ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

Haibin Shen,Yier Jin,Rongquan You

DOI: https://doi.org/10.1109/ICICIC.2006.180

2006-01-01

Abstract:Modular reduction is the basic operation of cryptographic systems. The Barrett's algorithm and Montgomery's algorithm are widely used nowadays and they are both based on pre-computation. In the field of elliptic curve cryptosystem (ECC) over GF(2m), the reduction polynomials recommended by SEC have few items and the degree of second item is much less than that of the first one. Making use of this characteristic, the paper presents a new method to accelerate modular reduction without pre-computation which speeds up modular reduction by 10-30 times over GF(2m) and speeds up ECC point multiplication by 40%-50%. This algorithm has been implemented in a high-speed public-key cipher accelerator

Hai-bin SHEN,Hua-feng CHEN,Xiao-lang YAN

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.09.004

2006-01-01

Abstract:To accelerate point multiplication operation of elliptic curve cryptography (ECC), a fast reduction algorithm for modular operation was introduced. The algorithm applied the characteristic of the small second item's degree of irreducible polynomial in characteristic 2 finite field. Based on the algorithm and projective Montgomery point multiplication algorithm, a configurable ECC accelerator using very large scale integrated circuit technology was proposed. Scalable field design and unique pipeline technique was adapted in the accelerator. Simulation results show that the accelerator designed by the algorithm can rapidly complete ECC point multiplication operation. When 162 bits key and 192 bits key are selected, the point multiplication operation takes 0.22 ms and 0.43 ms respectively. The accelerator has simple interface and good flexibility, and provides a method for hardware implementation of public key cryptography algorithm.

LIU Qiang,Tong Dong,CHENG Xu

DOI: https://doi.org/10.3321/j.issn:0372-2112.2005.05.033

2005-01-01

Abstract:AbstrcatThe rapid advance in communication technology brings a request for cryptoprocessors of higher performance.In the design of the RSA modular exponentiator,the Montgomery modular multiplication algorithm and the right-to-left binary method are used and modified considering large-bit modular multiplication and VLSI implementation.A Carry Save Adder structure is used in the modular multiplier,to avoid the long carry propagation.We propose a Signal Multi-Backup strategy to resolve the problem of large loads that are caused by the signal broadcasting of large-bit operation structures.

Nian Xue,Yun Pan,Zhang Yuhong,Xiaolang Yan

2010-01-01

Abstract:A radix-4 Montgomery modular multiplication and the optimized circuit architecture are presented.It can reduce iterations of traditional radix-2 modular multiplication to about 50%.Based on this module,the implementation of high speed RSA encryption processor follows completely parallel modular exponentiation flow with Carry Save Addition(CSA) structure to perform long integer arithmetic.This avoids the repeated interim output/output format conversion.Result shows that the optimization is technology independent and thus should suit well for not only FPGA implementation but also ASIC.This design can complete a standard 1 024 bit RSA encrypt operation with only 9 836 clock cycles.Compared to the recently proposed design in the literature,the proposed design can achieve an increase of over 50% in throughput.

Tao Wu,ShuGuo Li,LiTian Liu

DOI: https://doi.org/10.1007/s11432-014-5215-4

2015-01-01

Science China Information Sciences

Abstract:This paper improves the quotient-pipelined high radix scalable Montgomery modular multiplier by processing w-bit and k-bit words in carry save form instead of some(w + k)-bit length operands. It directly reduces both the critical path and the area overhead of the original processing elements. Then based on this improved high-radix scalable Montgomery modular multiplier, we propose an efficient hardware architecture for RSA decryption with Chinese Remainder Theorem. With simple configuration logics, the hardware unit works in three modes:(1) scalable modular reduction for precomputation,(2) scalable Montgomery modular multiplication for modular exponentiation, where an approximation method is developed to reduce the expanded result below the modulus, and(3) scalable multiplication for post-processing. Hardware implementation shows that the proposed architecture is optimal with reference to the literature in terms of speed, area, and frequency.A 4096-bit RSA decryption in XC2V6000-6 FPGA can be completed in 11.05 ms with 14041 slices/17409 LUTs,128 16 × 16 multipliers, and 70 kbits of block RAMs. Finally, by the use of Montogmery powering ladder the modular exponentiation unit based on the improved high radix scalable Montgomery modular multiplier can be built resistant to fault and simple power attacks. A 1024-bit modular exponentiation unit with such resistances costs about 255 K NAND2 gates in.18 μm CMOS process, and one full modular exponentiation takes about1.44 ms at 250 MHz.

