Yuxuan Zhang,Hua Guo,Chen Chen,Yewei Guan,Xiyong Zhang,Zhenyu Guan

2024-07-18

Abstract:Montgomery modular multiplication is widely-used in public key cryptosystems (PKC) and affects the efficiency of upper systems directly. However, modulus is getting larger due to the increasing demand of security, which results in a heavy computing cost. High-performance implementation of Montgomery modular multiplication is urgently required to ensure the highly-efficient operations in PKC. However, existing high-speed implementations still need a large amount redundant computing to simplify the intermediate result. Supports to the redundant representation is extremely limited on Montgomery modular multiplication. In this paper, we propose an efficient parallel variant of iterative Montgomery modular multiplication, called DRMMM, that allows the quotient can be computed in multiple iterations. In this variant, terms in intermediate result and the quotient in each iteration are computed in different radix such that computation of the quotient can be pipelined. Based on proposed variant, we also design high-performance hardware implementation architecture for faster operation. In the architecture, intermediate result in every iteration is denoted as three parts to free from redundant computations. Finally, to support FPGA-based systems, we design operators based on FPGA underlying architecture for better area-time performance. The result of implementation and experiment shows that our method reduces the output latency by 38.3\% than the fastest design on FPGA.

Cryptography and Security

Hongfei Ke,Hao Li,Peiyong Zhang

DOI: https://doi.org/10.1016/j.mejo.2023.106085

IF: 1.992

2023-01-01

Microelectronics Journal

Abstract:Modular multiplication plays a crucial role in modern cryptography. Montgomery modular multiplication(MMM), one of the most classic and practical modular multiplication algorithms, has been widely used in cryptographic algorithms such as RSA, Diffie–Hellman algorithm, and Elliptic Curve Cryptography. In this paper, we incorporate negative wrapped convolution (NWC) into the FFT-based Montgomery modular multiplication to avoid the issue of zero-padding and use carry-save arithmetics for parallel computation. By utilizing coefficient pairs (pos_part and neg_part), we reconstruct the final result and eliminate the restrictions imposed by nega-cyclic parts. Moreover, Karatsuba-like algorithm is introduced for building fine-grained large integer multipliers. We have modified the parameter specifications for our design to meet requirements from diverse application scenarios. We implement the design on Xilinx Virtex-7 FPGA under different conditions and compare the results with the state-of-the-art MMM designs. The comparisons confirm that our design has the following characteristics: low latency for process, competitive area-latency-product(ALP), efficient DSP usage, and constant delay, which enhances security against timing attacks.

Bing Li,Jinlei Wang,Guocheng Ding,Haisheng Fu,Bingjie Lei,Haitao Yang,Jiangang Bi,Shaochong Lei

DOI: https://doi.org/10.1109/TCSII.2021.3053630

2021-01-01

Abstract:In this brief, Redundant Binary Representation (RBR) is applied in Montgomery modular multiplication (MMM) to eliminate the long carry chain and realize parallel computation. A novel MMM algorithm based on RBR is proposed. Based on the proposed algorithm, different sizes of high-performance and low-cost Montgomery multipliers are implemented in TSMC CMOS process technology. The experimental results demonstrate that our design has significant advantages in terms of performance, area and Area-Time-Product over previous researches. It's worth mentioning that our 8192-bit Montgomery multiplier (TMSC 65nm) with 603MHz working frequency and 878.1K equivalent gates can complete the MMM in only 3403ns.

Ruirui Liu,Shuguo Li

DOI: https://doi.org/10.1109/iscas.2019.8702684

2019-01-01

Abstract:Large integer multiplication is the critical operation to design a modular multiplier. Karatsuba algorithm(KO algorithm) to split the operands into two parts is generally used to design a large integer multiplier. In this paper, we firstly propose a design of 258-bit multiplier based on KO-3 algorithm deduced by KO algorithm, with which hardware resources can be reduced than KO algorithm. Then we construct a 256-bit four-stage pipelined Montgomery modular multiplier on the base of proposed multiplier. Finally, we implement the design of modular multiplier on Virtex-6 FPGA platform. This design can run at the clock rate of 68 MHz with 187.9k LUTs approximately. In addition, our design can obtain the result of Montgomery modular multiplier for every clock. Compared with other designs on FPGA, our design shows a better performance in term of area-time product.

