Journal of Cryptographic Engineering

, Volume 8, Issue 3, pp 211–226 | Cite as

Spectral arithmetic in Montgomery modular multiplication

  • Wangchen Dai
  • Ray C. C. Cheung
Special Issue on Montgomery Arithmetic


Modular multiplication is considered to be the most computation-intensive operation for cryptographic algorithms involving large operands, such as RSA and Diffie–Hellman. Their key sizes have been increased significantly in recent decades to provide sufficient cryptographic strength. Thus, large integer modular multiplication algorithm with high efficiency is in demand. Montgomery modular multiplication (MMM) integrated by the spectral arithmetic can be a suitable solution. This is because MMM eliminates the time-consuming trail division, while the spectral arithmetic can speed up the integer multiplications from quadratic time to linearithmic time. This survey paper introduces the development of spectral-based MMM, as well as its two important properties: high parallelism and low complexity. Besides, different algorithms are explored to demonstrate how each of them benefits the modular multiplication. Moreover, we also compare these algorithms in terms of digit-level complexity and provide general ideas about algorithm selection when implementing modular multiplication with 1024-bit operand size and above.


Montgomery modular multiplication Fast Fourier transform (FFT) Number-theoretic transform (NTT) Number-theoretic weighted transform (NWT) 



This work was supported by the Research Grant Council of the Hong Kong Special Administrative Region, China (Projects No. CityU 111913, CityU 123612) and Croucher Startup Allowance, 9500015.


