Issue No.11 - November (2004 vol.53)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2004.100
We describe how using a redundant Montgomery representation allows for high-performance SIMD-based implementations of RSA and elliptic curve cryptography. This is in addition to the known benefits of immunity from timing attacks afforded by the use of such a representation. We present some preliminary implementation timings using the SSE2 instruction set on a Pentium 4 processor and show that an SIMD parallel implementation of RSA can be around twice as fast as traditional sequential code. This is especially useful given the larger 2,048 bit RSA keys which are now being proposed for standard security levels. Finally, we remark on other application areas that improve the security of our work in the context of side-channel analysis while maintaining high performance.
Public key cryptosystems, algorithm design and analysis, parallel and vector implementations, performance measures.
Daniel Page, Nigel P. Smart, "Parallel Cryptographic Arithmetic Using a Redundant Montgomery Representation", IEEE Transactions on Computers, vol.53, no. 11, pp. 1474-1482, November 2004, doi:10.1109/TC.2004.100