This Article 
 Bibliographic References 
 Add to: 
A Full RNS Implementation of RSA
June 2004 (vol. 53 no. 6)
pp. 769-774

Abstract—We present the first implementation of RSA in the Residue Number System (RNS) which does not require any conversion, either from radix to RNS beforehand or RNS to radix afterward. Our solution is based on an optimized RNS version of Montgomery multiplication. Thanks to the RNS, the proposed algorithms are highly parallelizable and seem then well suited to hardware implementations. We give the computational procedure both parties must follow in order to recover the correct result at the end of the transaction (encryption or signature).

[1] J.-C. Bajard, L.-S. Didier, and P. Kornerup, Modular Multiplication and Base Extension in Residue Number Systems Proc. 15th IEEE Symp. Computer Arithmetic, N. Burgess, ed., pp. 59-65, June 2001.
[2] J.-C. Bajard, L. Imbert, and P.-Y. Liardet, Leak Resistant Arithmetic LIRMM, Research Report 03021, Oct. 2003.
[3] E.F. Brickell, A Survey of Hardware Implementation of RSA Advances in Cryptology, Proc. CRYPTO '89, pp. 368-370, 1990.
[4] C.K. Koc, T. Acar, and B. Kaliski, “Analyzing and Comparing Montgomery Multiplication Algorithms,” IEEE Micro, vol. 16, no. 3, pp. 26-33, June 1996.
[5] S.E. Eldridge and C.D. Walter, “Hardware Implementation of Montgomery's Modular Multiplication Algorithm,” IEEE Trans. Computers, vol. 42, no. 7, pp. 693-699, July 1993.
[6] H.L. Garner, The Residue Number System IRE Trans. Electronic Computers, vol. 8, pp. 140-147, June 1959.
[7] S. Kawamura, M. Koike, F. Sano, and A. Shimbo, Cox-Rower Architecture for Fast Parallel Montgomery Multiplication Advances in Cryptology, Proc. EUROCRYPT 2000, pp. 523-538, May 2000.
[8] D.E. Knuth, The Art of Computer Programming, Vol. 2: Seminumerical Algorithms, third ed. Addison-Wesley, 1997.
[9] A.J. Menezes, P.C. Van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography. Boca Raton, Fla.: CRC Press, 1997.
[10] P.L. Montgomery, Modular Multiplication without Trial Division Math. Computation, vol. 44, no. 170, pp. 519-521, Apr. 1985.
[11] H. Nozaki, M. Motoyama, A. Shimbo, and S. Kawamura, Implementation of RSA Algorithm Based on RNS Montgomery Multiplication Proc. Cryptographic Hardware and Embedded Systems (CHES 2001), pp. 364-376, Sept. 2001.
[12] K.C. Posch and R. Posch, Modulo Reduction in Residue Number Systems IEEE Trans. Parallel and Distributed Systems, vol. 6, no. 5, pp. 449-454, May 1995.
[13] J.-J. Quisquater and C. Couvreur, Fast Decipherment Algorithm for RSA Public-Key Cryptosystem IEE Electronics Letters, vol. 18, no. 21, pp. 905-907, Oct. 1982.
[14] R. Rivest, A. Shamir, and L. Adleman, A Method for Obtaining Digital Signatures and Public Key Cryptosystems Comm. ACM, vol. 21, no. 2, pp. 120-126, Feb. 1978.
[15] M. Shand and J. Vuillemin, “Fast Implementations of RSA Cryptography,” Proc. 11th IEEE Symp. Computer Arithmetic, pp. 252-259, 1993.
[16] A.P. Shenoy and R. Kumaresan, Fast Base Extension Using a Redundant Modulus in RNS IEEE Trans. Computers, vol. 38, no. 2, pp. 292-297, Feb. 1989.
[17] N. Szabo and R.I. Tanaka, Residue Arithmetic and Its Application to Computer Technology, 1967.
[18] F.J. Taylor, Residue Arithmetic: A Tutorial with Examples Computer, vol. 17, no. 5, pp. 50-62, May 1984.

Index Terms:
Cryptography, RSA, Montgomery multiplication, Residue Number Systems.
Jean-Claude Bajard, Laurent Imbert, "A Full RNS Implementation of RSA," IEEE Transactions on Computers, vol. 53, no. 6, pp. 769-774, June 2004, doi:10.1109/TC.2004.2
Usage of this product signifies your acceptance of the Terms of Use.