ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

YuanJie J. Yang,Dao Huang

DOI: https://doi.org/10.1109/WCICA.2002.1021440

2002-01-01

Abstract:With the development of the Internet, security becomes more and more important. SSL (Secure Sockets Layer), developed by Netscape, sets up a secure channel over the Internet, and is widely used in e-commerce. However, it is not perfect. In this paper, we analyze the principle and deficiencies of SSL protocol, present two ways for optimization, and use them in SSL protocol with a help of the RBF algorithm aiming to reduce the time delay at the client end and workload of the server. The experiments presented show the optimized SSL protocol has a better performance than the original one.

Haibin Shen,Yier Jin,Rongquan You

DOI: https://doi.org/10.1109/ICICIC.2006.180

2006-01-01

Abstract:Modular reduction is the basic operation of cryptographic systems. The Barrett's algorithm and Montgomery's algorithm are widely used nowadays and they are both based on pre-computation. In the field of elliptic curve cryptosystem (ECC) over GF(2m), the reduction polynomials recommended by SEC have few items and the degree of second item is much less than that of the first one. Making use of this characteristic, the paper presents a new method to accelerate modular reduction without pre-computation which speeds up modular reduction by 10-30 times over GF(2m) and speeds up ECC point multiplication by 40%-50%. This algorithm has been implemented in a high-speed public-key cipher accelerator

Yang Deshan,Lu Kuijun

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.10.072

2007-01-01

Abstract:The computing speed of RSA encryption algorithm is studied.Some new methods of modular exponentiation,modular multiplication and square for large integer are proposed to improve the efficiency of RSA encryption.Finally,the algorithm is tested in simulative environment.

Aniruddha Bhattacharjya,Xiaofeng Zhong,Xing Li

DOI: https://doi.org/10.1109/access.2019.2900300

IF: 3.9

2019-01-01

IEEE Access

Abstract:For virtual private network and LAN-to-LAN tunnel sessions, End-to-End security is the main constraint in private messaging scenarios. Internet Protocol Security can negotiate new keys for every communication, but when the key is compromised, it is a problem. Perfect Forward Secrecy is the resolution. In addition, the messaging scheme should be efficient and lightweight for keeping parity with daily needs. The popular Rivest-Shamir-Adleman (RSA) cipher is omnipresent in secure communications but has many scientific problems. So here, in this paper, a lightweight and efficient Secure Hybrid RSA (SHRSA) messaging scheme with four-layered authentication stack is implemented and analyzed. The scheme is resolving the problem of asymptotic very low speed of decryption of RSA, the computational modular exponentiation complexity and partial key exposure vulnerability issues of RSA, and many more. The four-layered authentication stack have eliminated the need of the use of any password, external digital certificates, and a third party for authentication with its own four techniques in a staked way. We have found that in evolutions and analysis of the scheme, it is not only resolving various scientific problems of RSA but also occupying 2%-4% less CPU than main RSA and occupying 1%-3% less memory than main RSA. Its decryption average time has gained 8.858 times compared to the main RSA and gained 2.248 times compared to CRT RSA. We have found that the RSA, CRT-RSA, and SHRSA's encryption throughput are alike-all are around 6 KB/Sec but decryption throughput of SHRSA has gained 8.5345 times than main RSA and gained 2.1174 times than CRT-RSA. The results obtained have shown us the relevancies of the SHRSA messaging scheme to be integratable as a cipher in Blockchain architectures, cyber-physical systems, and the Internet of Everything.

Hung-Min Sun,Mu-En Wu,M. Jason Hinek,Cheng-Ta Yang,Vincent S. Tseng

DOI: https://doi.org/10.1016/j.jss.2009.04.001

2009-01-01

Abstract:In 1982, Quisquater and Couvreur proposed an RSA variant, called RSA-CRT, based on the Chinese Remainder Theorem to speed up RSA decryption. In 1990, Wiener suggested another RSA variant, called Rebalanced-RSA, which further speeds up RSA decryption by shifting decryption costs to encryption costs. However, this approach essentially maximizes the encryption time since the public exponent e is generally about the same order of magnitude as the RSA modulus. In this paper, we introduce two variants of Rebalanced-RSA in which the public exponent e is much smaller than the modulus, thus reducing the encryption costs, while still maintaining low decryption costs. For a 1024-bit RSA modulus, our first variant (Scheme A) offers encryption times that are at least 2.6 times faster than that in the original Rebalanced-RSA, while the second variant (Scheme B) offers encryption times at least 3 times faster. In both variants, the decrease in encryption costs is obtained at the expense of slightly increased decryption costs and increased key generation costs. Thus, the variants proposed here are best suited for applications which require low costs in encryption and decryption.

