The optimal split method of large integer multiplication for smart low-end devices on P2P ubiquitous networks

Abstract

This paper proposes an optimal method for large integer multiplication when implementing modern cryptographic applications on Peer-to-Peer ubiquitous networks. P2P ubiquitous networks are usually composed of smart low-end devices, which operate on the limited battery power. To maximize the lifetime of P2P networks, the power consumption rate of each node must be quite careful, and an efficient and energy-saving large integer multiplication makes the cryptographic protocols possible to be executed on such nodes. The proposed method first recursively bisections multiplier and multiplicand in threshold times. Subsequently, classical multiplication calculates the products of the split multiplier and multiplicand blocks. Finally, the products of the blocks are gradually integrated to obtain the product of the large integers. This study demonstrates that the n-times recursive-balanced-2-way split method, where n is the floor of log₂(0.13515 × s), obtains the optimal performance in multiplying two s-words based on classical multiplication. The experiment results show that modular exponentiation combined with other modular multiplication methods uses 1.28×–2.10× the computational cost required in the proposed method. The energy consumption of software is closely related to the execution time. The proposed scheme is an energy-saving method to maximize the lifetime of P2P ubiquitous networks when implementing security protocols in smart low-end devices on P2P networks. It is suitable for realizing robust security protocol on smart low-end devices, in which the framework is based on modular exponentiation and modular multiplication. Smart low-end devices based on the proposed method perform security protocols in satisfying the security recommendations of NIST.

Appendices

Appendix 1. Proof of Theorem 1

From Fig. 1, balanced-t-way split can be shown as following:

$$ \begin{array}{*{20}c} {P=A\times B} \\ {=\left( {\sum\limits_{i=0}^{t-1 } {{A_i}{w^{{i\times \frac{s}{t}}}}} } \right)\times \left( {\sum\limits_{j=0}^{t-1 } {{B_j}{w^{{j\times \frac{s}{t}}}}} } \right)} \\ {={A_{t-1 }}{B_{t-1 }}{w^{{\left( {2t-2} \right)\left( {s/t} \right)}}}+\left( {{A_{t-1 }}{B_{t-2 }}+{A_{t-2 }}{B_{t-1 }}} \right){w^{{\left( {2t-3} \right)\left( {s/t} \right)}}}+\cdots +\left( {{A_{t-1 }}{B_1}+{A_{t-2 }}{B_2}+\cdots +{A_1}{B_{t-1 }}} \right.{w^{{(t)\left( {s/t} \right)}}}+\left( {{A_{t-1 }}{B_0}+{A_{t-2 }}{B_1}+\cdots +{A_0}{B_{t-1 }}} \right){w^{{\left( {t-1} \right)\left( {s/t} \right)}}}+\left( {{A_{t-2 }}{B_0}+{A_{t-3 }}{B_1}+\cdots +{A_0}{B_{t-2 }}} \right){w^{{\left( {t-2} \right)\left( {s/t} \right)}}}+\cdots +{A_0}{B_0}{w^0}} \\ \end{array} $$

(4)

According to Eq. (1), every cross term in Eq. (4) can be shown as below:

$$ \begin{array}{*{20}c} {{a_i}{b_j}+{a_j}{b_i},\;\,\mathrm{where}\ i\ne j} \hfill \\ {=\left( {{a_i}+{a_j}} \right)\left( {{b_i}+{b_j}} \right)-{a_i}{b_i}-{a_j}{b_j}} \hfill \\ \end{array} $$

Therefore, the number of base instruction is estimated according to Tables 1 and 2.

1. (a)

   the number of base instructions for the classical multiplication:

   • the number of classical multiplications

     $$ \begin{array}{*{20}c} {=t\times Mul{t_{CM }}\left( {s/t} \right)+C_2^t\times Mul{t_{CM }}\left( {s/t} \right)} \\ {=\frac{{{t^2}+t}}{2}\times Mul{t_{CM }}\left( {s/t} \right)} \\ \end{array} $$

   • ⇒the number of base instructions

     $$ \begin{array}{*{20}c} {=\frac{{{t^2}+t}}{2}\times Mul{t_{CM }}\left( {s/t} \right)\left| {_{{Mul{t_{CM }}(s)=8{s^2}+2s}}} \right.} \\ {=\frac{{{t^2}+t}}{2}\left( {8\frac{{{s^2}}}{{{t^2}}}+2\frac{s}{t}} \right)} \\ {=\frac{4t+4 }{t}{s^2}+\left( {t+1} \right)s} \\ \end{array} $$
2. (b)

   the number of base instructions for the large integer additions/subtractions:

