ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

Haibin Shen,Yier Jin,Rongquan You

DOI: https://doi.org/10.1109/ICICIC.2006.180

2006-01-01

Abstract:Modular reduction is the basic operation of cryptographic systems. The Barrett's algorithm and Montgomery's algorithm are widely used nowadays and they are both based on pre-computation. In the field of elliptic curve cryptosystem (ECC) over GF(2m), the reduction polynomials recommended by SEC have few items and the degree of second item is much less than that of the first one. Making use of this characteristic, the paper presents a new method to accelerate modular reduction without pre-computation which speeds up modular reduction by 10-30 times over GF(2m) and speeds up ECC point multiplication by 40%-50%. This algorithm has been implemented in a high-speed public-key cipher accelerator

Yibo Fan,Xiaoyang Zeng,Yu Yu,Gang Wang,Huang Deng,Qianling Zhang

DOI: https://doi.org/10.1109/ICASIC.2005.1611286

2005-01-01

Abstract:This paper describes an improved version of the Tenca-Todorov-Koc word based radix-8 Montgomery multiplier. It uses radix-16 for fast without adding any hardware, and adjusting the data-path to get shorter critical path, and requires half of FIFO memory. This design is reconfigurable to accept any input precision as the Tenca-Todorov-Koc's design. An ASIC implementation in 0.25 mum CMOS standard cell technology can perform 2048-bit modular exponentiation in 28ms under 125MHz clock period

FAN Yi-bo,ZENG Xiao-yang,YU Yu

DOI: https://doi.org/10.3321/j.issn:1000-436x.2006.04.017

2006-01-01

Abstract:An improved version of Montgomery multiplier was proposed basing the Tenca-Todorov-Ko?’s word based radix-8 Montgomery multiplier. Radix-16 was used for fast without adding any hardware, and the performance was im-proved up to 26% comparing to the Tenca-Todorov-Ko?’s design. On one hand, shorter critical path and faster frequency were got through adjusting the data-path, on the other hand, a half memory cost by preprocessing the data was saved-which would be stored in FIFO. The improved design was scalable to do any precision modular multiplication and RSA encryption. At last, a 2048-bit RSA test chip was implemented using 0.25 μm technology CMOS standard cell. The chip performs 2048-bit modular exponentiation in 28ms under 125MHz clock period.

Yibo Fan,Xiaoyang Zeng,Yu Yu,Gang Wang,Qianling Zhang

DOI: https://doi.org/10.1109/ISCAS.2006.1693351

2006-01-01

Abstract:This paper proposed a high-radix scalable Montgomery multiplier with the efficient data-path and half latency. By using new algorithm proposed by this paper, it achieves shorter critical path by calculating coefficient qY and qM in parallel. The algorithm can also provide half latency by changing pipeline dataflow through operands dynamic extending during calculation. This design can be used to accept any input precision up to the size of the on-chip memory. An ASIC implementation in 0.25 mun CMOS technology can perform 1024-bit RSA encryption with 390k bps under 180MHz frequency

Yibo Fan,Takeshi Ikenaga,Satoshi Goto

DOI: https://doi.org/10.1093/ietfec/e91-a.4.971

2008-01-01

Abstract:With the increase of key length used in public cryptographic algorithms such as RSA and ECC, the speed of Montgomery multiplication becomes a bottleneck. This paper proposes a high speed design of Montgomery multiplier. Firstly, a modified scalable high-radix Montgomery algorithm is proposed to reduce critical path. Secondly, a high-radix clock-saving dataflow is proposed to support high-radix operation and one clock cycle delay in dataflow. Finally, a hardware-reused architecture is proposed to reduce the hardware cost and a parallel radix-16 design of data path is proposed to accelerate the speed. By using HHNEC 0.25 μm standard cell library, the implementation results show that the total cost of Montgomery multiplier is 130 KGates, the clock frequency is 180 MHz and the throughput of 1024-bit RSA encryption is 352 kbps. This design is suitable to be used in high speed RSA or ECC encryption/decryption. As a scalable design, it supports any key-length encryption/decryption up to the size of on-chip memory.

