A design of a fast pipelined modular multiplier based on a diminished-radix algorithm
Abstract
We present a new serial-parallel concurrent modular-multiplication algorithm and architecture suitable for standard RSA encryption. In the new scheme, multiplication is performed modulo a multiple of the RSA modulus n, which has a diminished-radix form 2 k -v, where k and v are positive integers and v < n. This design is the first concurrent modular multiplier to use a diminished-radix algorithm and to pipeline concurrent modular-reduction to optimize the clock rate. For a modular multiplier of order ranging from 1 to 10 (number of multiplier bits per clock cycle), a faster clock rate and throughput is possible than with other known designs including those of Brickell, Morita, Sedlak and Golze, and Miyaguchi. Throughput estimates for 512-bit RSA decryption range from 100 kbit/s in a serial mode to 650 kbit/s with a modular multiplier of order 10, at a clock rate of 20 MHz on 1.5 μm CMOS.
References
[1]
E. F. Brickell, A fast modular multiplication algorithm with application to two key cryptography, Proc. CRYPTO '82, Santa Barbara, CA, Plenum, New York, 1983, pp. 51-60.
[2]
E. F. Brickell, A survey of hardware implementations of RSA, Advances in Cryptology, CRYPTO '89, Springer-Verlag, Berlin, 1989, pp. 368-370.
[3]
W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol. 22, no. 6 (1976), pp. 644-654.
[4]
S. R. Dussé and B. S. Kaliski, Jr., A cryptographic library for the Motorola DSP56000, Advances in Cryptology, CRYPTO '90, Springer-Verlag, Berlin, 1991, pp. 230-244.
[5]
T. EIGamel, A public key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory, vol. 31, no. 4 (1985), pp. 469-472.
[6]
P. Galley and E. Depret, A cryptography processor, 1988 IEEE International Solid State Circuits Conference Digest of Technical Papers, pp. 148-149, 1988.
[7]
F. Hoornaert, M. Decroos, J. Vandewalle, and R. Govaerts, Fast RSA-hardware Dream or reality?, Advances in Cryptology, EUROCRYPT '88, Davos, Switzerland, Springer-Verlag, Berlin, 1988, pp. 257-264.
[8]
K. Hwang, Computer Arithmetic, Wiley, New York, 1979.
[9]
S. Kawamura and K. Hirano, A fast modular arithmetic algorithm using a residue table, Advances in Cryptology, EUROCRYPT '88, Davos, Switzerland, Springer-Verlag, Berlin, 1988, pp. 245-250.
[10]
D. E. Knuth, The Art of Computer Programming, vol. 2, 2nd edn., Addison-Wesley, Reading, MA, 1981, pp. 268-275.
[11]
D. Laurichesse, Optimized implementation of RSA cryptosystem, Computers and Security (UK), vol. 10, no. 3 (1991), pp. 263-267.
[12]
D. J. Lehmann, On primality tests, SIAM Journal of Computing, vol. 11, no. 2 (1982), pp. 374-375.
[13]
A. K. Lenstra, H. W. Lenstra, Jr., M. S. Manasse, and J. M. Pollard, The number field seive, Proc. STOC '90, Baltimore, MD, ACM Press, Baltimore, MD, 1990, pp. 564-572.
[14]
R. Madhavan and L. E. Peppard, A multiprocessor GaAs RSA cryptosystem, Proc. CCVLSI '89, Vancouver, 1989, pp. 115-122.
[15]
G. Meister, On an implementation of the Mohan-Adiga algorithm, Advances in Cryptology, EUROCRYPT '90, Springer-Verlag, Berlin, 1990, pp. 496-500.
[16]
S. Miyaguchi, Fast encryption algorithm for the RSA cryptographic system, Proc COMPCON '82, 1982, pp. 672-678.
[17]
S. B. Mohan and B. S. Adiga, Fast algorithms for implementing RSA public key cryptosystem, Electronics Letters, vol. 21, no. 21 (1985), p. 761.
[18]
P. L. Montgomery, Modular multiplication without trial division, Mathematics of Computation, vol. 44, no. 170 (1985), pp. 519-521.
[19]
H. Morita, A fast modular multiplication algorithm based on a higher radix, Proc. CRYPTO '90, Santa Barbara, CA, Springer-Verlag, Berlin, 1991, pp. 387-399.
