孙怡乐,吴行军,陈弘毅

DOI: https://doi.org/10.3321/j.issn:1000-0054.2004.04.027

2004-01-01

Abstract:An area efficient modular arithmetic processor was developed that is capable of performing RSA public-key cryptography and other modular arithmetic operations as a coprocessor. The operands can vary in size from 256 to 2 048 bit. An optimized coarsely integrated operated scanning (CIOS) algorithm was used to speed up the modular multiplication. The fully pipelined architecture has a maximum clock rate of 60 MHz which takes 57 ms to complete a 1 024 bit modular exponentiation. The core circuit without RAM contains 16 000 gates and the whole area measures only 3.31 mm~2 using 0.35 μm CMOS technology. The processor is suitable for embedded systems, especially in area-constrained environments.

ZHOU Yi,SHEN Hai-bin,FAN Jun-feng

DOI: https://doi.org/10.3969/j.issn.1671-7147.2006.06.015

2006-01-01

Abstract:RSA is a time-consumed algorithm and is always implemented by using Montgomery multiplication algorithm.The paper develops a two-stage Montgomery multiplication algorithm and presents a high speed scalable hardware implementation based on the algorithm described for the RSA computation.High-radix,2~(64) is used in the algorithm.Compared with other Montgomery multiplication algorithm,the performance of RSA algorithm is highly improved.In hardware area,based on three pipelined 64×64 bit multiplier,five pipelined process unit is designed.Its architecture gives enough freedom to select the operand length to be used.It can implement multi RSA operation such as 1 024 bit,2 048 bit.In the 1 024 bit condition,its encrypt speed can reach 8 800 times per second.The system simulation and tapeout is based on SIMC0.18 technology.

Hongyi Chen

2005-01-01

Abstract:A processor suitable for multi public-key cryptography,such as RSA,ECC,DSA,etc,is presented in this paper.Based on the analysis of public-key algorithms,a set of the most frequently used modular operations,called basic operations,is abstracted.The hardware of the processor was optimized to implement these basic operations.Micro-program was designed to implement various modular computations by calling the basic instructions.With all these modular computations,the processor can implement various public-key algorithms.Operands' length for the processor can be varied from 106 bits to 2 048 bits,and the execution of instructions is pipelined.The processor,which occupies smaller chip area with only about 26 000 equivalent logic gates in total,has a higher operation speed.It is,therefore,suitable for applications,such as smart cards,where chip area is limited.

李树国,周润德,冯建华,孙义和

DOI: https://doi.org/10.3321/j.issn:0372-2112.2001.11.001

2001-01-01

Abstract:The area and speed of cryptography coprocessor impede the application of public-key cryptography RSA for smart card.A new VLSI architecture of high-radix modular multiplier to compute RSA public-key cryptosystem using our modified Montgomery algorithm is proposed.With TSMC 0.35μm CMOS technology models,a 1024-bit RSA cryptography coprocessor based on our proposed VLSI architecture have been implemented.Its simulation results show that the time to calculate 1024-bit modular multiplication is about 1216 clock cycles and the gate count of the coprocessor is about 38k.At a clock rate of 5MHz it will take about 374ms to encrypt 1024-bit message on average.Compared with previous works our proposed architecture can achieve good performance in chip area and speed,therefore it is well suited to smart cards.

Q Liu,Fz Ma,D Tong,X Cheng

DOI: https://doi.org/10.1109/mwscas.2004.1354396

2004-01-01

Abstract:High performance VLSI implementation of the RSA algorithm using the systolic array is presented. High-speed applications of RSA systems require parallel implementations of modular multipliers. Besides using the systolic architecture which is popular in hardware-based RSA systems, a block-based scheme is used to further eliminate global signals, with a pipelined bus to convey data globally. The control signals and intermediate results used for sequential multiplications are transmitted by shift registers. All signals, except for the clock signal, are limited in one block or between two adjacent blocks. A Carry-Save-Adder structure is used for calculating the iterative step of the algorithms which contributes to speed improvement and area saving. In addition, long modular multipliers suffer from the effect of large fanout. Novel architectures are proposed to eliminate the fanout bottleneck, which reduce the achievable minimum clock period of long modular multipliers. Compared to the original modular multiplier architecture with fanout bottleneck, the proposed architectures can achieve an increase of over 7% in throughput without increase in area. The Chinese Remainder Theorem (CRT) technique increases the decryption data rate by a factor of four. Two redundant blocks are added to adapt to the on-line partition of the multiplier and the variation of the length of P and Q in CRT mode.