Shiqi Zhang,Shuguo Li

DOI: https://doi.org/10.1109/cisce55963.2022.9851149

2022-01-01

Abstract:In the public-key cryptographic algorithms like RSA and ECC algorithms, the modular multiplier is the basic and frequently used operation. The core of the modular multiplier is the large integer multiplication. In this paper, we firstly propose a design of multicycle 258-bit KO-3 multiplication based on deduced Karatsuba-Ofman algorithm and further apply this multiplication in the 256-bit pipeline Montgomery modular multiplier. The design is implemented with Verilog hardware description language and we get the synthesis report with Synopsys Design Compiler under SMIC 65nm library. Our design runs a Montgomery modular multiplier in 17 clock cycles and the total latency is 37.4ns. The area of the design is 145281 um2 approximately. Compared with other designs under the same library, our design costs less area and power and can balance the delay-area at the same time.

Yuxuan Zhang,Hua Guo,Chen Chen,Yewei Guan,Xiyong Zhang,Zhenyu Guan

2024-07-18

Abstract:Montgomery modular multiplication is widely-used in public key cryptosystems (PKC) and affects the efficiency of upper systems directly. However, modulus is getting larger due to the increasing demand of security, which results in a heavy computing cost. High-performance implementation of Montgomery modular multiplication is urgently required to ensure the highly-efficient operations in PKC. However, existing high-speed implementations still need a large amount redundant computing to simplify the intermediate result. Supports to the redundant representation is extremely limited on Montgomery modular multiplication. In this paper, we propose an efficient parallel variant of iterative Montgomery modular multiplication, called DRMMM, that allows the quotient can be computed in multiple iterations. In this variant, terms in intermediate result and the quotient in each iteration are computed in different radix such that computation of the quotient can be pipelined. Based on proposed variant, we also design high-performance hardware implementation architecture for faster operation. In the architecture, intermediate result in every iteration is denoted as three parts to free from redundant computations. Finally, to support FPGA-based systems, we design operators based on FPGA underlying architecture for better area-time performance. The result of implementation and experiment shows that our method reduces the output latency by 38.3\% than the fastest design on FPGA.

Cryptography and Security

Chengliang Tian,Jia Yu,Hanlin Zhang,Haiyang Xue,Cong Wang,Kui Ren

DOI: https://doi.org/10.1109/tsc.2019.2937486

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:In cryptography and algorithmic number theory, modular inversion is viewed as one of the most common and time-consuming operations. It is hard to be directly accomplished on resource-constrained clients (e.g., mobile devices and IC cards) since modular inversion involves a great amount of operations on large numbers in practice. To address the above problem, this paper proposes a novel unimodular matrix transformation technique to realize secure outsourcing of modular inversion. This technique makes our algorithm achieve several amazing properties. First, to the best of our knowledge, it is the first secure outsourcing computation algorithm that supports arbitrary and variable modulus, which eliminates the restriction in previous work that the protected modulus has to be a fixed composite number. Second, our algorithm is based on the single untrusted program model, which avoids the non-collusion assumption between multiple servers. Third, for each given instance of modular inversion, it only needs one round interaction between the client and the cloud server, and enables the client to verify the correctness of the results returned from the cloud server with the (optimal) probability 1. Furthermore, we propose an extended secure outsourcing algorithm that can solve modular inversion in multi-variable case. Theoretical analysis and experimental results show that our proposed algorithms achieve remarkable local-client's computational savings. At last, as two important and helpful applications of our algorithms, the outsourced implementations of the key generation of RSA algorithm and the Chinese Reminder Theorem are given.

computer science, information systems, software engineering

LI Ming-jiu,JI Xiao-yong,Liu Bian-jian

DOI: https://doi.org/10.3969/j.issn.1007-757x.2006.10.014

2006-01-01

Abstract:Montgomery algorithm is a fast modular multiplication algorithm and has been widely used in the basic operation of public key cryptography algorithms such as RSA and ElGamal. However, there're few papers focusing on it theoretically and systematically. The algorithm is analyzed deeply and deduced systematically in this paper. Based on ARM chip, Montgomery Algorithm is optimized so that it can enhance the implementation speed of modular multiplication in RSA algorithm.