Hung-Min Sun,Mu-En Wu

2005-01-01

Abstract:Based on the Chinese Remainder Theorem (CRT), Quisquater and Couvreur proposed an RSA variant, RSA-CRT, to speed up RSA decryption. Then, Wiener suggested another RSA variant, Rebalanced RSA-CRT, to further accelerate RSA-CRT decryption by shifting decryp- tion cost to encryption cost. However, such an approach makes RSA encryption very time- consuming because the public exponent e in Rebalanced RSA-CRT is of the same order of magnitude as φ(N). In this paper we study the following problem: does there exist any secure variant of Rebalanced RSA-CRT, whose public exponent e is much shorter than φ(N) ?W e solve this problem by designing two variants of Rebalanced RSA-CRT, Scheme A and Scheme B. In Scheme A, we focus on designing a variant in which dp and dq are of 160 bits, and e =2 567 +1. Thus the encryption time is reduced to about 1 2.7 of the time required by the original Rebalanced RSA-CRT. Scheme B is a variant in which dp and dq are of 198 bits, and e =2 511 +1 .T hus its encryption is about 3 times faster than that of Rebalanced RSA-CRT, but the decryption is a little slower than that of Rebalanced RSA-CRT.

Hung-Min Sun,M. Jason Hinek,Mu-En Wu

2005-01-01

Abstract:In 1982, Quisquater & Couvreur proposed a variant of RSA based on the Chinese Remainder Theorem, called RSA-CRT, to speed up RSA decryption. In 1990, Wiener suggested another variant, called Rebalanced RSA-CRT, which further speeds up RSA decryption by shifting decryption costs to encryption costs. However, this approach essentially maximizes the encryption time since the public exponent e in Rebalanced RSA-CRT is generally about the same order of magnitude as the RSA modulus. In this work1, we introduce two variants of Rebalanced RSA-CRT in which the public exponent e is much smaller than the modulus, thus reducing the encryption costs, while maintaining low decryption costs. For a 1024-bit modulus, our first variant (Scheme A) offers encryption times that are at least 2.6 times faster than that in the original Rebalanced RSA-CRT, while the second variant (Scheme B) offers encryption times at least 3 times faster. In both variants, the decrease in encryption costs is obtained at the expense of slightly increased decryption costs and increased key generation costs. Thus, the variants proposed here are best suited for applications which require low encryption/decryption costs but do not require key generation on the fly.

Yang Yang,Zhi Guan,Huiping Sun,Zhong Chen

DOI: https://doi.org/10.1007/978-3-319-17533-1_31

2015-01-01

Abstract:RSA is a public key cryptography widely used for end-to-end authentication and key exchange in various Internet protocols, such as SSL and TLS. Compared with symmetric cryptography, the cryptographic operations in RSA is much more time consuming. This brings pressure on performance to service providers using secure protocols, and hinders these protocols from being more widely used. Graphics Processing Units (GPUs) are increasingly used for intensive data parallelism general purpose computing. GPUs often provide better throughput than CPUs at the same cost. In this paper, we propose a new approach to parallelize Montgomery multiplication under the Single Instruction Multiple Thread (SIMT) threading model of GPUs, and construct a parallel RSA implementation based on this approach, combining with other optimization techniques both in the algorithmic level and implementation level. The performance evaluation shows our RSA implementation achieves a record-breaking latency for RSA decryption implementations on GPUs: 2.6 ms for RSA-1024 and 6.5 ms for RSA-2048. The peak throughtput of decryptions per second of our implementation reaches 5,244 for RSA-2048 and 34,981 for RSA-1024 respectively, which is much faster than existing integer-based implementations. The peak throughput of our implementation is slightly slower than the fastest floating-point based implementation, while the latency of our implementation is 3 times faster.

Yuyang Pan,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/edssc.2019.8754007

2019-01-01

Abstract:RSA is a secure, high quality, asymmetric key algorithm which is widely used today. To realize high performance and high flexibility at the same time, measures of hardware/software co-design are taken. Four schemes of RSA algorithm based on different partition of software and hardware are implemented: flexibility-orientated, performance-orientated, balanced one and pure hardware implementation. Some optimization attempts are taken. The bottleneck of SOS algorithm is analyzed and accelerated by ASM language to reach 75.9% running time reduction. The performance-orientated scheme put computation-intensive parts into hardware and communication part into software to take the advantage of each one. It is even faster than pure hardware scheme in decryption. The cycle of the this scheme is less than 2% of the pure software scheme.

