The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.07 - July (2011 vol.60)
pp: 923-936
Miaoqing Huang , The George Washington University, Ashburn
Kris Gaj , George Mason University, Fairfax
Tarek El-Ghazawi , The George Washington University, Washington, DC
ABSTRACT
Montgomery modular multiplication is one of the fundamental operations used in cryptographic algorithms, such as RSA and Elliptic Curve Cryptosystems. At CHES 1999, Tenca and Koç proposed the Multiple-Word Radix-2 Montgomery Multiplication (MWR2MM) algorithm and introduced a now-classic architecture for implementing Montgomery multiplication in hardware. With parameters optimized for minimum latency, this architecture performs a single Montgomery multiplication in approximately 2n clock cycles, where n is the size of operands in bits. In this paper, we propose two new hardware architectures that are able to perform the same operation in approximately n clock cycles with almost the same clock period. These two architectures are based on precomputing partial results using two possible assumptions regarding the most significant bit of the previous word. These two architectures outperform the original architecture of Tenca and Koç in terms of the product latency times area by 23 and 50 percent, respectively, for several most common operand sizes used in cryptography. The architecture in radix-2 can be extended to the case of radix-4, while preserving a factor of two speedup over the corresponding radix-4 design by Tenca, Todorov, and Koç from CHES 2001. Our optimization has been verified by modeling it using Verilog-HDL, implementing it on Xilinx Virtex-II 6000 FPGA, and experimentally testing it using SRC-6 reconfigurable computer.
INDEX TERMS
Montgomery multiplication, MWR2MM algorithm, hardware optimization, field-programmable gate arrays.
CITATION
Miaoqing Huang, Kris Gaj, Tarek El-Ghazawi, "New Hardware Architectures for Montgomery Modular Multiplication Algorithm", IEEE Transactions on Computers, vol.60, no. 7, pp. 923-936, July 2011, doi:10.1109/TC.2010.247
REFERENCES
[1] R.L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Comm. ACM, vol. 21, no. 2, pp. 120-126, 1978.
[2] P.L. Montgomery, "Modular Multiplication without Trial Division," Math. of Computation, vol. 44, no. 170, pp. 519-521, Apr. 1985.
[3] K. Gaj et al., "Implementing the Elliptic Curve Method of Factoring in Reconfigurable Hardware," Proc. Cryptographic Hardware and Embedded Systems (CHES '06), pp. 119-133, Oct. 2006.
[4] A.F. Tenca and Ç.K. Koç, "A Scalable Architecture for Montgomery Multiplication," Proc. First Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '99), pp. 94-108, 1999.
[5] A.F. Tenca and Ç.K. Koç, "A Scalable Architecture for Modular Multiplication Based on Montgomery's Algorithm," IEEE Trans. Computers, vol. 52, no. 9, pp. 1215-1221, Sept. 2003.
[6] A.F. Tenca, G. Todorov, and Ç.K. Koç, "High-Radix Design of a Scalable Modular Multiplier," Proc. Third Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '01), pp. 185-201, 2001.
[7] D. Harris, R. Krishnamurthy, M. Anders, S. Mathew, and S. Hsu, "An Improved Unified Scalable Radix-2 Montgomery Multiplier," Proc. 17th IEEE Symp. Computer Arithmetic (ARITH), pp. 172-178, June 2005.
[8] N. Jiang and D. Harris, "Parallelized Radix-2 Scalable Montgomery Multiplier," Proc. IFIP Int'l Conf. Very Large Scale Integration (VLSI-SoC '07), pp. 146-150, Oct. 2007.
[9] N. Pinckney and D.M. Harris, "Parallelized Radix-4 Scalable Montgomery Multipliers," J. Integrated Circuits and Systems, vol. 3, no. 1, pp. 39-45, Mar. 2008.
[10] K. Kelly and D. Harris, "Parallelized Very High Radix Scalable Montgomery Multipliers," Proc. 39th Asilomar Conf. Signals, Systems and Computers, pp. 1196-1200, Oct. 2005.
[11] E.A. Michalski and D.A. Buell, "A Scalable Architecture for RSA Cryptography on Large FPGAs," Proc. Int'l Conf. Field Programmable Logic and Applications, (FPL '06), pp. 145-152, Aug. 2006.
[12] Ç.K. Koç, T. Acar, and B.S. KaliskiJr., "Analyzing and Comparing Montgomery Multiplication Algorithms," IEEE Micro, vol. 16, no. 3, pp. 26-33, June 1996.
[13] C. McIvor, M. McLoone, and J.V. McCanny, "High-Radix Systolic Modular Multiplication on Reconfigurable Hardware," Proc. IEEE Int'l Conf. Field-Programmable Technology (ICFPT '05), pp. 13-18, Dec. 2005.
[14] C. McIvor, M. McLoone, and J.V. McCanny, "Modified Montgomery Modular Multiplication and RSA Exponentiation Techniques," IEE Proc.—Computers and Digital Techniques, vol. 151, no. 6, pp. 402-408, Nov. 2004.
[15] L. Batina and G. Muurling, "Montgomery in Practice: How to Do It More Efficiently in Hardware," Proc. Cryptographer's Track at the RSA Conf. Topics in Cryptology (CT-RSA '02), pp. 40-52, Feb. 2002.
[16] C.D. Walter, "Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli," Proc. Cryptographer 's Track at the RSA Conf. Topics in Cryptology (CT-RSA '02), pp. 30-39, Feb. 2002.
7 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool