International Workshop on Cryptographic Hardware and Embedded Systems

CHES 2015: Cryptographic Hardware and Embedded Systems -- CHES 2015 pp 123-140 | Cite as

Single Base Modular Multiplication for Efficient Hardware RNS Implementations of ECC

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9293)

Abstract

The paper describes a new RNS modular multiplication algorithm for efficient implementations of ECC over \(\mathbb {F}_P\). Thanks to the proposition of RNS-friendly Mersenne-like primes, the proposed RNS algorithm requires 2 times less moduli than the state-of-art ones, leading to 4 times less precomputations and about 2 times less operations. FPGA implementations of our algorithm are presented, with area reduced up to 46 %, for a time overhead less than 10 %.

Keywords

Residue number system Modular multiplication algorithm Base extension ECC Hardware implementation FPGA 

Notes

Acknowledgment

We thank the anonymous reviewers for their valuable comments. This work has been supported in part by the PAVOIS project (ANR 12 BS02 002 01).

References

  1. 1.
    Bajard, J.-C., Didier, L.-S., Kornerup, P.: An RNS montgomery modular multiplication algorithm. IEEE Trans. Comput. 47(7), 766–776 (1998)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Bajard, J.-C., Didier, L.-S., Kornerup, P.: Modular multiplication and base extensions in residue number systems. In: Proceedings 15th Symposium on Computer Arithmetic (ARITH), pp. 59–65, IEEE, April 2001Google Scholar
  3. 3.
    Bajard, J.-C., Duquesne, S., Ercegovac, M.D.: Combining leak-resistant arithmetic for elliptic curves defined over Fp and RNS representation. Technical report 311, IACR Cryptology ePrint Archive, May 2010Google Scholar
  4. 4.
    Bajard, J.-C., Eynard, J., Gandino, F.: Fault detection in RNS montgomery modular multiplication. In: Proceedings 21th Symposium on Computer Arithmetic (ARITH), pp. 119–126, IEEE, April 2013Google Scholar
  5. 5.
    Bajard, J.-C., Eynard, J., Merkiche, N., Plantard, T.: Babaï round-off CVP method in RNS: application to lattice based cryptographic protocols. In: Proceedings 14th International Symposium on Integrated Circuits (ISIC), pp. 440–443, IEEE, December 2014Google Scholar
  6. 6.
    Bajard, J.-C., Imbert, L., Liardet, P.-Y., Teglia, Y.: Leak resistant arithmetic. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 62–75. Springer, Heidelberg (2004) CrossRefGoogle Scholar
  7. 7.
    Bajard, J.-C., Kaihara, M., Plantard, T.: Selected RNS bases for modular multiplication. In: Proceedings 19th Symposium on Computer Arithmetic (ARITH), pp. 25–32, IEEE, June 2009Google Scholar
  8. 8.
    Bajard, J.-C., Merkiche, N.: Double level montgomery cox-rower architecture, new bounds. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 139–153. Springer, Heidelberg (2015) Google Scholar
  9. 9.
    Bigou, K., Tisserand, A.: RNS modular multiplication through reduced base extensions. In: Proceedings 25th IEEE International Conference on Application-specific Systems, Architectures and Processors (ASAP), pp. 57–62, IEEE, June 2014Google Scholar
  10. 10.
    Cheung, R.C.C., Duquesne, S., Fan, J., Guillermin, N., Verbauwhede, I., Yao, G.X.: FPGA implementation of pairings using residue number system and lazy reduction. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 421–441. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  11. 11.
    Esmaeildoust, M., Schinianakis, D., Javashi, H., Stouraitis, T., Navi, K.: Efficient RNS implementation of elliptic curve point multiplication over GF(\(p\)). IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 21(8), 1545–1549 (2013)MATHCrossRefGoogle Scholar
  12. 12.
    Gandino, F., Lamberti, F., Paravati, G., Bajard, J.-C., Montuschi, P.: An algorithmic and architectural study on Montgomery exponentiation in RNS. IEEE Trans. Comput. 61(8), 1071–1083 (2012)MATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    Garner, H.L.: The residue number system. IRE Trans. Electron. Comput. EC–8(2), 140–147 (1959)CrossRefGoogle Scholar