LI Ming,WU Dan,DAI Kui,ZOU Xue-cheng

2011-01-01

Abstract:In this paper,an effective strategy of point multiplication scheduling and an improved algorithm of dual-field high radix Montgomery modular multiplication are proposed.Based on them,a new high-performance scalable public-key cipher coprocessor architecture for RSA and ECC computing acceleration is designed,which is implemented using the 0.18μm 1P6M standard CMOS technology.The coprocessor has strong scalability and flexibility,which can support the modular exponentiation up to 2048 bit and the dual-field elliptic curve scalar multiplication up to 576 bit by enlarging the high-speed memory on chip and using the radix-length as processing base.The measured result shows that the coprocessor chip has high performance for accelerating the computation of RSA and ECC and can perform one 1024-bit modular exponentiation only in 197μs,one the prime field 192-bit scalar multiplication only in 225μs and the binary field 163-bit scalar multiplication only in 200.7μs.

Nian Xue,Yun Pan,Zhang Yuhong,Xiaolang Yan

2010-01-01

Abstract:A radix-4 Montgomery modular multiplication and the optimized circuit architecture are presented.It can reduce iterations of traditional radix-2 modular multiplication to about 50%.Based on this module,the implementation of high speed RSA encryption processor follows completely parallel modular exponentiation flow with Carry Save Addition(CSA) structure to perform long integer arithmetic.This avoids the repeated interim output/output format conversion.Result shows that the optimization is technology independent and thus should suit well for not only FPGA implementation but also ASIC.This design can complete a standard 1 024 bit RSA encrypt operation with only 9 836 clock cycles.Compared to the recently proposed design in the literature,the proposed design can achieve an increase of over 50% in throughput.

YL Deng,ZG Mao,YZ Ye,T Wang

DOI: https://doi.org/10.1109/icsict.1998.785937

1998-01-01

Abstract:The RSA algorithm is a major method in implementing a public key cryptosystem. On the basis that the Montgomery algorithm can modular-multiply in a fast way, this paper presents a hardware implementation of a 1024-bit RSA cryptoprocessor. It has been shown that the processor can encrypt 1024 bit message in less than 0.65 seconds, with which a 3 mm/sup 2/ die area. It is suitable for smart IC cards.

Yongxin Ma,Xiaoyang Zeng,Min Wu,Chengshou Sun

DOI: https://doi.org/10.1109/iscas.2006.1692582

2006-01-01

Abstract:Based on modified multiple-word radix-4 Montgomery algorithm and improved pipeline mechanism, an area efficient RSA crypto-processor is implemented, which supports reconfigurable keys up to 2048 bits. Based on 0.25 mu m standard CMOS technology, the new coprocessor achieves a 1024-bit encryption rate of 28Kbps at 180MHz and the core circuit without RAM contains 18,000 gates. The result shows that this processor is very suitable for area-constrained applications such as smart cards.

Xingjun Wu,Hongyi Chen,Yihe Sun,Weixin Gai

DOI: https://doi.org/10.1023/a:1021110405895

2003-01-01

Abstract:In this paper, a fully-pipeline linear systolic array based on adjusted Montgomery's algorithm is presented to perform modular multiplication at extremely high speed. The processing element ( PE) consists of only 4 full-adders and 14 flip-flops. Three-stage internal pipelined PE results in a very short critical path with only a one-bit full-adder delay. Thus, it can run at a very high cycle rate. The total execution time for an n-bit modular multiplication is 2n + 11 cycles with only (n/2+ 2) PEs. A modular exponentiation based on it takes (3n + 16.5)n cycles in average. Compared with most published VLSI modular multipliers, the hardware complexity is greatly reduced while keeping very high throughput. Therefore it is a good candidate of the arithmetic units used in the many public-key crypto-systems, e.g. RSA, Elliptic Curve and so on, especially for the embedded applications concerning information security.

李树国,周润德

DOI: https://doi.org/10.3321/j.issn:1000-0054.2002.10.038

2002-01-01

Abstract:The size and speed of the modular multiplier hinders the implementation of public key cryptography RSA applications for smart cards. A VLSI implementation was developed for a 1 024 bit RSA modular multiplier using a modified Montgomery algorithm. The modular multiplier was composed of two parallel multipliers and two pipelined adders, which reduced its size and greatly increased its speed. The modular multiplier has been implemented in smart cards for digit signature authentication for public key cryptography RSA. Results showed that the modular mulitiplier takes 342 ms to encrypt a 1 024 bit message on average at a clock rate of 20 MHz and holds about 8 500 gate counts.