Hongshuo Li,Shiwei Ren,Weijiang Wang,Jingqi Zhang,Xiaohua Wang

DOI: https://doi.org/10.3390/electronics12153241

IF: 2.9

2023-01-01

Electronics

Abstract:Modular multiplication is a crucial operation in public-key cryptography systems such as RSA and ECC. In this study, we analyze and improve the iteration steps of the classic Montgomery modular multiplication (MMM) algorithm and propose an interleaved pipeline (IP) structure, which meets the high-performance and low-cost requirements for Internet of Things devices. Compared to the classic pipeline structure, the IP does not require a multiplexing processing element (PE), which helps shorten the data path of intermediate results. We further introduce a disruption in the critical path to complete an iterative step of the MMM algorithm in two clock cycles. Our proposed hardware architecture is implemented on Xilinx Virtex-7 Series FPGA, using DSP48E1, to realize the multiplier. The implemented results show that the modular multiplication of 1024 bits by 2048 bits requires 1.03 μs and 2.13 μs, respectively. Moreover, our area–time–product analysis reveals a favorable outcome compared to the state-of-the-art designs across a 1024-bit and 2048-bit modulus.

Qiqi Tao,Liying Li,Junlong Zhou,Guitao Cao,Dan Meng

DOI: https://doi.org/10.1016/j.sysarc.2024.103142

IF: 5.836

2024-05-01

Journal of Systems Architecture

Abstract:Homomorphic encryption is an important technology for protecting data privacy, and the performance of modular multiplication directly affects the efficiency of homomorphic encryption. Currently, there are numerous FPGA-based acceleration techniques targeting modular multiplication. However, many of these implementations require substantial hardware resources or suffer from resource imbalance. This leads to a lower throughput. Therefore, we present a novel FPGA-based implementation of Montgomery Modular Multiplication aimed at addressing these challenges. Our design employs a suitable radix bit width and word size based on the digital signal processing (DSP) bit width rather than the conventional binary powers of two. We aim to instantiate more modular multipliers using limited resources while minimizing latency. We also introduce a novel DSP cascade structure, called parallel grouping cascade DSP, which reduces the number of clock cycles of internal multipliers. To balance the ratio of lookup table (LUT) and DSP usage, we also use multipliers implemented in the LUT to replace some DSPs. Our results, implemented on Xilinx Virtex-7 field-programmable gate array (FPGA), demonstrate more than 27% improvement in throughput on 1024-bit modular multiplication and more than 70% improvement on 2048-bit compared to the best previous state-of-the-art references.

computer science, software engineering, hardware & architecture

Yibo Fan,Xiaoyang Zeng,Yu Yu,Gang Wang,Huang Deng,Qianling Zhang

DOI: https://doi.org/10.1109/ICASIC.2005.1611286

2005-01-01

Abstract:This paper describes an improved version of the Tenca-Todorov-Koc word based radix-8 Montgomery multiplier. It uses radix-16 for fast without adding any hardware, and adjusting the data-path to get shorter critical path, and requires half of FIFO memory. This design is reconfigurable to accept any input precision as the Tenca-Todorov-Koc's design. An ASIC implementation in 0.25 mum CMOS standard cell technology can perform 2048-bit modular exponentiation in 28ms under 125MHz clock period