   • the number of additions/subtractions

     $$ =\frac{{t\left( {t-1} \right)}}{2}\times AddSub\left( {2\times \frac{s}{t}} \right)+2\times C_2^t\times AddSub\left( {2\times \frac{s}{t}} \right)+2\times C_2^t\times AddSub\left( {\frac{s}{t}} \right) $$

   • ⇒ the number of base instructions

     $$ \begin{array}{*{20}c} {=\frac{{t\left( {t-1} \right)}}{2}\times AddSub\left( {2\times \frac{s}{t}} \right)+2\times C_2^t\times AddSub\left( {2\times \frac{s}{t}} \right)+2\times C_2^t\times AddSub\left( {\frac{s}{t}} \right)\left| {_{AddSub(s)=5s }} \right.} \\ {=3\frac{{{t^2}-t}}{2}\left( {2\times 4\times \frac{s}{t}} \right)+2\frac{{{t^2}-t}}{2}\left( {5\times \frac{s}{t}} \right)} \\ {=20\left( {t-1} \right)s} \\ \end{array} $$

By (a) and (b), the number of base instructions for balanced-t-way split is \( \frac{4t+4 }{t}{s^2}+\left( {t+1} \right)s+20\left( {t-1} \right)s=\frac{4t+4 }{t}{s^2}+\left( {21t-19} \right)s \)

Appendix 2. Proof of Theorem 2

From Fig. 2, this work estimates the number of base instructions for unbalanced-t-way split. For convenience, we define every block length as following:

$$ {s_1}=\left( {s/t} \right)-{d_1},{s_2}=\left( {s/t} \right)-{d_2},\ldots,{s_{t-1 }}=\left( {s/t} \right)-{d_{t-1 }},{s_t}=\left( {s/t} \right)+{d_1}+{d_2}+\ldots +{d_{t-1 }}. $$

1. (a)

   the number of base instructions for the classical multiplication:

   • the number of classical multiplications

     $$ \begin{array}{*{20}c} {\left[ {Mul{t_{CM }}\left( {{s_1}} \right)+Mul{t_{CM }}\left( {{s_2}} \right)+\cdots +Mul{t_{CM }}\left( {{s_t}} \right)} \right]+\left[ {Mul{t_{CM }}\left( {{s_2}} \right)+\cdots +Mul{t_{CM }}\left( {{s_t}} \right)} \right]+\left[ {Mul{t_{CM }}\left( {{s_3}} \right)+\cdots +Mul{t_{CM }}\left( {{s_t}} \right)} \right]+\cdots +\left[ {Mul{t_{CM }}\left( {{s_{t-1 }}} \right)+Mul{t_{CM }}\left( {{s_t}} \right)} \right]+\left[ {Mul{t_{CM }}\left( {{s_t}} \right)} \right]} \hfill \\ {=Mul{t_{CM }}\left( {{s_1}} \right)+2\times Mul{t_{CM }}\left( {{s_2}} \right)+\cdots +\left( {t-1} \right)\times Mul{t_{CM }}\left( {{s_{t-1 }}} \right)+t\times Mul{t_{CM }}\left( {{s_t}} \right)} \hfill \\ \end{array} $$

   • ⇒the number of base instructions

     $$ \begin{array}{*{20}c} {=Mul{t_{CM }}\left( {{s_1}} \right)+2\times Mul{t_{CM }}\left( {{s_2}} \right)+\cdots +\left( {t-1} \right)\times Mul{t_{CM }}\left( {{s_{t-1 }}} \right)+t\times Mul{t_{CM }}\left( {{s_t}} \right)\left| {_{{Mul{t_{CM }}(s)=8{s^2}+2s}}} \right.} \\ {=\frac{4t+4 }{t}{s^2}+\left\{ {\left( {t+1} \right)+\frac{16 }{t}\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]} \right\}s+\left\{ {2\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]+8\left[ {d_1^2+2d_2^2+\cdots +t{{{\left( {{d_1}+{d_2}+\cdots +{d_{t-1 }}} \right)}}^2}} \right]} \right\}} \\ \end{array} $$

     (5)
2. (b)

   the number of base instructions for the large integer additions/subtractions:

   • the number of additions/subtractions

     $$ \begin{array}{*{20}c} {=3\left[ {AddSub\left( {2{s_2}} \right)+2AddSub\left( {2{s_3}} \right)+\cdots +\left( {t-1} \right)AddSub\left( {2{s_t}} \right)} \right]+2\left[ {AddSub\left( {{s_2}} \right)+2AddSub\left( {{s_3}} \right)+\cdots +\left( {t-1} \right)AddSub\left( {{s_t}} \right)} \right]} \\ {=3\left[ {AddSub\left( {2{s_2}} \right)+2AddSub\left( {2{s_3}} \right)+\cdots +\left( {t-1} \right)AddSub\left( {2{s_t}} \right)} \right]+2\left[ {AddSub\left( {{s_2}} \right)+2AddSub\left( {{s_3}} \right)+\cdots +\left( {t-1} \right)AddSub\left( {{s_t}} \right)} \right]} \\ \end{array} $$

   • ⇒the number of base instructions

     $$ \begin{array}{*{20}c} {=3\left[ {AddSub\left( {2{s_2}} \right)+2AddSub\left( {2{s_3}} \right)+\cdots +\left( {t-1} \right)AddSub\left( {2{s_t}} \right)} \right]+2\left[ {AddSub\left( {{s_2}} \right)+2AddSub\left( {{s_3}} \right)+\cdots +\left( {t-1} \right)AddSub\left( {{s_t}} \right)} \right]\left| {_{AddSub(s)=5s }} \right.} \\ {=20\left( {t-1} \right)s+40\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]} \\ \end{array} $$

     (6)

We get the number of base instructions for unbalanced-t-way split = (5) + (6)

$$ =\frac{4t+4 }{t}{s^2}+\left\{ {\left( {21t-19} \right)+\frac{16 }{t}\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]} \right\}s+\left\{ {42\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]+8\left[ {d_1^2+2d_2^2+\cdots +t{{{\left( {{d_1}+{d_2}+\cdots +{d_{t-1 }}} \right)}}^2}} \right]} \right\} $$

Appendix 3. Proof of Corollary 1

Without any loss of generality, assuming that there are (k − 1) different d _i in total and that each d _i  < 0. By Conditions 3 & 4 in Theorem 2, two relations can be deduced:

$$ \begin{array}{*{20}c} {{d_{t-k+1 }},{d_{t-k+2 }},\cdots, {d_{t-1 }}<0} \hfill & {\mathrm{Relation}\left( \mathrm{I} \right)} \hfill \\ {{d_1},{d_2},\cdots, {d_{t-k }}>0} \hfill & {\mathrm{Relation}\left( {\mathrm{II}} \right)} \hfill \\ \end{array} $$

By Relation (Ι),

$$ \begin{array}{*{20}c} {{d_{t-k+2 }}+2{d_{t-k+3 }}+\cdots +\left( {k-2} \right){d_{t-1 }}<0} \hfill & {\mathrm{Relation}\left( {\mathrm{III}} \right)} \hfill \\ \end{array} $$

$$ \begin{array}{*{20}c} {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \hfill \\ {=\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +\left( {k+1} \right){d_{t-k-1 }}+(k){d_{t-k }}+\left( {k-1} \right){d_{t-k+1 }}+\left( {k-2} \right){d_{t-k+2 }}+\cdots +2{d_{t-2 }}+{d_{t-1 }}} \hfill \\ {=\left( {t-k} \right){d_1}+\left( {t-k-1} \right){d_2}+\cdots +2{d_{t-k-1 }}+{d_{t-k }}-\left[ {{d_{t-k+2 }}+2{d_{t-k+3 }}+\cdots +\left( {k-2} \right){d_{t-1 }}} \right]+\left( {k-1} \right)\left( {{d_1}+{d_2}+\cdots +{d_{t-1 }}} \right)} \hfill \\ \end{array} $$

By condition (2) of Theorem 2, Relation (ΙΙ), and (ΙΙΙ), \( \left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}>0 \)

Appendix 4. Proof of Theorem 3

By the proof of Theorem 1, the number of base instructions of balanced-t-way split to multiply two s-word integers by classical multiplication is \( \frac{{{t^2}+t}}{2}Mul{t_{CM }}\left( {s/t} \right)+20\left( {t-1} \right)s \).

The number of base instructions of 2-times recursive-balanced-t-way split to multiply two s-word integers by classical multiplication is \( \frac{{{t^2}+t}}{2}\left[ {\frac{{{t^2}+t}}{2}Mul{t_{CM }}\left( {s/{t^2}} \right)+20\left( {t-1} \right)\left( {s/t} \right)} \right]+20\left( {t-1} \right)s \).