CHEN Hongyi,GAI Weixin

DOI: https://doi.org/10.3321/j.issn:1000-0054.1998.03.003

1998-01-01

Abstract:A novel systolic linear array modular multiplier is presented which ideally performs the parallel modular multiplication based on the algorithm of Montgomery. The total execution time for an n bit modular multiplication is 2n+11 clock cycles. To further increase the throughput the three stage pipeline architecture is adopted inside the processing element, so that every one bit result outputs at one clock cycle when the pipeline is filled. Each pipeline stage only contains the operation of an one bit full adder. Moreover, with the purely nearest neighbor communication, the interconnect delay is also very short. Therefore it can work at a high clock frequency. On the other hand, every processing element is simple, mainly consisting of four full adders and fourteen flip flops. For n bit modular multiplication, the cost of the hardware is 46 n +184 gates. So this novel linear systolic array for modular multiplication is a speed and area optimized system, suitable for the VLSI implementation. It can be used for modular exponentiation which is a kernel operation in many public key cryptosystems such as RSA. With clock frequency of 200MHz by using 0.8μm CMOS technology, the throughput can reach 129kb/s with a single modular multiplier chip.

Yang Li,Jinlin Wang,Xuewen Zeng,Xiaozhou Ye

DOI: https://doi.org/10.1587/transcom.2016ebp3189

2017-01-01

IEICE Transactions on Communications

Abstract:Montgomery modular multiplication is one of the most efficient algorithms for modular multiplication of large integers. On resource-constraint embedded processors, memory-access operations play an important role as arithmetic operations in the modular multiplication. To improve the efficiency of Montgomery modular multiplication on embedded processors, this paper concentrates on reducing the memory-access operations through adding a few working registers. We first revisit previous popular Montgomery modular multiplication algorithms, and then present improved algorithms for Montgomery modular multiplication and squaring for arbitrary prime fields. The algorithms adopt the general ideas of hybrid multiplication algorithm proposed by Gura and lazy doubling algorithm proposed by Lee. By careful optimization and redesign, we propose novel implementations for Montgomery multiplication and squaring called coarsely integrated product and operand hybrid scanning algorithm (CIPOHS) and coarsely integrated lazy doubling algorithm (CILD). Then, we implement the algorithms on general MIPS64 processor and OCTEON CN6645 processor equipped with specific multiply-add instructions. Experiments show that CIPOHS and CILD offer the best performance both on the general MIPS64 and OCTEON CN6645 processors. But the proposed algorithms have obvious advantages for the processors with specific multiply-add instructions such as OCTEON CN6645. When the modulus is 2048 bits, the CIPOHS and CILD outperform the CIOS algorithm by a factor of 47% and 58%, respectively.

Jia-jia SHAO,Li-ji WU,Xiang-min ZHANG

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2015.02.009

2015-01-01

Abstract:In this paper , we design a key‐length‐configurable modular exponentiation based on CIOS modular multiplication algorithm and Montgomery powering ladder exponentiation algorithm . The long integer modular exponentiation circuit is synthesized by Synopsys Design Compiler under the clock frequency of 50 M Hz and SMIC13LL technology at a cost of 16 .1k gates and throughput is 10 kb/s and Primetime PX power report shows that the average power consumption of 30 MHz is 2 .87 mW ,which achieves the requirements of speed ,power consumption and circuit area of smart card .The modular multiplication circuit proposed by this thesis achieves high resource utilization rate and smallest "power × area/throughput" in comparison with modular multiplication of systolic array architectures .

Jun Han,Renfeng Dou,Lingyun Zeng,Shuai Wang,Zhiyi Yu,Xiaoyang Zeng

DOI: https://doi.org/10.1109/tcsi.2015.2407431

2015-01-01

Abstract:A domain specific multicore processor for public-key cryptography is proposed in this paper. This processor provides flexible and efficient computation for various forms of RSA and ECC algorithms, fulfilling low-latency or high-throughput requirements of different application scenarios. By using a heterogeneous multicore architecture, the proposed processor enables high speed parallel implementations of kernel arithmetics of public-key algorithms. A long-word-length modular multiplication can be partitioned into parallel tasks executed by the high performance multipliers distributed in multiple cores. Some dedicated communication mechanisms minimize inter-core data transferring latencies of the processor. The proposed processor is implemented under TSMC 65 nm LP CMOS technology. Experimental results show that our design outperforms previous works based on varied platforms in performance, for instance, it can complete a 1024-bit RSA encryption in 0.087 ms at 960 MHz. Moreover, we also study the area reduction techniques for proposed multicore processor from the perspectives of algorithm, architecture, and circuit.

