Issue No.07 - July (2011 vol.60)
Miaoqing Huang , The George Washington University, Ashburn
Kris Gaj , George Mason University, Fairfax
Tarek El-Ghazawi , The George Washington University, Washington, DC
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2010.247
Montgomery modular multiplication is one of the fundamental operations used in cryptographic algorithms, such as RSA and Elliptic Curve Cryptosystems. At CHES 1999, Tenca and Koç proposed the Multiple-Word Radix-2 Montgomery Multiplication (MWR2MM) algorithm and introduced a now-classic architecture for implementing Montgomery multiplication in hardware. With parameters optimized for minimum latency, this architecture performs a single Montgomery multiplication in approximately 2n clock cycles, where n is the size of operands in bits. In this paper, we propose two new hardware architectures that are able to perform the same operation in approximately n clock cycles with almost the same clock period. These two architectures are based on precomputing partial results using two possible assumptions regarding the most significant bit of the previous word. These two architectures outperform the original architecture of Tenca and Koç in terms of the product latency times area by 23 and 50 percent, respectively, for several most common operand sizes used in cryptography. The architecture in radix-2 can be extended to the case of radix-4, while preserving a factor of two speedup over the corresponding radix-4 design by Tenca, Todorov, and Koç from CHES 2001. Our optimization has been verified by modeling it using Verilog-HDL, implementing it on Xilinx Virtex-II 6000 FPGA, and experimentally testing it using SRC-6 reconfigurable computer.
Montgomery multiplication, MWR2MM algorithm, hardware optimization, field-programmable gate arrays.
Miaoqing Huang, Kris Gaj, Tarek El-Ghazawi, "New Hardware Architectures for Montgomery Modular Multiplication Algorithm", IEEE Transactions on Computers, vol.60, no. 7, pp. 923-936, July 2011, doi:10.1109/TC.2010.247