Ruoyu Wu,Ming Xu,Yingqing Yang,Guanzhong Tian,Ping Yu,Yangfan Zhao,Lian,Longhua Ma

DOI: https://doi.org/10.1109/tcsii.2022.3197314

2022-01-01

IEEE Transactions on Circuits & Systems II Express Briefs

Abstract:High-radix Montgomery Modular Multiplication (MMM) is flexible and consumes fewer cycles, but turns inefficient especially when it comes to low-bit calculation. In this brief, we propose a high-radix MMM algorithm, called Separated Iterative Digit-Digit Modular Multiplication (S-IDDMM), which accelerates the MMM by taking full advantage of multipliers and adders. The relationship among clock cycles, pipeline of multiplications and number of multipliers for the proposed algorithm is derived and utilized to optimize the overall efficiency jointly. Xilinx Virtex-7 FPGA implementations of S-IDDMM in 256 bits and 512 bits are constructed with radix-32 and radix-64, respectively. Compared with IDDMM design reported elsewhere (Amiet et al., 2016), our calculation time is reduced by more than 2 times with a similar area cost, due to deep use of multipliers and higher frequency.

Tao Wu,ShuGuo Li,LiTian Liu

DOI: https://doi.org/10.1007/s11432-014-5215-4

2015-01-01

Science China Information Sciences

Abstract:This paper improves the quotient-pipelined high radix scalable Montgomery modular multiplier by processing w-bit and k-bit words in carry save form instead of some(w + k)-bit length operands. It directly reduces both the critical path and the area overhead of the original processing elements. Then based on this improved high-radix scalable Montgomery modular multiplier, we propose an efficient hardware architecture for RSA decryption with Chinese Remainder Theorem. With simple configuration logics, the hardware unit works in three modes:(1) scalable modular reduction for precomputation,(2) scalable Montgomery modular multiplication for modular exponentiation, where an approximation method is developed to reduce the expanded result below the modulus, and(3) scalable multiplication for post-processing. Hardware implementation shows that the proposed architecture is optimal with reference to the literature in terms of speed, area, and frequency.A 4096-bit RSA decryption in XC2V6000-6 FPGA can be completed in 11.05 ms with 14041 slices/17409 LUTs,128 16 × 16 multipliers, and 70 kbits of block RAMs. Finally, by the use of Montogmery powering ladder the modular exponentiation unit based on the improved high radix scalable Montgomery modular multiplier can be built resistant to fault and simple power attacks. A 1024-bit modular exponentiation unit with such resistances costs about 255 K NAND2 gates in.18 μm CMOS process, and one full modular exponentiation takes about1.44 ms at 250 MHz.

Jun Han,Shuai Wang,Wei Huang,Zhiyi Yu,Xiaoyang Zeng

DOI: https://doi.org/10.1109/tvlsi.2012.2228677

2013-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:Montgomery multiplication is the kernel operation in public key ciphers. Aiming at parallel implementation of Montgomery multiplication, this brief presents an improved task partitioning of the Montgomery multiplication algorithm for the multicore platform with area-efficient processors. Several multicore platforms are designed to verify the efficiency of parallelization. The fastest platform takes 3460 cycles to finish a 1024-b Montgomery multiplication, which is six times faster than a single MIPS processor and three times faster than the pSHS parallelization based on a platform with eight MicroBlaze cores.

Yuxuan Zhang,Hua Guo,Chen Chen,Yewei Guan,Xiyong Zhang,Zhenyu Guan

2024-07-18

Abstract:Montgomery modular multiplication is widely-used in public key cryptosystems (PKC) and affects the efficiency of upper systems directly. However, modulus is getting larger due to the increasing demand of security, which results in a heavy computing cost. High-performance implementation of Montgomery modular multiplication is urgently required to ensure the highly-efficient operations in PKC. However, existing high-speed implementations still need a large amount redundant computing to simplify the intermediate result. Supports to the redundant representation is extremely limited on Montgomery modular multiplication. In this paper, we propose an efficient parallel variant of iterative Montgomery modular multiplication, called DRMMM, that allows the quotient can be computed in multiple iterations. In this variant, terms in intermediate result and the quotient in each iteration are computed in different radix such that computation of the quotient can be pipelined. Based on proposed variant, we also design high-performance hardware implementation architecture for faster operation. In the architecture, intermediate result in every iteration is denoted as three parts to free from redundant computations. Finally, to support FPGA-based systems, we design operators based on FPGA underlying architecture for better area-time performance. The result of implementation and experiment shows that our method reduces the output latency by 38.3\% than the fastest design on FPGA.