Ping Luo,Yiqi Dai

2004-01-01

Abstract:A modular multiplication is one of the most important operations in public-key cryptography like RSA cryptosystem. This paper is just devoted to a practical method and construction of speeding up such operation. Furthermore, the modular multiplication expansions are given and based on these expansions the fast modular multiplication and parallel algorithms axe proposed.

Q Liu,Fz Ma,D Tong,X Cheng

DOI: https://doi.org/10.1109/mwscas.2004.1354396

2004-01-01

Abstract:High performance VLSI implementation of the RSA algorithm using the systolic array is presented. High-speed applications of RSA systems require parallel implementations of modular multipliers. Besides using the systolic architecture which is popular in hardware-based RSA systems, a block-based scheme is used to further eliminate global signals, with a pipelined bus to convey data globally. The control signals and intermediate results used for sequential multiplications are transmitted by shift registers. All signals, except for the clock signal, are limited in one block or between two adjacent blocks. A Carry-Save-Adder structure is used for calculating the iterative step of the algorithms which contributes to speed improvement and area saving. In addition, long modular multipliers suffer from the effect of large fanout. Novel architectures are proposed to eliminate the fanout bottleneck, which reduce the achievable minimum clock period of long modular multipliers. Compared to the original modular multiplier architecture with fanout bottleneck, the proposed architectures can achieve an increase of over 7% in throughput without increase in area. The Chinese Remainder Theorem (CRT) technique increases the decryption data rate by a factor of four. Two redundant blocks are added to adapt to the on-line partition of the multiplier and the variation of the length of P and Q in CRT mode.

张怡浩,田则,于敦山,盛世敏

DOI: https://doi.org/10.3321/j.issn:0479-8023.2004.01.011

2004-01-01

Abstract:Modular exponentiation of large operands is the kernel operation in many public-key cryptosystems,RSA algorithm for instance.Montgomery algorithm is often used as a solution.In the VLSI implementation of Montgomery algorithm,the speed is the top target. An improvement is proposed with little or even no increase in the hardware area but apparently saving much time.

T Zhou,XJ Wu,GQ Bai,HY Chen

DOI: https://doi.org/10.1109/icccas.2002.1179061

2002-01-01

Abstract:Modular inversion is one of the kernel arithmetic operations in public key cryptosystems, so the design of low-cost and high-speed hardware implementation is absolutely necessary. In this paper, an improved algorithm for prime fields is presented for hardware facilitation and optimization. The hardware-oriented algorithm involves only ordinary addition/subtraction, and does not need any modular operations or multiplication and division. All of the arithmetic operations in the algorithm can be accomplished by only one adder. These features make it very suitable for fast small VLSI implementation. The VLSI implementation of the algorithm is also given and shows the high performance and low silicon penalty.

李树国,周润德,冯建华,孙义和

DOI: https://doi.org/10.3321/j.issn:0372-2112.2001.11.001

2001-01-01

Abstract:The area and speed of cryptography coprocessor impede the application of public-key cryptography RSA for smart card.A new VLSI architecture of high-radix modular multiplier to compute RSA public-key cryptosystem using our modified Montgomery algorithm is proposed.With TSMC 0.35μm CMOS technology models,a 1024-bit RSA cryptography coprocessor based on our proposed VLSI architecture have been implemented.Its simulation results show that the time to calculate 1024-bit modular multiplication is about 1216 clock cycles and the gate count of the coprocessor is about 38k.At a clock rate of 5MHz it will take about 374ms to encrypt 1024-bit message on average.Compared with previous works our proposed architecture can achieve good performance in chip area and speed,therefore it is well suited to smart cards.

