VLSI array algorithms and architectures for RSA modular multiplication

We present two novel iterative algorithms and their array structures for integer modular multiplication. The algorithms are designed for Rivest-Shamir-Adelman (RSA) cryptography and are based on the familiar iterative Horner's rule, but use precalculated complements of the modulus. The problem of deciding which multiples of the modulus to subtract in intermediate iteration stages has been simplified using simple look-up of precalculated complement numbers, thus allowing a finer-grain pipeline. Both algorithms use a carry save adder scheme with module reduction performed on each intermediate partial product which results in an output in carry-save format. Regularity and local connections make both algorithms suitable for high-performance array implementation in FPGA's or deep submicron VLSI. The processing nodes consist of just one or two full adders and a simple multiplexor. The stored complement numbers need to be precalculated only when the modulus is changed, thus not affecting the performance of the main computation. In both cases, there exists a bit-level systolic schedule, which means the array can be fully pipelined for high performance and can also easily be mapped to linear arrays for various space/time tradeoffs.

[1]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[2]  Israel Koren Computer arithmetic algorithms , 1993 .

[3]  Paul Jespers,et al.  A new carry-free division algorithm and its application to a single-chip 1024-b RSA processor , 1989 .

[4]  Ernest F. Brickell,et al.  A Fast Modular Multiplication Algorithm With Application To Two Key Cryptography , 1982, CRYPTO.

[5]  Blakely A Computer Algorithm for Calculating the Product AB Modulo M , 1983, IEEE Transactions on Computers.

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Robert K. Brayton,et al.  Sequential circuit design using synthesis and optimization , 1992, Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors.

[8]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[9]  Colin D. Walter,et al.  Hardware Implementation of Montgomery's Modular Multiplication Algorithm , 1993, IEEE Trans. Computers.

[10]  Ching Yu Hung,et al.  Bit-level systolic arrays for modular multiplication , 1991, J. VLSI Signal Process..

[11]  Wolfgang Fichtner,et al.  A 177 Mb/s VLSI implementation of the International Data Encryption Algorithm , 1994 .

[12]  Xuejia Lai,et al.  A Proposal for a New Block Encryption Standard , 1991, EUROCRYPT.

[13]  F. J. Taylor,et al.  Residue Arithmetic A Tutorial with Examples , 1984, Computer.

[14]  C. D. Walter,et al.  Systolic Modular Multiplication , 1993, IEEE Trans. Computers.

[15]  S. Kung,et al.  VLSI Array processors , 1985, IEEE ASSP Magazine.

[16]  Naofumi Takagi,et al.  A Radix-4 Modular Multiplication Hardware Algorithm for Modular Exponentiation , 1992, IEEE Trans. Computers.