  1. 1.
    Chen, D.D., Yao, G.X., Cheung, R.C.C., Pao, D., Koç, Ç.K.: Parameter space for the architecture of FFT-based Montgomery modular multiplication. IEEE Trans. Comput. 65(1), 147–160 (2016)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Pöppelmann, T., Güneysu, T.: Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware. In: International Conference on Cryptology and Information Security in Latin America. Springer, pp. 139–158 (2012)Google Scholar
  3. 3.
    Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp. 1–23 (2010)Google Scholar
  4. 4.
    Güneysu, T., Lyubashevsky, V., Pöppelmann, T.: Practical lattice-based cryptography: a signature scheme for embedded systems. In: International Workshop on Cryptographic Hardware and Embedded Systems. Springer, pp. 530–547 (2012)Google Scholar
  5. 5.
    Cao, X., Moore, C., ONeill, M., Hanley, N., OSullivan, E.: High-speed fully homomorphic encryption over the integers. In: International Conference on Financial Cryptography and Data Security. Springer, pp. 169–180 (2014)Google Scholar
  6. 6.
    Van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp. 24–43 (2010)Google Scholar
  7. 7.
    Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Barrett, P.: Implementing the Rivest Shamir and Adleman public key encryption algorithm on a standard digital signal processor. In: Conference on the Theory and Application of Cryptographic Techniques. Springer, pp. 311–323 (1986)Google Scholar
  9. 9.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Rivest, R.L.: A description of a single-chip implementation of the RSA Cipher. Lambda, vol. 1, no. Fourth Quarter, pp. 14–18 (1980)Google Scholar
  11. 11.
    Barker, E., Barker, W., Burr, W., Polk, W., Smid, M., Gallagher, P.D., et al.: NIST special publication 800-57 recommendation for key management—part 1: general (2012)Google Scholar
  12. 12.
    Knuth, D.E.: Fundamental algorithms: the art of computer programming (1973)Google Scholar
  13. 13.
    Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. In: Soviet Physics Doklady, vol. 7, p. 595 (1963)Google Scholar
  14. 14.
    Cook, S.A., Aanderaa, S.O.: On the minimum computation time of functions. Transactions of the American Mathematical Society, pp. 291–314 (1969)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Schönhage, A., Strassen, V.: Schnelle multiplikation großer zahlen. Computing 7(3–4), 281–292 (1971)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Fürer, M.: Faster integer multiplication. SIAM J. Comput. 39(3), 979–1005 (2009)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Harvey, D., Van Der Hoeven, J., Lecerf, G.: Even faster integer multiplication. J. Complex. 36(10), 1–30 (2016)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Covanov, S., Thomé, E.: Fast arithmetic for faster integer multiplication (2015). ArXiv preprint arXiv:1502.02800
  19. 19.
    Walter, C.D.: Montgomery exponentiation needs no final subtractions. Electron. Lett. 35(21), 1831–1832 (1999)CrossRefGoogle Scholar
  20. 20.
    McLaughlin Jr., P.: New frameworks for Montgomery modular multiplication method. Math. Comput. 73(246), 899–906 (2004)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Phatak, D.S., Goff, T.: Fast modular reduction for large wordlengths via one linear and one cyclic convolution. In: Computer Arithmetic, 2005. ARITH-17 2005. 17th IEEE Symposium on. IEEE, pp. 179–186 (2005)Google Scholar
  22. 22.
    Saldamlı, G., Koç, Ç.K.: Spectral modular exponentiation. In: Computer Arithmetic, 2007. ARITH’07. 18th IEEE Symposium on. IEEE, pp. 123–132 (2007)Google Scholar
  23. 23.
    David, J.P., Kalach, K., Tittley, N.: Hardware complexity of modular multiplication and exponentiation. IEEE Trans. Comput. 56(10), 1308–1319 (2007)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Dai, W., Chen, D., Cheung, R.C.C., Koç, Ç.K.: Area-time efficient architecture of FFT-based Montgomery multiplication. IEEE Trans. Comput. 66(3), 375–388 (2017)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Nussbaumer, H.J.: Fast Fourier transform and convolution algorithms. Springer, Berlin (1982)CrossRefGoogle Scholar
  26. 26.
    Pollard, J.M.: The fast Fourier transform in a finite field. Math. Comput. 25(114), 365–374 (1971)MathSciNetCrossRefGoogle Scholar
  27. 27.
    Cooley, J.W., Tukey, J.W.: An algorithm for the machine calculation of complex Fourier series. Math. Comput. 19(90), 297–301 (1965)MathSciNetCrossRefGoogle Scholar
  28. 28.
    Crandall, R., Fagin, B.: Discrete weighted transforms and large-integer arithmetic. Math. Comput. 62(205), 305–324 (1994)MathSciNetCrossRefGoogle Scholar
  29. 29.
    Bernstein, D.J.: Multidigit multiplication for mathematicians. Adv. Appl. Math. 1–19 (2001)Google Scholar
  30. 30.
    Granlund, T.: The GMP development team: the GNU multiple precision arithmetic library 6.1.0 edn. (2015)Google Scholar
  31. 31.
    Saldamlı, G.: Spectral Modular Arithmetic. PhD Thesis (2005)Google Scholar
  32. 32.
    Koç, Ç.K., Acar, T., Kaliski, B.S.: Analyzing and comparing Montgomery multiplication algorithms. IEEE Micro 16(3), 26–33 (1996)CrossRefGoogle Scholar
  33. 33.
    Smart, N., Babbage, S., Catalano, D., Cid, C., Weger, B.D., Dunkelman, O., Ward, M.: ECRYPT II yearly report on algorithms and keysizes (2011–2012). European Network of Excellence in Cryptology (ECRYPT II), Sept (2012)Google Scholar
  34. 34.
    Zimmermann, R.: Efficient VLSI implementation of modulo (\(2^n\pm 1\)) addition and multiplication. In: Computer Arithmetic, 1999. Proceedings. 14th IEEE Symposium on. IEEE, pp. 158–167 (1999)Google Scholar
  35. 35.
    Huang, M., Gaj, K., El-Ghazawi, T.: New hardware architectures for Montgomery modular multiplication algorithm. IEEE Trans. Comput. 60(7), 923–936 (2011)MathSciNetCrossRefGoogle Scholar
  36. 36.
    Giorgi, P., Imbert, L., Izard, T.: Parallel modular multiplication on multi-core processors. In: Computer Arithmetic (ARITH), 2013 21st IEEE Symposium on. IEEE, pp. 135–142 (2013)Google Scholar
  37. 37.
    Vetterli, M., Nussbaumer, H.J., et al.: Simple FFT and DCT algorithms with reduced number of operations. Signal Process. 6(4), 267–278 (1984)MathSciNetCrossRefGoogle Scholar
  38. 38.
    Martens, J.B.: Recursive cyclotomic factorization new algorithm for calculating the discrete fourier transform. IEEE Trans. Acoust Speech Signal Process. 32(4), 750–761 (1984)MathSciNetCrossRefGoogle Scholar
  39. 39.
    Duhamel, P., Hollmann, H.: Split-radix FFT algorithm. Electron. Lett. 20(1), 14–16 (1984)CrossRefGoogle Scholar
  40. 40.
    Solinas, J.A.: Generalized Mersenne Numbers. Citeseer, Bielefeld (1999)Google Scholar
  41. 41.
    Emmart, N., Weems, C.C.: High precision integer multiplication with a gpu using strassen’s algorithm with multiple FFT sizes. Parallel Process. Lett. 21(03), 359–375 (2011)MathSciNetCrossRefGoogle Scholar
  42. 42.
    Wang, W., Huang, X.: A novel fast modular multiplier architecture for 8192-bit RSA cryposystem. In: High Performance Extreme Computing Conference (HPEC), 2013 IEEE. IEEE, pp. 1–5 (2013)Google Scholar
  43. 43.
    Kumar, V., Selvakumar, D., Sobha, P.: Area and frequency optimized 1024 point radix-2 FFT processor on FPGA. In: VLSI Systems, Architecture, Technology and Applications (VLSI-SATA), 2015 International Conference on. IEEE, pp. 1–6 (2015)Google Scholar
  44. 44.
    Doröz, Y., Öztürk, E., Sunar, B.: Accelerating fully homomorphic encryption in hardware. IEEE Trans. Comput. 64(6), 1509–1521 (2015)MathSciNetzbMATHGoogle Scholar
  45. 45.
    Pöppelmann, T., Naehrig, M., Putnam, A., Macias, A.: Accelerating homomorphic evaluation on reconfigurable hardware. In: International Workshop on Cryptographic Hardware and Embedded Systems. Springer, pp. 143–163 (2015)Google Scholar
  46. 46.
    Cao, X., Moore, C., Neill, M.O., Sullivan, E.O., Hanley, N.: Optimised multiplication architectures for accelerating fully homomorphic encryptionGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  1. 1.Department of Electronic EngineeringCity University of Hong KongKowloon TongHong Kong

Personalised recommendations