Ying Fang

IF: 1.992

2002-01-01

Microelectronics Journal

Abstract:A high radix technique is employed to improve the original Montgomery's algorithm,and an efficient hardware oriented algorithm is proposed to calculate Montgomery Product, which has a reduced hardware complexity and increased processing speed The algorithm has been implemented in a 512 bit Montgomery modular multiplier using CSMC 0 6 μm CMOS standard cell library The device contains about 48k gates and occupies an area of 3 mm × 3 mm Operating at a maximum clock frequency up to 40 MHz, it takes 341 clock cycles for the modular multiplier to accomplish a 512 bit Montgomery modular multiplication

Yibo Fan,Xiaoyang Zeng,Yu Yu,Gang Wang,Qianling Zhang

DOI: https://doi.org/10.1109/ISCAS.2006.1693351

2006-01-01

Abstract:This paper proposed a high-radix scalable Montgomery multiplier with the efficient data-path and half latency. By using new algorithm proposed by this paper, it achieves shorter critical path by calculating coefficient qY and qM in parallel. The algorithm can also provide half latency by changing pipeline dataflow through operands dynamic extending during calculation. This design can be used to accept any input precision up to the size of the on-chip memory. An ASIC implementation in 0.25 mun CMOS technology can perform 1024-bit RSA encryption with 390k bps under 180MHz frequency

Zhihua Chen,Yihe Sun,Guoqiang Bai

DOI: https://doi.org/10.1109/ICASIC.2003.1277442

2003-01-01

Abstract:This paper describes a new scalable architecture of Montgomery modular multiplier (MMM) using our improved FIOS algorithm. This algorithm and architecture can manipulate operands of any precision (bit length) in dual field (prime field and binary field) and has the advantage of using relatively smaller latency (clock cycles) to complete one modular multiplication. Our architecture is reusable and has high performance with respect to latency, timing, area, etc.

Tian Wang,Xiaoxin Cui,Kai Liao,Nan Liao

DOI: https://doi.org/10.1109/icsict.2014.7021502

2014-01-01

Abstract:Montgomery algorithm is widely used in public-key cryptosystems. In this paper a new word-based Montgomery algorithm suitable for higher radices has been presented and a new modular multiplication block based on it has been designed. The latency between neighboring processing elements can be reduced to one clock period by deferring the calculation of several bits of each word to the next processing element. The radix 2, 4 and 8 modular multiplication block has been implemented with SMIC 0.13um technology and Xilinx Virtex II series FPGA. The proposed design with radix 2 and 4 achieves area reduction with almost the same performance in speed, compared to other designs of the same radix. And the radix-8 block gains at least 10% time reduction in completing a 1024-bit Montgomery multiplication.

FAN Yi-bo,ZENG Xiao-yang,YU Yu

DOI: https://doi.org/10.3321/j.issn:1000-436x.2006.04.017

2006-01-01

Abstract:An improved version of Montgomery multiplier was proposed basing the Tenca-Todorov-Ko?’s word based radix-8 Montgomery multiplier. Radix-16 was used for fast without adding any hardware, and the performance was im-proved up to 26% comparing to the Tenca-Todorov-Ko?’s design. On one hand, shorter critical path and faster frequency were got through adjusting the data-path, on the other hand, a half memory cost by preprocessing the data was saved-which would be stored in FIFO. The improved design was scalable to do any precision modular multiplication and RSA encryption. At last, a 2048-bit RSA test chip was implemented using 0.25 μm technology CMOS standard cell. The chip performs 2048-bit modular exponentiation in 28ms under 125MHz clock period.

