and area-time product.

Jinnan Ding,Shuguo Li

DOI: https://doi.org/10.1109/TCSII.2019.2932328

2020-01-01

Abstract:In this brief, a non-least positive form (NLP) based modular multiplication method that combines Karatsuba and schoolbook multiplication is applied in Montgomery modular multiplication, which saves 2 base multiplications compared to Karatsuba-only designs and allows pipeline structure to make most use of the parallelism in large modular multiplications. Based on this method, 256-bit and 512-bit modular multipliers are constructed with 3-way and 4-way NLP multipliers on FPGA platform. Implemented on Virtex-6, the 256-bit design can perform a modular multiplication in 62.6 ns and only requires 3.5K LUTs and 24 DSPs, which exhibits low-latency and low-cost among previous works.

Hongfei Ke,Hao Li,Peiyong Zhang

DOI: https://doi.org/10.1016/j.mejo.2023.106085

IF: 1.992

2023-01-01

Microelectronics Journal

Abstract:Modular multiplication plays a crucial role in modern cryptography. Montgomery modular multiplication(MMM), one of the most classic and practical modular multiplication algorithms, has been widely used in cryptographic algorithms such as RSA, Diffie–Hellman algorithm, and Elliptic Curve Cryptography. In this paper, we incorporate negative wrapped convolution (NWC) into the FFT-based Montgomery modular multiplication to avoid the issue of zero-padding and use carry-save arithmetics for parallel computation. By utilizing coefficient pairs (pos_part and neg_part), we reconstruct the final result and eliminate the restrictions imposed by nega-cyclic parts. Moreover, Karatsuba-like algorithm is introduced for building fine-grained large integer multipliers. We have modified the parameter specifications for our design to meet requirements from diverse application scenarios. We implement the design on Xilinx Virtex-7 FPGA under different conditions and compare the results with the state-of-the-art MMM designs. The comparisons confirm that our design has the following characteristics: low latency for process, competitive area-latency-product(ALP), efficient DSP usage, and constant delay, which enhances security against timing attacks.

Xingjun Wu,Hongyi Chen,Yihe Sun,Weixin Gai

DOI: https://doi.org/10.1023/a:1021110405895

2003-01-01

Abstract:In this paper, a fully-pipeline linear systolic array based on adjusted Montgomery's algorithm is presented to perform modular multiplication at extremely high speed. The processing element ( PE) consists of only 4 full-adders and 14 flip-flops. Three-stage internal pipelined PE results in a very short critical path with only a one-bit full-adder delay. Thus, it can run at a very high cycle rate. The total execution time for an n-bit modular multiplication is 2n + 11 cycles with only (n/2+ 2) PEs. A modular exponentiation based on it takes (3n + 16.5)n cycles in average. Compared with most published VLSI modular multipliers, the hardware complexity is greatly reduced while keeping very high throughput. Therefore it is a good candidate of the arithmetic units used in the many public-key crypto-systems, e.g. RSA, Elliptic Curve and so on, especially for the embedded applications concerning information security.

CHEN Hongyi,GAI Weixin

DOI: https://doi.org/10.3321/j.issn:1000-0054.1998.03.003

1998-01-01

Abstract:A novel systolic linear array modular multiplier is presented which ideally performs the parallel modular multiplication based on the algorithm of Montgomery. The total execution time for an n bit modular multiplication is 2n+11 clock cycles. To further increase the throughput the three stage pipeline architecture is adopted inside the processing element, so that every one bit result outputs at one clock cycle when the pipeline is filled. Each pipeline stage only contains the operation of an one bit full adder. Moreover, with the purely nearest neighbor communication, the interconnect delay is also very short. Therefore it can work at a high clock frequency. On the other hand, every processing element is simple, mainly consisting of four full adders and fourteen flip flops. For n bit modular multiplication, the cost of the hardware is 46 n +184 gates. So this novel linear systolic array for modular multiplication is a speed and area optimized system, suitable for the VLSI implementation. It can be used for modular exponentiation which is a kernel operation in many public key cryptosystems such as RSA. With clock frequency of 200MHz by using 0.8μm CMOS technology, the throughput can reach 129kb/s with a single modular multiplier chip.

WANG Di-li,BAI Guo-qiang,CHEN Hong-yi

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2010.05.001

2010-01-01

Abstract:In this paper, regular and flexible hardware architecture based on the systolic array for implementing the multiple-word radix-2 Montgomery multiplication algorithm is proposed, and it has been used to implement the algorithm in FPGA for different bit-widths. The architecture successfully limits the critical path of the systolic array to the critical path of the adder in a processing element, without any additional circuits or clock cycles needed. According to the hardware implement results, the proposed architecture has higher frequency, less latency and less area.