[20]
D.B. Newman, Jr., J. K. Omura, and R. L. Pickholtz, Public key management for network security, IEEE Network Magazine, vol. 1, no. 2 (1987), pp. 11-16.
[21]
M. J. Norris and G. J. Simmons, Algorithms for high-speed modular arithmetic, Congressus Numeratium, vol. 31 (1981), pp. 153-163.
[22]
G. A. Orton, M. P. Roy, P. A. Scott, L. E. Peppard, and S. E. Tavares, VLSI implementation of public key encryption algorithms, Proc. CRYPTO '86, Santa Barbara, CA, Springer-Verlag, Berlin, 1987, pp. 277-301.
[23]
H. Orup, E. Svendsen, and E. Andreasen, VICTOR, an efficient RSA hardware implementation, Advances in Cryptology, EUROCRYPT '90, Springer-Verlag, Berlin, 1991, pp. 245-252.
[24]
J.J. Quisquater and C. Couvreur, Fast decipherment algorithm for RSA public-key cryptosystem, Electronics Letters, vol. 18, no. 18 (1982), pp. 905-907.
[25]
M. O. Rabin, Digital signatures and public-key functions as intractable as factorization, MIT/LCS/TR-212, MIT Laboratory for Computer Science, January 1979.
[26]
R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol. 21, no. 2 (1978), pp. 120-126.
[27]
R.L. Rivest, A description of a single-chip implementation of the RSA cipher, Lambda, 4th quarter (1980), pp. 14-18.
[28]
R. L. Rivest, RSA chips (past/present/future), Proc. EUROCRYPT '84, Springer-Verlag, Berlin, 1985, pp. 159-165.
[29]
J. E. Roberston, A deterministic procedure for the design of carry-save adders and borrow-save subtractors, Report No. 235, Department of Computer Science, University of Illinois, Urbana, IL, July 1967.
[30]
F.A. Rohatsch, A study of transformations applicable to the development of limited carry-borrow propagation adders, Ph.D. thesis, University of Illinois, Urbana, IL, June 1967.
[31]
H. Sedlak and U. Golze, An RSA cryptography processor, Microprocessing and Microprogramming, vol. 18 (1986), pp. 583-590.
[32]
A. Vandemeulebroecke, E. Vanzieleghem, T. Denayer, and P. G. Jespers, A single chip 1024 bits RSA processor, Advances in Cryptology, EUROCRYPT '89, Houthalen, Belgium, Springer-Verlag, Bedin, 1990, pp. 219-236.
[33]
C. S. Wallace, A suggestion for a fast multiplier, IEEE Transactions on Electronic Computers, vol. 13 (1964), pp. 14-17.
[34]
M. Watler, VLSI architectures and circuits for RSA encryption, M.Sc. thesis, Queen's University, Kingston, Ontario, 1989.
[35]
A. Jung, Implementing the RSA cryptosystem, Computers and Security (UK), vol. 6 (1987), pp. 342- 350.
Index Terms
- A design of a fast pipelined modular multiplier based on a diminished-radix algorithm
Index terms have been assigned to the content through auto-classification.
Recommendations
New Efficient Structure for a Modular Multiplier for RNS
Modular multiplication is a very important arithmetic operation in residue-based real-time computing systems. In realizing these multipliers, ROM-based structures are more efficient for small moduli. Due to the exponential growth of ROM sizes, ...
A Radix-4 Modular Multiplication Hardware Algorithm for Modular Exponentiation
Special issue on computer arithmeticA fast radix-4 modular multiplication hardware algorithm is proposed. It is efficient for modular exponentiation with a large modulus, used in public-key cryptosystems such as the RSA cryptosystem. The operands and the result of multiplication which are ...
Fast truncated multiplication for cryptographic applications
CHES'05: Proceedings of the 7th international conference on Cryptographic hardware and embedded systemsThe Truncated Multiplication computes a truncated product, a contiguous subsequence of the digits of the product of 2 integers. A few truncated polynomial multiplication algorithms are presented and adapted to integers. They are based on the most often ...
Comments
Information & Contributors
Information
Published In
Copyright © Copyright © 1993 International Association for Cryptologic Research.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 01 September 1993
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 22 Sep 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in