Yang Li,Jinlin Wang,Xuewen Zeng,Xiaozhou Ye

DOI: https://doi.org/10.1587/transcom.2016ebp3189

2017-01-01

IEICE Transactions on Communications

Abstract:Montgomery modular multiplication is one of the most efficient algorithms for modular multiplication of large integers. On resource-constraint embedded processors, memory-access operations play an important role as arithmetic operations in the modular multiplication. To improve the efficiency of Montgomery modular multiplication on embedded processors, this paper concentrates on reducing the memory-access operations through adding a few working registers. We first revisit previous popular Montgomery modular multiplication algorithms, and then present improved algorithms for Montgomery modular multiplication and squaring for arbitrary prime fields. The algorithms adopt the general ideas of hybrid multiplication algorithm proposed by Gura and lazy doubling algorithm proposed by Lee. By careful optimization and redesign, we propose novel implementations for Montgomery multiplication and squaring called coarsely integrated product and operand hybrid scanning algorithm (CIPOHS) and coarsely integrated lazy doubling algorithm (CILD). Then, we implement the algorithms on general MIPS64 processor and OCTEON CN6645 processor equipped with specific multiply-add instructions. Experiments show that CIPOHS and CILD offer the best performance both on the general MIPS64 and OCTEON CN6645 processors. But the proposed algorithms have obvious advantages for the processors with specific multiply-add instructions such as OCTEON CN6645. When the modulus is 2048 bits, the CIPOHS and CILD outperform the CIOS algorithm by a factor of 47% and 58%, respectively.

Yibo Fan,Takeshi Ikenaga,Satoshi Goto

DOI: https://doi.org/10.1093/ietfec/e91-a.4.971

2008-01-01

Abstract:With the increase of key length used in public cryptographic algorithms such as RSA and ECC, the speed of Montgomery multiplication becomes a bottleneck. This paper proposes a high speed design of Montgomery multiplier. Firstly, a modified scalable high-radix Montgomery algorithm is proposed to reduce critical path. Secondly, a high-radix clock-saving dataflow is proposed to support high-radix operation and one clock cycle delay in dataflow. Finally, a hardware-reused architecture is proposed to reduce the hardware cost and a parallel radix-16 design of data path is proposed to accelerate the speed. By using HHNEC 0.25 μm standard cell library, the implementation results show that the total cost of Montgomery multiplier is 130 KGates, the clock frequency is 180 MHz and the throughput of 1024-bit RSA encryption is 352 kbps. This design is suitable to be used in high speed RSA or ECC encryption/decryption. As a scalable design, it supports any key-length encryption/decryption up to the size of on-chip memory.

Tao Wu,Shuguo Li,Litian Liu

DOI: https://doi.org/10.1109/iccsnt.2012.6525895

2012-01-01

Abstract:Due to complex hardware architecture and heavy computation, it is difficult to perform modular multiplications over large integers. In this paper, we propose a low-latency scalable modular multiplier for multi-precision modular multiplications. Unlike popular scalable architectures by Montgomery algorithm, the classic modular multiplication A · B mod M is directly implemented here. Low latency can be obtained by deferring the uses of most significant bits during the interleaving modular multiplications. Also, the critical path of processing elements is greatly reduced by carry-save additions. While the scalable modular multiplier obtains comparable performance with optimal scalable Montgomery modular multiplier, its area overhead increases since more registers and selection logics are employed. The proposed modular multiplier is convenient for variant operands and nonsuccessive modular multiplications, where it is more energy-efficient than popular scalable Montgomery modular multipliers.

Xuecheng Zou,Lijuan Zhang,Ming Li,Dongsheng Liu

2011-01-01

Abstract:A new unified dual-field Montgomery modular multiplication algorithm was proposed based on the original Montgomery algorithm. According to the new algorithm, a novel high-performance scalable dual-field modular multiplier was designed for acceleration of the Montgomery modular multiplication. Owing to its strong scalability and configurability, the modular multiplier can support arbitrary field and arbitrary operand width by using the high radix-length as processing base and pipelining multiple processing elements computation. With the 0.18 μm CMOS (complementary metal oxide semiconductor) technology, the performance and area of this modular multiplier was evaluated, and the results show that the area is 166×103 gate, which only requires 1.3 μs to perform 1024 bit modular multiplication.

Ma Yongxin,Zeng Xiaoyang,Gu Yehua,Sun Chengshou

DOI: https://doi.org/10.3321/j.issn:1002-8331.2006.12.033

2006-01-01

Abstract:This paper presents an optimized architecture of a scalable radix-4 modular multiplier,based on radix-4 Montgomery multiplication algorithm and improved pipeline architecture.With the help of word-based modular multiplication algorithm,the proposed multiplier is able to work with any precision of the input operands.Adopting pipelined datapath with several processing elements,the multiplier can be easily adjusted to the available area or desired performance.The result shows that the proposed radix-4 modular multiplier is cost-effective in terms of area and performance.

Xingjun Wu,Hongyi Chen,Yihe Sun,Weixin Gai

DOI: https://doi.org/10.1023/a:1021110405895

2003-01-01

Abstract:In this paper, a fully-pipeline linear systolic array based on adjusted Montgomery's algorithm is presented to perform modular multiplication at extremely high speed. The processing element ( PE) consists of only 4 full-adders and 14 flip-flops. Three-stage internal pipelined PE results in a very short critical path with only a one-bit full-adder delay. Thus, it can run at a very high cycle rate. The total execution time for an n-bit modular multiplication is 2n + 11 cycles with only (n/2+ 2) PEs. A modular exponentiation based on it takes (3n + 16.5)n cycles in average. Compared with most published VLSI modular multipliers, the hardware complexity is greatly reduced while keeping very high throughput. Therefore it is a good candidate of the arithmetic units used in the many public-key crypto-systems, e.g. RSA, Elliptic Curve and so on, especially for the embedded applications concerning information security.

JianWei Liu,DongXu Cheng,ZhenYu Guan,Ziyu Wang

DOI: https://doi.org/10.1109/iisr.2018.8535680

2018-01-01

Abstract:With the rapid development of cloud computing, e-commerce, authentication among multi-robot systems, the highspeed implementation of Elliptic Curve Cryptography (ECC) is in widespread use. The performance of ECC is decided by the design of scalar point multiplier, which is one of the most time-consuming component. This paper presents a full set of methods to achieve an ultra high-speed scalar point multiplier, its Scalar Point Multiplication (SPM) is optimized comprehensively in terms of speed-first design approach by concurrently implementing the Point-add (PA) and Point-double (PD) algorithms, improving large integer modular inversion algorithm and large integer modular multiplication algorithm. Finally, Montgomery domain operation and Non-Adjacent Form (NAF) encoding theory are applied to enhance the speed of scalar point multiplier. In the VLSI design, a high-speed $\pmb{256\times 256}$ -bit scalar point multiplier is achieved based on SMIC's 65nm process. It can complete single calculation of SPM within 12.5us on average, in other word, 80,000 times of SPM can be computed in one second. Compared to the scalar point multiplier realized by other publications based on VLSI, the reports for circuits synthesis show that our multiplier is optimal in terms of $AT^{2}$ and ultrafast in terms of speed.

Bo Zhang,Zeming Cheng,Massoud Pedram

DOI: https://doi.org/10.1109/tvlsi.2024.3368002

2024-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:Modular multiplication (MM) is a fundamental operation in many cryptographic and arithmetic applications. In this article, we present an improved Barrett modular multiplication (BMM) algorithm and its hardware-efficient implementation. The proposed algorithm leverages parallel computation of quotient and intermediate results, enhancing overall efficiency. To further optimize the algorithm, two optimizations are introduced, replacing expensive multiplications and additions with more efficient compression and encoding operations at each iteration. We first introduce a novel data model that enables the use of a 2-bit adder to handle potential overflow in signed addition. Moreover, by employing a 3-bit addition on intermediate results, we eliminate the need for complete round operations while ensuring the desired result range. The experimental results demonstrate significant improvements in terms of area and computation time compared to existing classic BMM and Montgomery modular multiplication (MMM) designs. Our improved BMM outperforms these designs, particularly in high-radix scenarios. This work provides a valuable contribution to the field of MM, offering a hardware-efficient solution for achieving improved performance in cryptographic and arithmetic systems.

engineering, electrical & electronic,computer science, hardware & architecture