Abstract
We present a new serial-parallel concurrent modular-multiplication algorithm and architecture suitable for standard RSA encryption. In the new scheme, multiplication is performed modulo a multiple of the RSA modulus n, which has a diminished-radix form 2k-v, where k and v are positive integers and v < n. This design is the first concurrent modular multiplier to use a diminished-radix algorithm and to pipeline concurrent modular-reduction to optimize the clock rate. For a modular multiplier of order ranging from 1 to 10 (number of multiplier bits per clock cycle), a faster clock rate and throughput is possible than with other known designs including those of Brickell, Morita, Sedlak and Golze, and Miyaguchi. Throughput estimates for 512-bit RSA decryption range from 100 kbit/s in a serial mode to 650 kbit/s with a modular multiplier of order 10, at a clock rate of 20 MHz on 1.5 μm CMOS.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
E. F. Brickell, A fast modular multiplication algorithm with application to two key cryptography, Proc. CRYPTO '82, Santa Barbara, CA, Plenum, New York, 1983, pp. 51–60.
E. F. Brickell, A survey of hardware implementations of RSA, Advances in Cryptology, CRYPTO '89, Springer-Verlag, Berlin, 1989, pp. 368–370.
W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol. 22, no. 6 (1976), pp. 644–654.
S. R. Dussé and B. S. Kaliski, Jr., A cryptographic library for the Motorola DSP56000, Advances in Cryptology, CRYPTO '90, Springer-Verlag, Berlin, 1991, pp. 230–244.
T. ElGamel, A public key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory, vol. 31, no. 4 (1985), pp. 469–472.
P. Galley and E. Depret, A cryptography processor, 1988 IEEE International Solid State Circuits Conference Digest of Technical Papers, pp. 148–149, 1988.
F. Hoornaert, M. Decroos, J. Vandewalle, and R. Govaerts, Fast RSA-hardware Dream or reality?, Advances in Cryptology, EUROCRYPT '88, Davos, Switzerland, Springer-Verlag, Berlin, 1988, pp. 257–264.
K. Hwang, Computer Arithmetic, Wiley, New York, 1979.
S. Kawamura and K. Hirano, A fast modular arithmetic algorithm using a residue table, Advances in Cryptology, EUROCRYPT '88, Davos, Switzerland, Springer-Verlag, Berlin, 1988, pp. 245–250.
D. E. Knuth, The Art of Computer Programming, vol. 2, 2nd edn., Addison-Wesley, Reading, MA, 1981, pp. 268–275.
D. Laurichesse, Optimized implementation of RSA cryptosystem, Computers and Security (UK), vol. 10, no. 3 (1991), pp. 263–267.
D. J. Lehmann, On primality tests, SIAM Journal of Computing, vol. 11, no. 2 (1982), pp. 374–375.
A. K. Lenstra, H. W. Lenstra, Jr., M. S. Manasse, and J. M. Pollard, The number field seive, Proc. STOC '90, Baltimore, MD, ACM Press, Baltimore, MD, 1990, pp. 564–572.
R. Madhavan and L. E. Peppard, A multiprocessor GaAs RSA cryptosystem, Proc. CCVLSI '89, Vancouver, 1989, pp. 115–122.
G. Meister, On an implementation of the Mohan-Adiga algorithm, Advances in Cryptology, EUROCRYPT '90, Springer-Verlag, Berlin, 1990, pp. 496–500.
S. Miyaguchi, Fast encryption algorithm for the RSA cryptographic system, Proc COMPCON '82, 1982, pp. 672–678.
S. B. Mohan and B. S. Adiga, Fast algorithms for implementing RSA public key cryptosystem, Electronics Letters, vol. 21, no. 21 (1985), p. 761.
P. L. Montgomery, Modular multiplication without trial division, Mathematics of Computation, vol. 44, no. 170 (1985), pp. 519–521.
H. Morita, A fast modular multiplication algorithm based on a higher radix, Proc. CRYPTO '90, Santa Barbara, CA, Springer-Verlag, Berlin, 1991, pp. 387–399.
D. B. Newman, Jr., J. K. Omura, and R. L. Pickholtz, Public key management for network security, IEEE Network Magazine, vol. 1, no. 2 (1987), pp. 11–16.
M. J. Norris and G. J. Simmons, Algorithms for high-speed modular arithmetic, Congressus Numeratium, vol. 31 (1981), pp. 153–163.
G. A. Orton, M. P. Roy, P. A. Scott, L. E. Peppard, and S. E. Tavares, VLSI implementation of public key encryption algorithms, Proc. CRYPTO '86, Santa Barbara, CA, Springer-Verlag, Berlin, 1987, pp. 277–301.
H. Orup, E. Svendsen, and E. Andreasen, VICTOR, an efficient RSA hardware implementation, Advances in Cryptology, EUROCRYPT '90, Springer-Verlag, Berlin, 1991, pp. 245–252.
J. J. Quisquater and C. Couvreur, Fast decipherment algorithm for RSA public-key cryptosystem, Electronics Letters, vol. 18, no. 18 (1982), pp. 905–907.
M. O. Rabin, Digital signatures and public-key functions as intractable as factorization, MIT/LCS/TR-212, MIT Laboratory for Computer Science, January 1979.
R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol. 21, no. 2 (1978), pp. 120–126.
R. L. Rivest, A description of a single-chip implementation of the RSA cipher, Lambda, 4th quarter (1980), pp. 14–18.
R. L. Rivest, RSA chips (past/present/future), Proc. EUROCRYPT '84, Springer-Verlag, Berlin, 1985, pp. 159–165.
J. E. Roberston, A deterministic procedure for the design of carry-save adders and borrow-save subtractors, Report No. 235, Department of Computer Science, University of Illinois, Urbana, IL, July 1967.
F. A. Rohatsch, A study of transformations applicable to the development of limited carry-borrow propagation adders, Ph.D. thesis, University of Illinois, Urbana, IL, June 1967.
H. Sedlak and U. Golze, An RSA cryptography processor, Microprocessing and Microprogramming, vol. 18 (1986), pp. 583–590.
A. Vandemeulebroecke, E. Vanzieleghem, T. Denayer, and P. G. Jespers, A single chip 1024 bits RSA processor, Advances in Cryptology, EUROCRYPT '89, Houthalen, Belgium, Springer-Verlag, Berlin, 1990, pp. 219–236.
C. S. Wallace, A suggestion for a fast multiplier, IEEE Transactions on Electronic Computers, vol. 13 (1964), pp. 14–17.
M. Walter, VLSI architectures and circuits for RSA encryption, M.Sc. thesis, Queen's University, Kingston, Ontario, 1989.
A. Jung, Implementing the RSA cryptosystem, Computers and Security (UK), vol. 6 (1987), pp. 342–350.
Author information
Authors and Affiliations
Additional information
Communicated by Selim Aklv
Rights and permissions
About this article
Cite this article
Orton, G., Peppard, L. & Tavares, S. A design of a fast pipelined modular multiplier based on a diminished-radix algorithm. J. Cryptology 6, 183–208 (1993). https://doi.org/10.1007/BF00203816
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF00203816