Wei Li,Juhua Liu,Guoqiang Bai

DOI: https://doi.org/10.1109/cstic.2018.8369323

2018-01-01

Abstract:In this paper, we explore the fast modulus inverse algorithm and its implementation. For the first time, we proposed a radix-8 modulus algorithm to speed up the point multiplication in SM2 public key cryptographic algorithm, which is established as the ECC standard of China for commercial applications released by the State Cryptographic Administration of China in December 2010. The critical path delay of our hardware implementation of SM2 is the delay of a one-cycle 256-bit multiplier, which is difficult to get a further reduction. The possibility of further optimization is reducing the number of cycles needed by the binary modulus inverse without changing the critical path delay when converting the Jacob coordinates back to affine coordinates. The radix-8 binary inverse algorithm can reduce the number of cycles significantly by 33.2% on average compared with the radix-4 binary inverse algorithm, which needs 256 cycles at most to complete the conversion.

WANG Qin-qin,CHEN Xiang-ning

DOI: https://doi.org/10.3969/j.issn.1673-629x.2007.06.043

2007-01-01

Abstract:Montgomery algorithm is a fast modular multiplication algorithm and is widely used in the base operation of public-key cryptography algorithms such as RSA and ElGamal.Firstly,the algorithm of RSA and Montgomery are simply introduced and analyzed.Method and calcutive steps of normal application of Montgomery algorithm in RSA are expatiated also.Algorithm in most conmmon use chooses parameter r to power of 2 and the base to 2.Via analyzing the method and calcutive steps of normal algorithm,discusses changing the numerical value of parameter r and the base and use the fast algorithm of Dusse in the meantime,to advance the calcutive velocity a lot.

Yibo Fan,Takeshi Ikenaga,Satoshi Goto

DOI: https://doi.org/10.1093/ietfec/e91-a.4.971

2008-01-01

Abstract:With the increase of key length used in public cryptographic algorithms such as RSA and ECC, the speed of Montgomery multiplication becomes a bottleneck. This paper proposes a high speed design of Montgomery multiplier. Firstly, a modified scalable high-radix Montgomery algorithm is proposed to reduce critical path. Secondly, a high-radix clock-saving dataflow is proposed to support high-radix operation and one clock cycle delay in dataflow. Finally, a hardware-reused architecture is proposed to reduce the hardware cost and a parallel radix-16 design of data path is proposed to accelerate the speed. By using HHNEC 0.25 μm standard cell library, the implementation results show that the total cost of Montgomery multiplier is 130 KGates, the clock frequency is 180 MHz and the throughput of 1024-bit RSA encryption is 352 kbps. This design is suitable to be used in high speed RSA or ECC encryption/decryption. As a scalable design, it supports any key-length encryption/decryption up to the size of on-chip memory.

Renfeng Dou,Jun Han,Yifan Bo,Zhiyi Yu,Xiaoyang Zeng

DOI: https://doi.org/10.1109/tvlsi.2013.2294339

2014-11-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:The modular multiplication (MM) is a key operation in cryptographic algorithms, such as RSA and elliptic-curve cryptography. Multicore processor is a suitable platform to implement MM because of its flexibility, high performance, and energy-efficiency. In this paper, we propose a block-level parallel algorithm for MM with quotient pipelining and optimally map it on a network-on-chip-based multicore platform equipped with broadcasting mechanism. Aiming at highest performance, a theoretical speedup model for parallel MM is also developed for parameter exploration that optimizes task partitioning. Experimental results based on a multicore prototype show that compared with the sequential MM on single core, the parallel implementation proposed in this paper maximizes the speedup ratio with regard to given intercore communication latency.

engineering, electrical & electronic,computer science, hardware & architecture

MAO Tian-ran,LI Shu-guo

2006-01-01

Abstract:A modular multiplier for ECC cryptosystem based on modified Montgomery algorithm is presented.Compared to other designs,our multiplier is pipelined to enhance the clock frequency.And a pre-calculation mechanism is adopted to solve the problem of pipeline break,hence reducing total clock cycles needed.With its small area and fast speed,our design is perfect for application of ECC crypto-system.