  14. 14.
    Guillermin, N.: A high speed coprocessor for elliptic curve scalar multiplications over \(\mathbb{F}_p\). In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 48–64. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  15. 15.
    Guillermin, N.: A coprocessor for secure and high speed modular arithmetic. Technical report 354, Cryptology ePrint Archive (2011)Google Scholar
  16. 16.
    Joye, M., Yen, S.-M.: The Montgomery powering ladder. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2002)Google Scholar
  17. 17.
    Karatsuba, A., Ofman, Y.: Multiplication of multi-digit numbers on automata. Doklady Akad. Nauk SSSR, 145(2), 293–294 (1962). Translation in Soviet. Physics-Doklady 44(7), 595–596 (1963)Google Scholar
  18. 18.
    Kawamura, S., Koike, M., Sano, F., Shimbo, A.: Cox-Rower architecture for fast parallel Montgomery multiplication. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 523–538. Springer, Heidelberg (2000) CrossRefGoogle Scholar
  19. 19.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, New York (2007)Google Scholar
  20. 20.
    Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519–521 (1985)CrossRefGoogle Scholar
  21. 21.
    Nozaki, H., Motoyama, M., Shimbo, A., Kawamura, S.: Implementation of RSA algorithm based on RNS Montgomery multiplication. In: Koç, K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 364–376. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  22. 22.
    National Institute of Standards and Technology (NIST). FIPS 186–2, digital signature standard (DSS) (2000)Google Scholar
  23. 23.
    Perin, G., Imbert, L., Torres, L., Maurine, P.: Electromagnetic analysis on RSA algorithm based on RNS. In: Proceedings 16th Euromicro Conference on Digital System Design (DSD), pp. 345–352, IEEE, Sept 2013Google Scholar
  24. 24.
    Phillips, B.J., Kong, Y., Lim, Z.: Highly parallel modular multiplication in the residue number system using sum of residues reduction. Appl. Algebra Eng. Commun. Comput. 21(3), 249–255 (2010)MathSciNetCrossRefGoogle Scholar
  25. 25.
    Posch, K.C., Posch, R.: Base extension using a convolution sum in residue number systems. Computing 50(2), 93–104 (1993)MathSciNetCrossRefGoogle Scholar
  26. 26.
    Posch, K.C., Posch, R.: Modulo reduction in residue number systems. IEEE Trans. Parallel Distrib. Syst. 6(5), 449–454 (1995)MathSciNetCrossRefGoogle Scholar
  27. 27.
    Schinianakis, D., Stouraitis, T.: An RNS Barrett modular multiplication architecture. In: Proceedings IEEE International Symposium on Circuits and Systems (ISCAS), pp. 2229–2232, June 2014Google Scholar
  28. 28.
    Shenoy, A.P., Kumaresan, R.: Fast base extension using a redundant modulus in RNS. IEEE Trans. Comput. 38(2), 292–297 (1989)CrossRefGoogle Scholar
  29. 29.
    Svoboda, A., Valach, M.: Operátorové obvody (operator circuits in czech). Stroje na Zpracování Informací (Information Processing Machines) 3, 247–296 (1955)MathSciNetGoogle Scholar
  30. 30.
    Szabo, N.S., Tanaka, R.I.: Residue Arithmetic and its Applications to Computer Technology. McGraw-Hill, New York (1967)Google Scholar
  31. 31.
    Szerwinski, R., Güneysu, T.: Exploiting the power of GPUs for asymmetric cryptography. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 79–99. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  32. 32.
    Yao, G.X., Fan, J., Cheung, R.C.C., Verbauwhede, I.: Faster pairing coprocessor architecture. In: Abdalla, M., Lange, T. (eds.) Pairing 2012. LNCS, vol. 7708, pp. 160–176. Springer, Heidelberg (2013) CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2015

Authors and Affiliations

  1. 1.CNRSIRISA, INRIA Centre Rennes - Bretagne Atlantique and University Rennes 1Lannion CedexFrance

Personalised recommendations