Abstract
Montgomery's algorithm [8], hereafter denotedM n(...,...), is a process for computingM n (A, B)=ABN modn whereN is a constant factor depending only onn.
Usually,A B modn is obtained byM n (M n (A, B),N −2 modn) but in this article, we introduce an alternative approach consisting in pre-integratingN into cryptographic keys so that a singleM n(...,...) will replace directly each modular multiplication.
Except the advantage of halving the number of Montgomery multiplications, our strategy skips the precalculation (and the storage) of the constantN −2 modn and turns to be particularly efficient when a hardware device implementingM n(...,...) is the basic computational tool at one's command.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Arazi, B. 1992. Modular multiplication is equivalent in complexity to a standard multiplication. Fortress U & T Internal Report (1992) available from Fortress U & T Information Safeguards, P.O. Box 1350, Beer-Sheva, IL-84110, Israel.
Benaloh, J., and de Mare, M. One-way accumulators: A decentralised alternative to digital signatures.Advances in cryptology: Proceedings of Eurocrypt'93, Lecture Notes in Computer Science. Springer-Verlag, to appear.
Diffie, W., and Hellman, M. 1976. New directions in cryptography.IEEE TIT 22:644–654.
Dusse, S., and Kaliski, B. 1990. A cryptographic library for the Motorola DSP56000. InAdvances in Crytology—Eurocrypt'90, pp. 230–244. Springer-Verlag, New York.
El-Gamal, T., 1985. A public-key cryptosystem and a signature scheme based on the discrete logarithm.IEEE TIT 31(4):469–472.
Even, S. 1991. Systolic modular multiplication. InAdvances in Cryptology, Crypto'90, pp. 619–624. Springer-Verlag, New York.
Fiat, A., and Shamir, A. 1987. How to prove yourself: Pratical solutions of identification and signature problems. InAdvances in Cryptology: Proceedings of Crypto'86, Lecture Notes In Computer Science 263:186–194. Springer-Verlag, Berlin.
Montgomery, P. 1985. Modular multiplication without trial division.Mathematics of Computation 44(170):519–521.
Naccache, D. 1993. Can OSS be repaired?Advances in cryptology. Proceedings of Eurocrypt'93, Lecture Notes in Computer Science. Springer-Verlag, to appear.
National Institute of Standards and Technology, Publication XX: announcement and specifications for a digital signature standard (DSS), Federal Register, August 19, 1992.
Quisquater, J. J., and Guillou, L. 1988. A practical zero-knowledge protocol fitted to security microprocessor minimising both transmission and memory. InAdvances in Cryptology: Proceedings of Eurocrypt'88, Lecture Notes in Computer Science edited by C. Günter, 330:123–128. Springer-Verlag, Berlin.
Rivest, R., Shamir, A., and Adlemann, L. 1978. A method for obtaining digital signatures and public-key cryptosystems.CACM 21:120–126.
Schnorr, C. 1990. Efficient identification and signatures for smart-cards. InAdvances in cryptology: Proceedings of Eurocrypt'89, Lecture Notes in Computer Science, edited by G. Brassard, 435:239–252. Springer-Verlag. Berlin.
Shand, M., and Vuillemin, J. 1993. Fast implementations of RSA cryptography.11th IEEE Symposium on Computer Arithmetic, to appear.
Author information
Authors and Affiliations
Additional information
Communicated by: S. Vanstone
Rights and permissions
About this article
Cite this article
Naccache, D., M'raïhi, D. & Raphaeli, D. Can Montgomery parasites be avoided? A design methodology based on key and cryptosystem modifications. Des Codes Crypt 5, 73–80 (1995). https://doi.org/10.1007/BF01388505
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF01388505