Double-Speed Barrett Moduli

Modular multiplication and modular reduction are the atomic constituents of most public-key cryptosystems. Amongst the numerous algorithms for performing these operations, a particularly elegant method was proposed by Barrett. This method builds the operation $$a \,\text {mod}\,b$$ from bit shifts, multiplications and additions in $$\mathbb {Z}$$. This allows to build modular reduction at very marginal code or silicon costs by leveraging existing hardware or software multipliers. This paper presents a method allowing to double the speed of Barrett's algorithm by using specific composite moduli. This is particularly useful for lightweight devices where such an optimization can make a difference in terms of power consumption, cost and processing time. The generation of composite moduli with a predetermined portion is a well-known technique and the use of such moduli is considered, in statu scientiae, as safe as using randomly generated composite moduli.

[1]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[2]  Joos Vandewalle,et al.  Comparison of Three Modular Reduction Functions , 1993, CRYPTO.

[3]  Igor E. Shparlinski,et al.  On RSA Moduli with Prescribed Bit Patterns , 2006, Des. Codes Cryptogr..

[4]  Ernest F. Brickell,et al.  A Fast Modular Multiplication Algorithm With Application To Two Key Cryptography , 1982, CRYPTO.

[5]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[6]  Ingrid Verbauwhede,et al.  Modular reduction without precomputational phase , 2009, 2009 IEEE International Symposium on Circuits and Systems.

[7]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8]  Marc Joye,et al.  RSA Moduli with a Predetermined Portion: Techniques and Applications , 2008, ISPEC.

[9]  Gisela Meister,et al.  On an Implementation of the Mohan-Adiga Algorithm , 1991, EUROCRYPT.

[10]  Arjen K. Lenstra,et al.  Generating RSA Moduli with a Predetermined Portion , 1998, ASIACRYPT.

[11]  Hans-Joachim Knobloch,et al.  A Smart Card Implementation of the Fiat-Shamir Identification Scheme , 1988, EUROCRYPT.

[12]  Scott A. Vanstone,et al.  Short RSA keys and their generation , 2004, Journal of Cryptology.

[13]  Paul Barrett,et al.  Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor , 1986, CRYPTO.

[14]  Robert L. Bernstein Multiplication by integer constants , 1986, Softw. Pract. Exp..