Cryptography and Security

Zhaoji Zhang,Peiyong Zhang

DOI: https://doi.org/10.3390/electronics11223712

IF: 2.9

2022-01-01

Electronics

Abstract:The Montgomery modular multiplication is an integral operation unit in the public key cryptographic algorithm system. Previous work achieved good performance at low input widths by combining Redundant Binary Representation (RBR) with Montgomery modular multiplication, but it is difficult to strike a good balance between area and time as input bit widths increase. To solve this problem, based on the redundant Montgomery modular multiplication, in this paper, we propose a flexible and pipeline hardware implementation of the Montgomery modular multiplication. Our proposed structure guarantees a single-cycle delay between two-stage pipeline units and reduces the length of the critical path by redistributing the data paths between the pipelines and preprocessing the input in the loop. By analyzing the structure and comparing the related work in this paper, our structure ensures a lower area-time product while achieving a controllable and small area consumption. The comprehensive results under different Taiwan Semiconductor Manufacturing Company (TSMC) processes demonstrate the advantages of our structure in terms of flexibility and area-time product.

GU Ye-hua,ZENG Xiao-yang,ZHAO Jia,LU Rong-hua

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.19.080

2007-01-01

Abstract:This paper proposes a modified multiple-word radix-2k Montgomery multiplication(MWR2kMM) algorithm with its corresponding VLSI architecture.With the adoption of MWR2kMM algorithm,the proposed multiplier is able to work with any precision of the input operands and has a shorter critical path.Meanwhile,its performance is much higher compared with previous work because of the optimization of the pipeline architecture.The proposed multiplier is very suitable to the low cost and high performance RSA cryptosystem and can be easily implemented in VLSI technology.

张怡浩,田则,于敦山,盛世敏

DOI: https://doi.org/10.3321/j.issn:0479-8023.2004.01.011

2004-01-01

Abstract:Modular exponentiation of large operands is the kernel operation in many public-key cryptosystems,RSA algorithm for instance.Montgomery algorithm is often used as a solution.In the VLSI implementation of Montgomery algorithm,the speed is the top target. An improvement is proposed with little or even no increase in the hardware area but apparently saving much time.

Xiodong Yan,Shuguo Li

DOI: https://doi.org/10.1109/icasic.2007.4415601

2007-01-01

Abstract:This paper describes a high-speed Montgomery multiplier based on pipeline large-scale multiplier. It uses secondary booth encoded algorithm for cutting down the number of partial products and adjusting the data-path to get shorter critical path. An ASIC implementation in 0.18 um CMOS standard cell technology can perform 256-bit modular multiplication in 15 ns under 200 MHz clock frequency. The design can be employed in advanced cryptographic system chips such as RSA or ECC chip.

Zhihua Chen,Yihe Sun,Guoqiang Bai

DOI: https://doi.org/10.1109/ICASIC.2003.1277442

2003-01-01

Abstract:This paper describes a new scalable architecture of Montgomery modular multiplier (MMM) using our improved FIOS algorithm. This algorithm and architecture can manipulate operands of any precision (bit length) in dual field (prime field and binary field) and has the advantage of using relatively smaller latency (clock cycles) to complete one modular multiplication. Our architecture is reusable and has high performance with respect to latency, timing, area, etc.

Ruirui Liu,Shuguo Li

DOI: https://doi.org/10.1109/iscas.2019.8702684

2019-01-01

Abstract:Large integer multiplication is the critical operation to design a modular multiplier. Karatsuba algorithm(KO algorithm) to split the operands into two parts is generally used to design a large integer multiplier. In this paper, we firstly propose a design of 258-bit multiplier based on KO-3 algorithm deduced by KO algorithm, with which hardware resources can be reduced than KO algorithm. Then we construct a 256-bit four-stage pipelined Montgomery modular multiplier on the base of proposed multiplier. Finally, we implement the design of modular multiplier on Virtex-6 FPGA platform. This design can run at the clock rate of 68 MHz with 187.9k LUTs approximately. In addition, our design can obtain the result of Montgomery modular multiplier for every clock. Compared with other designs on FPGA, our design shows a better performance in term of area-time product.