Shiqi Zhang,Shuguo Li

DOI: https://doi.org/10.1109/cisce55963.2022.9851149

2022-01-01

Abstract:In the public-key cryptographic algorithms like RSA and ECC algorithms, the modular multiplier is the basic and frequently used operation. The core of the modular multiplier is the large integer multiplication. In this paper, we firstly propose a design of multicycle 258-bit KO-3 multiplication based on deduced Karatsuba-Ofman algorithm and further apply this multiplication in the 256-bit pipeline Montgomery modular multiplier. The design is implemented with Verilog hardware description language and we get the synthesis report with Synopsys Design Compiler under SMIC 65nm library. Our design runs a Montgomery modular multiplier in 17 clock cycles and the total latency is 37.4ns. The area of the design is 145281 um2 approximately. Compared with other designs under the same library, our design costs less area and power and can balance the delay-area at the same time.

Ruirui Liu,Shuguo Li

DOI: https://doi.org/10.1109/iscas.2019.8702684

2019-01-01

Abstract:Large integer multiplication is the critical operation to design a modular multiplier. Karatsuba algorithm(KO algorithm) to split the operands into two parts is generally used to design a large integer multiplier. In this paper, we firstly propose a design of 258-bit multiplier based on KO-3 algorithm deduced by KO algorithm, with which hardware resources can be reduced than KO algorithm. Then we construct a 256-bit four-stage pipelined Montgomery modular multiplier on the base of proposed multiplier. Finally, we implement the design of modular multiplier on Virtex-6 FPGA platform. This design can run at the clock rate of 68 MHz with 187.9k LUTs approximately. In addition, our design can obtain the result of Montgomery modular multiplier for every clock. Compared with other designs on FPGA, our design shows a better performance in term of area-time product.

Qiang Liu,Xu Cheng

DOI: https://doi.org/10.1109/mwscas.2005.1594351

2005-01-01

Abstract:Our recently proposed distributed module cluster (DMC) micro-architecture, which is used for long-bit modular multipliers of RSA cryptosystems, is based on a systolic array in which the processing cells are all one-bit long. In the design space exploration of this DMC architecture with TSMC deep sub-micron CMOS standard-cell technology, various widths of processing cells are implemented in the systolic array. The result analysis shows that when the fully serial systolic architecture is used, in which one cell processes one bit, the DMC architecture achieves the highest frequency hence the best performance. If the time and area overhead is represented as time-area product, it is one of the most cost-efficient designs as well

Qiqi Tao,Liying Li,Junlong Zhou,Guitao Cao,Dan Meng

DOI: https://doi.org/10.1016/j.sysarc.2024.103142

IF: 5.836

2024-05-01

Journal of Systems Architecture

Abstract:Homomorphic encryption is an important technology for protecting data privacy, and the performance of modular multiplication directly affects the efficiency of homomorphic encryption. Currently, there are numerous FPGA-based acceleration techniques targeting modular multiplication. However, many of these implementations require substantial hardware resources or suffer from resource imbalance. This leads to a lower throughput. Therefore, we present a novel FPGA-based implementation of Montgomery Modular Multiplication aimed at addressing these challenges. Our design employs a suitable radix bit width and word size based on the digital signal processing (DSP) bit width rather than the conventional binary powers of two. We aim to instantiate more modular multipliers using limited resources while minimizing latency. We also introduce a novel DSP cascade structure, called parallel grouping cascade DSP, which reduces the number of clock cycles of internal multipliers. To balance the ratio of lookup table (LUT) and DSP usage, we also use multipliers implemented in the LUT to replace some DSPs. Our results, implemented on Xilinx Virtex-7 field-programmable gate array (FPGA), demonstrate more than 27% improvement in throughput on 1024-bit modular multiplication and more than 70% improvement on 2048-bit compared to the best previous state-of-the-art references.

computer science, software engineering, hardware & architecture

Wujian ZHANG,Songhai LIANG,Runde ZHOU

DOI: https://doi.org/10.3321/j.issn:1000-0054.1999.Z1.004

1999-01-01

Abstract:This paper presents an embedded Montgomery modular multiplier. It can be embedded into CPU smart card, and co implements various public key cryptographic algorithms based on large integers' modular exponention. The finely integrated product scanning (FIPS) method is used to adapt the design to the character of embedding. This modular multiplier's throughput is highly improved by the concurrently operation of the functional units and the Ping Pong access of the blocked RAM. At a clock rate of 10MHz, it will take less than 40ms to implement 512bit modular exponention using this modular multiplier.