Journal of Cryptographic Engineering

, Volume 7, Issue 3, pp 245–253 | Cite as

Efficient regular modular exponentiation using multiplicative half-size splitting

  • Christophe Negre
  • Thomas Plantard
Short Communication


In this paper, we consider efficient RSA modular exponentiations \(x^K \mod N\) which are regular and constant time. We first review the multiplicative splitting of an integer x modulo N into two half-size integers. We then take advantage of this splitting to modify the square-and-multiply exponentiation as a regular sequence of squarings always followed by a multiplication by a half-size integer. The proposed method requires around 16 % less word operations compared to Montgomery-ladder, square-always and square-and-multiply-always exponentiations. These theoretical results are validated by our implementation results which show an improvement by more than 12 % compared approaches which are both regular and constant time.


RSA Regular exponentiation Constant time exponentiation Multiplicative splitting 



This work was supported by PAVOIS ANR 12 BS02 002 02.


  1. 1.
    Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.): Advances in Cryptology–CRYPTO ’99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15–19, 1999, Proceedings, Lecture Notes in Computer Science, vol. 1666, pp. 388–397. Springer, Berlin (1999)Google Scholar
  3. 3.
    Mangard, S.: Exploiting Radiated Emissions - EM Attacks on Cryptographic ICs. In: Austrochip 2003, Linz, Austria, October 1st, pp. 13–16 (2003)Google Scholar
  4. 4.
    Amiel, F., Feix, B., Tunstall, M., Whelan, C., Marnane, W.: Distinguishing Multiplications from Squaring Operations. In: SAC 2008, ser. LNCS, vol. 5381, pp. 346–360. Springer (2009)Google Scholar
  5. 5.
    Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Square Always Exponentiation. In: Progress in Cryptology - INDOCRYPT, 2011 ser. LNCS, vol. 7107, pp. 40–57. Springer (2011)Google Scholar
  6. 6.
    Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.): Cryptographic Hardware and Embedded Systems. First InternationalWorkshop, CHES’99 Worcester, MA, USA, August 12–13, 1999, Proceedings, Lecture Notes in Computer Science, vol. 1717, pp. 292–302. Springer, Berlin (1999)Google Scholar
  7. 7.
    Joye, M., Yen, S.: The Montgomery Powering Ladder. In: CHES, 20002 ser. LNCS, vol. 2523, pp. 291–302. Springer (2002)Google Scholar
  8. 8.
    Montgomery, P.: Modular multiplication without trial division. Math. Comput. 44, 519–521 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Negre, C., Plantard, T., Robert, J.: Efficient Modular Exponentiation Based on Multiple Multiplications by a Common Operand. In: 22nd IEEE Symposium on Computer Arithmetic 2015, pp. 144–151 (2015)Google Scholar
  10. 10.
    Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefzbMATHGoogle Scholar
  11. 11.
    Yen, S.-M., Joye, M.: Checking before output may not be enough against fault-based cryptanalysis. IEEE Trans. Comput. 49(9), 967–970 (2000)CrossRefzbMATHGoogle Scholar
  12. 12.
    Yen, S.-M., Kim, S., Lim, S., Moon, S.-J.: A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack. In: ICISC, 2001 ser. LNCS, vol. 2288, pp. 414–427. Springer (2001)Google Scholar
  13. 13.
    Joye, M., Tunstall, M.: Exponent Recoding and Regular Exponentiation Algorithms. In: Progress in Cryptology - AFRICACRYPT, 2009 ser. LNCS, vol. 5580, pp. 334–349. Springer (2009)Google Scholar
  14. 14.
    Bryant, E., Rambhia, A., Atallah, M. and Rice, J.: Software Trusted Platform Module and Application Security Wrapper,” Jan 2011, US Patent 7,870,399. [Online].
  15. 15.
    Gallant, R., Lambert, R., Vanstone, S.: Faster Point Multiplication on Elliptic Curves with Efficient Endomorphisms. In: Advances in Cryptology-CRYPTO, 2001 ser. LNCS, vol. 2139, pp. 190–200 Springer (2001)Google Scholar
  16. 16.
    von zur Gathen, J.: Modern Computer Algebra, 3rd edn. Cambridge University Press, Cambridge (2013)CrossRefzbMATHGoogle Scholar
  17. 17.
    Bosselaers, A., Govaerts, R. and Vandewalle, J.: “Comparison of Three Modular Reduction Functions,” in Advances in Cryptology-CRYPTO’93, ser. LNCS, vol. 773. Springer, pp. 175–186 (1993)Google Scholar
  18. 18.
    Papi, M.: “Performance Application Programming Interface (PAPI).” [Online]. Available:

Copyright information

© Springer-Verlag Berlin Heidelberg 2016

Authors and Affiliations

  1. 1.DALIUniversite de PerpignanPerpignanFrance
  2. 2.LIRMMUniversité de Montpellier and National Center for Scientific Research (CNRS)MontpellierFrance
  3. 3.Centre for Computer and Information Security Research (CCISR)University of WollongongWollongongAustralia
  4. 4.School of Computer Science and Software Engineering (SCSSE)University of WollongongWollongongAustralia

Personalised recommendations