The number of base instructions of n-times recursive-balanced-t-way split to multiply two s-word integers by classical multiplication is \( {{\left( {\frac{{{t^2}+t}}{2}} \right)}^n}Mul{t_{CM }}\left( {s/{t^n}} \right)+\left[ {20\left( {t-1} \right)(s)+\frac{{{t^2}+t}}{2}20\left( {t-1} \right)\left( {s/t} \right)+{{{\left( {\frac{{{t^2}+t}}{2}} \right)}}^n}20\left( {t-1} \right)\left( {s/{t^2}} \right)+\cdots +{{{\left( {\frac{{{t^2}+t}}{2}} \right)}}^{n-1 }}20\left( {t-1} \right)\left( {s/{t^{{\left( {n-1} \right)}}}} \right)} \right]\left| {_{{Mul{t_{CM }}(s)=8{s^2}+2s}}} \right.=8{{\left( {\frac{t+1 }{2t }} \right)}^n}{s^2}+42{{\left( {\frac{t+1 }{2}} \right)}^n}s-40s \).

Theorem 4 finds the n that results in optimal performance of n-times recursive-balanced-t-way split.

Appendix 5. Proof of Theorem 4

From Theorem 3, the number of base instructions of n-times recursive balanced-t-way split is \( 8{{\left( {\frac{t+1 }{2t }} \right)}^n}{s^2}+42{{\left( {\frac{t+1 }{2}} \right)}^n}s-40s,t\geqslant 2,n\geqslant 1 \).

Let \( f(n)=8{{\left( {\frac{t+1 }{2t }} \right)}^n}{s^2}+42{{\left( {\frac{t+1 }{2}} \right)}^n}s-40s \).

In order to find the minimum value of f (n), we set f ′(n) = 0 and solve for n.

$$ f\prime (n)=8{s^2}{{\left( {\frac{t+1 }{2t }} \right)}^n}\ln \left( {\frac{t+1 }{2t }} \right)+42s{{\left( {\frac{t+1 }{2}} \right)}^n}\ln \left( {\frac{t+1 }{2}} \right)=0 $$

we get \( n={\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-\ln 2} \right]}} \).

f (n) has the minimum value when \( n={\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-\ln 2} \right]}} \).

The n-times recursive-balanced-t-way split performs the minimum number of base instructions as \( n=\left\lfloor {{\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-\ln 2} \right]}}} \right\rfloor \).

Appendix 6. Proof of Theorem 5

By Theorem 3, the number of base instructions of n-times recursive-balanced-t-way split is \( 8{{\left( {\frac{t+1 }{2t }} \right)}^n}{s^2}+42{{\left( {\frac{t+1 }{2}} \right)}^n}s-40s \).

By Theorem 4, n-times recursive-balanced-t-way split performs the minimum number of base instructions as \( n={\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-\ln 2} \right]}} \).

Define that g(t, s) is the number of base instructions of using n-times recursive-balanced-t-way split to multiply two s-word integers when \( n={\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-\ln 2} \right]}} \).

We get \( g\left( {t,\,s} \right)=8{{\left( {\frac{t+1 }{2t }} \right)}^{{{\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-n2} \right]}}}}}{s^2}+42{{\left( {\frac{t+1 }{2}} \right)}^{{{\log_t}\frac{{4s\left[ {\ln \left( {2t} \right)-\ln \left( {t+1} \right)} \right]}}{{21\left[ {\ln \left( {t+1} \right)-\ln 2} \right]}}}}}s-40s \)3

Then we find the partial derivative of g(t, s) with respect to t.

It is clear that \( \frac{{\partial g\left( {t,s} \right)}}{{\partial t}}\geqslant 0 \) because s and t are two positive integers. Therefore, g(t, s) is a non-decreasing function. By this result, the smallest value of t is 2 for the n-times recursive-balanced-t-way split. Consequently, using n-times recursive-balanced-2-way split to multiply two s-word integers is more efficient than using n-times recursive-balanced-t-way split for t > 2.

Appendix 7. Proof of Lemma 1

From the results of Theorem 1, 2 and Corollary 1, there exists the relation below:

$$ \frac{4t+4 }{t}{s^2}+\left\{ {\left( {21t-19} \right)+\frac{16 }{t}\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]} \right\}s+\left\{ {42\left[ {\left( {t-1} \right){d_1}+\left( {t-2} \right){d_2}+\cdots +{d_{t-1 }}} \right]+8\left[ {d_1^2+2d_2^2+\cdots +t{{{\left( {{d_1}+{d_2}+\cdots +{d_{t-1 }}} \right)}}^2}} \right]} \right\}>\frac{4t+4 }{t}{s^2}+\left( {21t-19} \right)s $$

We get the balanced-t-way split performs better than unbalanced-t-way split.