This preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full DocumentThis preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: An Optimized Hardware Architecture for the Montgomery Multiplication Algorithm Miaoqing Huang 1 , Kris Gaj 2 , Soonhak Kwon 3 , Tarek ElGhazawi 1 1 The George Washington University, Washington, D.C., U.S.A. 2 George Mason University, Fairfax, VA, U.S.A. 3 Sungkyunkwan University, Suwon, Korea Outline • Motivation • Classical Hardware Architecture for Montgomery Multiplication by Tenca and Koc from CHES 1999 • Our Optimized Hardware Architecture • Conceptual Comparison • Implementation Results • Possible Extensions • Conclusions Motivation • Fast modular multiplication required in multiple cryptographic transformations • RSA, DSA, DiffieHellman • Elliptic Curve Cryptosystems • ECM, p1, Pollard’s rho methods of factoring, etc. • Montgomery Multiplication invented by Peter L. Montgomery in 1985 is most frequently used to implement repetitive sequence of modular multiplications in both software and hardware • Montgomery Multiplication in hardware replaces division by a sequence of simple logic operations, conditional additions and right shifts Montgomery Modular Multiplication (1) Z = X ⋅ Y mod M X Integer domain Montgomery domain X’ = X ⋅ 2 n mod M Y Y’ = Y ⋅ 2 n mod M Z’ = MP(X’, Y’, M) = = X’ ⋅ Y’ ⋅ 2n mod M = = (X ⋅ 2 n ) ⋅ (Y ⋅ 2 n ) ⋅ 2n mod M = = X ⋅ Y ⋅ 2 n mod M Z’ = Z ⋅ 2 n mod M Z = X ⋅ Y mod M X, Y, M – nbit numbers Montgomery Modular Multiplication (2) X’ = MP(X, 2 2n mod M, M) = = X ⋅ 2 2n ⋅ 2n mod M = X ⋅ 2 n mod M Z = MP(Z’, 1, M) = = (Z ⋅ 2 n ) ⋅ 1 ⋅ 2n mod M = Z mod M = Z X X’ Z Z’ Montgomery Product S[0] = 0 S[i+1] = Z = S[n] S[i]+x i ⋅ Y 2 S[i]+x i ⋅ Y + M 2 if q i = S[i] + x i ⋅ Y mod 2= 0 if q i = S[i] + x i ⋅ Y mod 2= 1 for i=0 to n1 M assumed to be odd Basic version of the Radix2 Montgomery Multiplication Algorithm Classical Design by Tenca & Koc CHES 1999 Multiple Word Radix2 Montgomery Multiplication algorithm (MWR2MM) Main ideas: Use of short precision words (wbit each):...
View
Full
Document
 Spring '08
 Gaj
 Montgomery Multiplication, Montgomery reduction, montgomery multiplication algorithm, Tenca & Koc

Click to edit the document details