Hung-Min Sun,Mu-En Wu

2005-01-01

Abstract:Based on the Chinese Remainder Theorem (CRT), Quisquater and Couvreur proposed an RSA variant, RSA-CRT, to speedup RSA decryption. According to RSA-CRT, Wiener sug- gested another RSA variant, Rebalanced RSA-CRT, to further speedup RSA-CRT decryption by shifting decryption cost to encryption cost. However, such an approach will make RSA en- cryption very time-consuming because the public exponent e in Rebalanced RSA-CRT will be of the same order of magnitude as φ(N). In this paper we study the following problem: does there exist any secure variant of Rebalanced RSA-CRT, whose public exponent e is much shorter than φ(N)? We solve this problem by designing a variant of Rebalanced RSA-CRT with dp and dq of 198 bits. This variant has the public exponent e =2 511 +1such that its encryption is about 3 times faster than that of the original Rebalanced RSA-CRT.

Lifeng Li

DOI: https://doi.org/10.1155/2022/7472205

IF: 1.968

2022-08-04

Security and Communication Networks

Abstract:In order to solve the partial optimization problems of the RSA algorithm in computer network security, a method of RSA algorithm optimization based on data encryption was proposed. In the research, the application of data encryption in network information security system was mainly investigated, using RSA as the representative algorithm in the public key cryptosystem. The network information security model on the basis of data encryption was built on the public key cryptosystem in the research. Through the introduction of the RSA algorithm and the corresponding optimization scheme, the experiments for comparison were set up. Through the experiments, the feasibility of the optimization scheme was verified. Experimental results show that the efficiency of the RSA algorithm was about 1.0% to 2% higher than that of the traditional algorithm after a reasonable selection of parameters and the use of an optimized algorithm (also known as the combination algorithm), which improved the efficiency of RSA algorithm to a certain extent and achieved the purpose of improving RSA algorithm. It was proved that the method could effectively improve the budget efficiency of the RSA algorithm and solve the optimization problem of the RSA algorithm in computer network security.

computer science, information systems,telecommunications

Yi Wu,Xingjun Wu

DOI: https://doi.org/10.1109/ISCE.2017.8355552

2017-01-01

Abstract:As one of the international public-key cryptographic standards, RSA is widely used in Smart IC card which is in the context of such a large number of users. The RSA key-generation inside the card IC is the most time-consumption procedure during the mass production of the cards. To reduce the time complexity, an optimized RSA key generation algorithm is proposed in this paper. The optimized algorithm was implemented to generate RSA key pairs based on the smart card chip called THD88. Experiments show the time to generate a 1024-bits RSA key-pair is 4.76 seconds on average under the system clock frequency of 20MHz, and is much less than other similar products. Testing results show that the time-consumption distribution fits 3 sigma distribution, and meets the requirements of the engineering application as well.

Tao Wu,ShuGuo Li,LiTian Liu

DOI: https://doi.org/10.1007/s11432-014-5215-4

2015-01-01

Science China Information Sciences

Abstract:This paper improves the quotient-pipelined high radix scalable Montgomery modular multiplier by processing w-bit and k-bit words in carry save form instead of some(w + k)-bit length operands. It directly reduces both the critical path and the area overhead of the original processing elements. Then based on this improved high-radix scalable Montgomery modular multiplier, we propose an efficient hardware architecture for RSA decryption with Chinese Remainder Theorem. With simple configuration logics, the hardware unit works in three modes:(1) scalable modular reduction for precomputation,(2) scalable Montgomery modular multiplication for modular exponentiation, where an approximation method is developed to reduce the expanded result below the modulus, and(3) scalable multiplication for post-processing. Hardware implementation shows that the proposed architecture is optimal with reference to the literature in terms of speed, area, and frequency.A 4096-bit RSA decryption in XC2V6000-6 FPGA can be completed in 11.05 ms with 14041 slices/17409 LUTs,128 16 × 16 multipliers, and 70 kbits of block RAMs. Finally, by the use of Montogmery powering ladder the modular exponentiation unit based on the improved high radix scalable Montgomery modular multiplier can be built resistant to fault and simple power attacks. A 1024-bit modular exponentiation unit with such resistances costs about 255 K NAND2 gates in.18 μm CMOS process, and one full modular exponentiation takes about1.44 ms at 250 MHz.

Q Liu,Fz Ma,D Tong,X Cheng

DOI: https://doi.org/10.1109/mwscas.2004.1354396

2004-01-01

Abstract:High performance VLSI implementation of the RSA algorithm using the systolic array is presented. High-speed applications of RSA systems require parallel implementations of modular multipliers. Besides using the systolic architecture which is popular in hardware-based RSA systems, a block-based scheme is used to further eliminate global signals, with a pipelined bus to convey data globally. The control signals and intermediate results used for sequential multiplications are transmitted by shift registers. All signals, except for the clock signal, are limited in one block or between two adjacent blocks. A Carry-Save-Adder structure is used for calculating the iterative step of the algorithms which contributes to speed improvement and area saving. In addition, long modular multipliers suffer from the effect of large fanout. Novel architectures are proposed to eliminate the fanout bottleneck, which reduce the achievable minimum clock period of long modular multipliers. Compared to the original modular multiplier architecture with fanout bottleneck, the proposed architectures can achieve an increase of over 7% in throughput without increase in area. The Chinese Remainder Theorem (CRT) technique increases the decryption data rate by a factor of four. Two redundant blocks are added to adapt to the on-line partition of the multiplier and the variation of the length of P and Q in CRT mode.

