Abstract
The performance of public-key cryptosystems like the RSA encryption scheme or the Diffie-Hellman key agreement scheme is primarily determined by an efficient implementation of the modular arithmetic. This paper presents the basic concepts and design considerations of the RSAγ crypto chip, a high-speed hardware accelerator for long integer modular exponentiation. The major design goal with the RSA was the maximization of performance on several levels, including the implemented hardware algorithms, the multiplier architecture, and the VLSI circuit technique. RSA uses a hardware-optimized variant of Barret’s modular reduction method to avoid the division in the modular multiplication. From an architectural viewpoint, a high degree of parallelism in the multiplier core is the most significant characteristic of the RSA crypto chip. The actual prototype contains a 1056*16 bit partial parallel multiplier which executes a 1024-bit modular multiplication in 227 clock cycles. Due to massive pipelining in the long integer unit, the RSA crypto chip reaches a decryption rate of 560 kbit/s for a 1024-bit exponent. The decryption rate increases to 2 Mbit/s if the Chinese Remainder Theorem is exploited.
The work described in this paper was funded by the Austrian Science Foundation (FWF) under grant number P12596F “Hochgeschwindigkeits-Langzahlen- Multiplizierer-Chip”
Chapter PDF
Similar content being viewed by others
Keywords
References
P. Barrett. Implementing the Rivest, Shamir and Adleman publickey encryption algorithm on a standard digital signal processor. In A. M. Odlyzko, Advances in Cryptology CRYPTO’ 86 Proceedings, vol. 263 of Lecture Notes in Computer Science, pp 311–323, Springer-Verlag, 19
R. P. Brent and H. T. Kung. A regular layout for parallel adders. IEEE Transactions on Computers, C-31(3), pp. 260–264, 1982.
T. Blum and C. Paar. Montgomery Modular Exponentiation on Reconfigurable Hardware. Proceedings of the 14th IEEE Symposium on Computer Arithmetic, pp. 70–77, 1999.
W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6) pp. 644–654, November 1976.
J. F. Dhem. Design of an efficient public-key cryptographic library for RISC-based smart cards. Thesis (Ph.D.), Université catholique de Louvain, Louvain-la-Neuve, Belgium, 1998.
D. E. Knuth. Seminumerical Algorithms, volume 2 of The Art of Computer Programming. Addison-Wesley, Reading, MA, USA, 1969.
O. L. MacSorley. High-Speed Arithmetic in Binary Computers. Proceedings of the Institute of Radio Engineers, 49:67–91, 1961.
P. Montgomery. Modular multiplication without trial division. Mathematics of Computation, 44(170) pp. 519–521, 1985.
W. Mayerwieser, K. C. Posch, R. Posch, and V. Schindler. Testing a High-Speed Data Path: The Design of the RSAß Crypto Chip. J.UCS: Journal of Universal Computer Science, 1(11) pp. 728–744, November 1995.
D. Naccache and D. M’Raíhi. Arithmetic co-processors for public-key cryptography: The State of the Art. IEEE Micro, pp. 14–24, June 1996.
National Institute of Standards and Technology (NIST). FIPS Publica-tion 186: Digital Signature Standard. National Institute for Standards and Technology, Gaithersburg, MD, USA, May 1994.
K. C. Posch and R. Posch. Approaching encryption at ISDN speed using partial parallel modulus multiplication. IIG report 276, Institutes for Information Processing Graz, Graz, Austria, November 1989.
J.-J. Quisquater and C. Couvreur. Fast decipherment algorithm for the RSA public-key cryptosystem. IEE Electronics Letters, 18(21), pp. 905–907, October 1982.
J. M. Rabaey. Digital Integrated Circuits-A Design Perspective. Prentice Hall Electronics and VLSI Series, Prentice Hall, Upper Saddle River, NJ, USA, 1996.
R. L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of the Association for Computing Machinery, 21(2) pp. 120–126, February 1978.
V. Schindler. A low-power true single phase clocked (TSPC) full-adder. Proceedings of the 22nd ESSCIRC, Neuchâtel, Switzerland, pp. 72–75, 1996.
M. Shand and J. Vuillemin. Fast Implementation of RSA Cryptography. Proceedings of 11th Symposion on Computer Arithmetic, 1993.
C. S. Wallace. A suggestion for a fast multiplier. IEEE Transactions on Electronic Computation, EC-13(1), pp. 14–17, 1964.
J. Yuan and C. Svensson. High-speed CMOS circuit technique. IEEE Journal of Solid-State Circuits, 24(1), pp. 62–70, 1989.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Großschädl, J. (2000). High-Speed RSA Hardware Based on Barret’s Modular Reduction Method. In: Koç, Ç.K., Paar, C. (eds) Cryptographic Hardware and Embedded Systems — CHES 2000. CHES 2000. Lecture Notes in Computer Science, vol 1965. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44499-8_14
Download citation
DOI: https://doi.org/10.1007/3-540-44499-8_14
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41455-1
Online ISBN: 978-3-540-44499-2
eBook Packages: Springer Book Archive