陈波,王旭,戎蒙恬,Bo Chen,Xu Wang,Mengtian Rong

2005-01-01

Abstract:RSA(Rivest-Shamir-Adleman)public-key cryptosystem is widely used in the information security area such as encryption and digital signature. Based on the modified Montgomery modular multiplication algorithm, a new architecture using CSA(carry save adder)was presented to implement modular multiplication. Compared with the popular modular multiplication algorithms using two CSA, the presented algorithm uses only one CSA, so it can improve the time efficiency of RSA cryptoprocessor and save about half of hardware resources for modular multiplication. With the increase of encryption data size n, the clock cycles for the encryption procedure reduce in (T(n~2),) compared with the modular multiplication algorithms using two CSA.

Jonathan Ku,Junyao Zhang,Haoxuan Shan,Saichand Samudrala,Jiawen Wu,Qilin Zheng,Ziru Li,JV Rajendran,Yiran Chen

2024-02-22

Abstract:Elliptic curve cryptography (ECC) is widely used in security applications such as public key cryptography (PKC) and zero-knowledge proofs (ZKP). ECC is composed of modular arithmetic, where modular multiplication takes most of the processing time. Computational complexity and memory constraints of ECC limit the performance. Therefore, hardware acceleration on ECC is an active field of research. Processing-in-memory (PIM) is a promising approach to tackle this problem. In this work, we design ModSRAM, the first 8T SRAM PIM architecture to compute large-number modular multiplication efficiently. In addition, we propose R4CSA-LUT, a new algorithm that reduces the cycles for an interleaved algorithm and eliminates carry propagation for addition based on look-up tables (LUT). ModSRAM is co-designed with R4CSA-LUT to support modular multiplication and data reuse in memory with 52% cycle reduction compared to prior works with only 32% area overhead.

Cryptography and Security,Hardware Architecture

XY Zeng,C Chen,QL Zhang

DOI: https://doi.org/10.1109/apasic.2004.1349440

2004-01-01

Abstract:A new RSA/ECC coprocessor with the characteristic of reconfiguration is proposed in this paper, which can meet the requirements of both GF(p) and GF(2(m)) fields and perform the prevalent cryptographies such as RSA and ECC. The coprocessor has the merit of reconfigurable architecture, and it can perform the modular multiplication from 32-bit to 512-bit without any modification to its hardware. Based on 0.35mum CMOS technology, area of the coprocessor is about 45K gates, and system frequency can up to 100MHz, the 512-bit modular multiplication achieve 190kbps and the 233-bit ECC encryption rate of 50kbps.

LIU Qiang,Tong Dong,CHENG Xu

DOI: https://doi.org/10.3321/j.issn:0372-2112.2005.05.033

2005-01-01

Abstract:AbstrcatThe rapid advance in communication technology brings a request for cryptoprocessors of higher performance.In the design of the RSA modular exponentiator,the Montgomery modular multiplication algorithm and the right-to-left binary method are used and modified considering large-bit modular multiplication and VLSI implementation.A Carry Save Adder structure is used in the modular multiplier,to avoid the long carry propagation.We propose a Signal Multi-Backup strategy to resolve the problem of large loads that are caused by the signal broadcasting of large-bit operation structures.

Yifeng Mo,Shuguo Li

DOI: https://doi.org/10.1109/edssc.2017.8126455

2017-01-01

Abstract:Modular multiplier is the key to implement RSA algorithm. This paper proposes the design of an 8192-bit residue number system (RNS) Montgomery multiplier based on Cox-Rower architecture. To accelerate the reduction unit, we select modulo with a small Hamming weigh, and modulo are grouped by the number of Rowers. Each Rower unit only needs to support the reduction processes of one group of modulo instead of all modulo, thus eliminating the redundancy of the conventional structure and reducing delay and area of reduction units. Our reduction unit is smaller and faster than classic reduction unit. In SMIC 0.13 μm, one 8192-bit modular multiplication is accomplished in 8056 ns at the cost of 1240 KG.