Montgomery modular exponentiation on reconfigurable hardware

It is widely recognized that security issues will play a crucial role in the majority of future computer and communication systems. Central tools for achieving system security are cryptographic algorithms. For performance as well as for physical security reasons, it is often advantageous to realize cryptographic algorithms in hardware. In order to overcome the well-known drawback of reduced flexibility that is associated with traditional ASIC solutions, this contribution proposes arithmetic architectures which are optimized for modern field programmable gate arrays (FPGAs). The proposed architectures perform modular exponentiation with very long integers. This operation is at the heart of many practical public-key algorithms such as RSA and discrete logarithm schemes. We combine the Montgomery modular multiplication algorithm with a new systolic array design, which is capable of processing a variable number of bits per array cell. The designs are flexible, allowing any choice of operand and modulus. Unlike previous approaches, we systematically implement and compare several variants of our new architecture for different bit lengths. We provide absolute area and timing measures for each architecture. The results allow conclusions about the feasibility and time-space trade-offs of our architecture for implementation on Xilinx XC4000 series FPGAs. As a major practical result we show that it is possible to implement modular exponentiation at secure bit lengths on a single commercially available FPGA.

[1]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[2]  Donald Ervin Knuth,et al.  The Art of Computer Programming, Volume II: Seminumerical Algorithms , 1970 .

[3]  Stephen C. Pohlig,et al.  An Improved Algorithm for Computing Logarithms over GF(p) and Its Cryptographic Significance , 2022, IEEE Trans. Inf. Theory.

[4]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[5]  J. Quisquater,et al.  Fast decipherment algorithm for RSA public-key cryptosystem , 1982 .

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[8]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[9]  Holger Sedlak,et al.  The RSA Cryptography Processor , 1987, EUROCRYPT.

[10]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[11]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[12]  Dieter Gollmann,et al.  Algorithm engineering for public key algorithms , 1989, IEEE J. Sel. Areas Commun..

[13]  Ernest A. Brickell A survey of hardware implementations of RSA (abstract) , 1989, CRYPTO 1989.

[14]  Etienne Vanzieleghem,et al.  A Single Chip 1024 Bits RSA Processor , 1990, EUROCRYPT.

[15]  Burton S. Kaliski,et al.  A Cryptographic Library for the Motorola DSP56000 , 1991, EUROCRYPT.

[16]  Naofumi Takagi A radix-4 modular multiplication hardware algorithm efficient for iterative modular multiplications , 1991, [1991] Proceedings 10th IEEE Symposium on Computer Arithmetic.

[17]  Colin D. Walter Fast modular multiplication using 2-power radix , 1991, Int. J. Comput. Math..

[18]  Yukio Tsuruoka,et al.  Speeding up Elliptic Cryptosystems by Using a Signed Binary Window Method , 1992, CRYPTO.

[19]  Mark Shand,et al.  Fast implementations of RSA cryptography , 1993, Proceedings of IEEE 11th Symposium on Computer Arithmetic.

[20]  Colin D. Walter,et al.  Hardware Implementation of Montgomery's Modular Multiplication Algorithm , 1993, IEEE Trans. Computers.

[21]  C. D. Walter,et al.  Systolic Modular Multiplication , 1993, IEEE Trans. Computers.

[22]  Hideki Imai,et al.  Montgomery modular-multiplication method and systolic arrays suitable for modular exponentiation , 1994 .

[23]  Peter Komerup,et al.  a A Systolic, Linear-Array Multiplier for a Class of Right-Shift Algorithms , 1994 .

[24]  Peter Kornerup,et al.  A Systolic, Linear-Array Multiplier for a Class of Right-Shift Algorithms , 1994, IEEE Trans. Computers.

[25]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[26]  Holger Orup,et al.  Simplifying quotient determination in high-radix modular multiplication , 1995, Proceedings of the 12th Symposium on Computer Arithmetic.

[27]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[28]  Mark Shand,et al.  Programmable active memories: reconfigurable systems come of age , 1996, IEEE Trans. Very Large Scale Integr. Syst..

[29]  Weixin Gai,et al.  A systolic linear array for modular multiplication , 1996, 2nd International Conference on ASIC.

[30]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[31]  P. A. Wang,et al.  New VLSI architectures of RSA public-key cryptosystem , 1997, Proceedings of 1997 IEEE International Symposium on Circuits and Systems. Circuits and Systems in the Information Age ISCAS '97.

[32]  Wayne P. Burleson,et al.  VLSI array algorithms and architectures for RSA modular multiplication , 1997, IEEE Trans. Very Large Scale Integr. Syst..

[33]  Nikolaus Lange,et al.  Single-Chip Implementation of a Cryptosystem for Financial Applications , 1997, Financial Cryptography.

[34]  Jens-Peter Kaps High Speed FPGA Architectures for the Data Encryption Standard , 1998 .

[35]  A. Tiountchik Systolic modular exponentiation via Montgomery algorithm , 1998 .

[36]  Bart Preneel,et al.  On the Performance of Signature Schemes Based on Elliptic Curves , 1998, ANTS.

[37]  Jean-Claude Bajard,et al.  An RNS Montgomery Modular Multiplication Algorithm , 1998, IEEE Trans. Computers.

[38]  Martin Christopher Rosner,et al.  Elliptic Curve Cryptosystems on Reconfigurable Hardware , 1999 .