Ping Luo,Yiqi Dai

2004-01-01

Abstract:A modular multiplication is one of the most important operations in public-key cryptography like RSA cryptosystem. This paper is just devoted to a practical method and construction of speeding up such operation. Furthermore, the modular multiplication expansions are given and based on these expansions the fast modular multiplication and parallel algorithms axe proposed.

Li Qing,Li Xiongwei,Jin Tao

DOI: https://doi.org/10.3969/j.issn.1009-6833.2007.06.037

2007-01-01

Abstract:The RSA algorithm is the broadest applied public key cryptosystems at present.Its security is dependent on big prime number factorizations difficulty.As for average application system,efficiency is also not to admit ignoring.The article comes true to generating what secret key process middle requires a parameter to carry out analysis and discuss that,and having carried out whit C programming language on public RSA key encryption algorithm combining with an example.

Yumin Dong,Hengrui Liu,Yanying Fu,Xuanxuan Che

DOI: https://doi.org/10.1063/5.0153709

IF: 2.877

2023-07-10

Journal of Applied Physics

Abstract:Shor’s factorization algorithm (SFA) aims at finding the non-trivial factor of a given composite number, but the algorithm does not always work. In some cases, it has to call back to the beginning of the algorithm to make recalculation. After the analysis of the principle of SFA and the characteristics of RSA public-key cryptography with a series of data calculations, it can be concluded that the random value selected by the algorithm is closely related to whether the obtained period is effective. Therefore, a new optimized scheme is proposed to tackle with this defect from two perspectives: (a) When the a value is a perfect square, the algorithm can be completed with an odd cycle r. (b) When the period r obtained by the randomly selected a value is a multiple of 3, the algorithm can be completed by modifying the decomposition method to relax the requirements for the period without affecting the complexity of the algorithm. Due to the limitations of hardware in applying the quantum algorithms, the classical algorithm is applied to simulate quantum algorithms to test the success rate of decomposition of some composite numbers. The result indicates the effectiveness of the improved algorithm, which significantly reduces the probability of repeated operations to save the quantum circuit resources.

physics, applied

Shiyu Shen,Hao Yang,Wenqian Li,Yunlei Zhao

DOI: https://doi.org/10.1109/tdsc.2024.3494835

2023-01-01

Abstract:The threat posed by quantum computing has precipitated an urgent need for post-quantum cryptography. Recently, the post-quantum digital signature draft FIPS 204 has been published, delineating the details of the ML-DSA, which is derived from the CRYSTALS-Dilithium. Despite these advancements, server environments, especially those equipped with GPU devices necessitating high- throughput signing, remain entrenched in classical schemes. A conspicuous void exists in the realm of GPU implementation or server-specific designs for ML-DSA. In this paper, we propose the first server-oriented GPU design tailored for the ML-DSA signing procedure in high- throughput servers. We introduce several innovative theoretical optimizations to bolster performance, including depth-prior sparse ternary polynomial multiplication, the branch elimination method, and the rejection-prioritized checking order. Furthermore, exploiting server-oriented features, we propose a comprehensive GPU hardware design, augmented by a suite of GPU implementation optimizations to further amplify performance. Additionally, we present variants for sampling sparse polynomials, thereby streamlining our design. The deployment of our implementation on both server-grade and commercial GPUs demonstrates significant speedups, ranging from 284.9× to 485.3× against the CPU baseline, and an improvement of up to 60.9% compared to related work, affirming the effectiveness and efficiency of the proposed GPU architecture for ML-DSA signing procedure

Yanli Ren,Shuozhong Wang,Xinpeng Zhang,Min-Shiang Hwang

2015-01-01

Abstract:In a batch verifying scheme, multiple RSA digital signatures can be verified simultaneously in just one exponential operation time. Currently, the verifier could not easily detect where the signature-verification fault was located in most schemes, if the batch verification fails. In this article, we proposed a new batch verifying multiple RSA digital signatures scheme based on a cube. The scheme can detect accurately where the signature-verification fault is located. Moreover, once the total number of signatures is fixed, the size of exponentiation operations is independent from the number of illegal signatures in our scheme. Therefore, our scheme has a better performance and higher efficiency than the previous ones. Finally, we described an extend batch verifying scheme under the condition of n-dimension.