Shiqi Zhang,Shuguo Li

DOI: https://doi.org/10.1109/cisce55963.2022.9851149

2022-01-01

Abstract:In the public-key cryptographic algorithms like RSA and ECC algorithms, the modular multiplier is the basic and frequently used operation. The core of the modular multiplier is the large integer multiplication. In this paper, we firstly propose a design of multicycle 258-bit KO-3 multiplication based on deduced Karatsuba-Ofman algorithm and further apply this multiplication in the 256-bit pipeline Montgomery modular multiplier. The design is implemented with Verilog hardware description language and we get the synthesis report with Synopsys Design Compiler under SMIC 65nm library. Our design runs a Montgomery modular multiplier in 17 clock cycles and the total latency is 37.4ns. The area of the design is 145281 um2 approximately. Compared with other designs under the same library, our design costs less area and power and can balance the delay-area at the same time.

Nian Xue,Yun Pan,Zhang Yuhong,Xiaolang Yan

2010-01-01

Abstract:A radix-4 Montgomery modular multiplication and the optimized circuit architecture are presented.It can reduce iterations of traditional radix-2 modular multiplication to about 50%.Based on this module,the implementation of high speed RSA encryption processor follows completely parallel modular exponentiation flow with Carry Save Addition(CSA) structure to perform long integer arithmetic.This avoids the repeated interim output/output format conversion.Result shows that the optimization is technology independent and thus should suit well for not only FPGA implementation but also ASIC.This design can complete a standard 1 024 bit RSA encrypt operation with only 9 836 clock cycles.Compared to the recently proposed design in the literature,the proposed design can achieve an increase of over 50% in throughput.

Hongfei Ke,Hao Li,Peiyong Zhang

DOI: https://doi.org/10.1016/j.mejo.2023.106085

IF: 1.992

2023-01-01

Microelectronics Journal

Abstract:Modular multiplication plays a crucial role in modern cryptography. Montgomery modular multiplication(MMM), one of the most classic and practical modular multiplication algorithms, has been widely used in cryptographic algorithms such as RSA, Diffie–Hellman algorithm, and Elliptic Curve Cryptography. In this paper, we incorporate negative wrapped convolution (NWC) into the FFT-based Montgomery modular multiplication to avoid the issue of zero-padding and use carry-save arithmetics for parallel computation. By utilizing coefficient pairs (pos_part and neg_part), we reconstruct the final result and eliminate the restrictions imposed by nega-cyclic parts. Moreover, Karatsuba-like algorithm is introduced for building fine-grained large integer multipliers. We have modified the parameter specifications for our design to meet requirements from diverse application scenarios. We implement the design on Xilinx Virtex-7 FPGA under different conditions and compare the results with the state-of-the-art MMM designs. The comparisons confirm that our design has the following characteristics: low latency for process, competitive area-latency-product(ALP), efficient DSP usage, and constant delay, which enhances security against timing attacks.

Qiqi Tao,Liying Li,Junlong Zhou,Guitao Cao,Dan Meng

DOI: https://doi.org/10.1016/j.sysarc.2024.103142

IF: 5.836

2024-05-01

Journal of Systems Architecture

Abstract:Homomorphic encryption is an important technology for protecting data privacy, and the performance of modular multiplication directly affects the efficiency of homomorphic encryption. Currently, there are numerous FPGA-based acceleration techniques targeting modular multiplication. However, many of these implementations require substantial hardware resources or suffer from resource imbalance. This leads to a lower throughput. Therefore, we present a novel FPGA-based implementation of Montgomery Modular Multiplication aimed at addressing these challenges. Our design employs a suitable radix bit width and word size based on the digital signal processing (DSP) bit width rather than the conventional binary powers of two. We aim to instantiate more modular multipliers using limited resources while minimizing latency. We also introduce a novel DSP cascade structure, called parallel grouping cascade DSP, which reduces the number of clock cycles of internal multipliers. To balance the ratio of lookup table (LUT) and DSP usage, we also use multipliers implemented in the LUT to replace some DSPs. Our results, implemented on Xilinx Virtex-7 field-programmable gate array (FPGA), demonstrate more than 27% improvement in throughput on 1024-bit modular multiplication and more than 70% improvement on 2048-bit compared to the best previous state-of-the-art references.

computer science, software engineering, hardware & architecture