Elsevier

Integration

Volume 30, Issue 2, October 2001, Pages 169-175
Integration

A bit-interleaved systolic architecture for a high-speed RSA system

https://doi.org/10.1016/S0167-9260(01)00017-7Get rights and content

Abstract

A new systolic serial–parallel scheme that implements the Montgomery multiplier is presented. The serial input of this multiplier consists of two sets of data that enter in a bit-interleaved form. The results are also derived in the same form. The design, with minor modifications, can be used for the implementation of the RSA algorithm by realizing the square-and-multiply algorithm. The circuit yields the lowest hardware complexity reported and permits high-speed operation with 100% efficiency.

Introduction

The core of an RSA [1] crypto-system is the modular exponentiation, which can be constructed by a sequence of modular multiplications and squarings. These operations have to be performed in a serial pipelined way, because of the operands length (>1024 bits). The most efficient algorithm for modular multiplication was presented by Montgomery [2]. One approach [3], [4] proposes a direct implementation of the Montgomery scheme by using two similar circuits: one for multiplication and one for squaring. However, it suffers from a large combinational delay, decreasing the maximum operating frequency. Another approach [5], [6] suggests the realization of the modular multiplication and squaring in two discrete stages: the pure product generation and the modular reduction. In this approach, the combinational delay is reduced to half, over doubling the performance. However, extra hardware is required.

In this paper, a new implementation of a Montgomery multiplier is presented, which is based on the direct approach achieving higher performance than any other realization. The circuit is modified in an elegant way in order to implement both the modular multiplication and squaring in a bit-interleaved form. The modular exponentiation requires approximately 2n2 clock cycles with the minimum hardware complexity, reported so far.

Section snippets

The Montgomery multiplier

One of the most efficient ways to perform modular multiplication was presented by Montgomery [2]. This method, simplifies the modular operation by replacing the time expensive divisions, by add and shift operations. The Montgomery algorithm is presented below:

.

Inputs:Modulus: N (n-bits integer)
Multiplicand: A (n bits integer); A=an−1,an−2,…,a0
Multiplier: B (n bits integer); B=bn−1, bn−2, …, b0
Output:P=Mon{A, B}=(AB2n) mod N; Modular product.
Algorithm.P0=0;
q0=0;
for i=0 to n do
  Pi+1=[(Pi+qiN)/2]+biA;
   q

The Montgomery exponentiator

A modular exponentiation can be implemented with the use of the square-and-multiply scheme. This scheme suggests the construction of an exponentiation by successive squarings and multiplications, depending on the value of the key bit. We define M=M2nmodN. The square-and-multiply scheme is presented below:

.

Inputs:Message: M (n-bits integer)
Encryption key: E(en−1,…,e0)
Output:Encrypted message: C
Algorithm.
A0=M;
If e0=0 then
  B0=1;
else
   B0=M;
End; // If
For i=1 to n−1 do  // n is the number of bits}
  Ai+1

Conclusions

The circuit in Fig. 2 is systolic, operates with 100% efficiency, interleaving multiplication and squaring on a bit basis, while the maximum combinational delay is equal to that of a gated Full-Adder (Tc). The utilization of the proposed design for both squaring and multiplication, permits the application of large numbers, i.e. over 1024 bits. The critical path delay of [4], [5] comprises two Full-Adders and some controlling logic. Therefore, it is normalized to 2Tc. Additionally, the

Kiamal Pekmestzi received his Diploma in Electrical Engineering from the National Technical University of Athens (1975). From 1975 to 1981 he was a research fellow in the Electronics Department of the Nuclear Research Center “Demokritos”. He received his Ph.D. in Electrical Engineering from the University of Patras (1981). From 1983 to 1985 he was a Professor at Higher School of Electronics in Athens. Since 1985 he has been with the National Technical University of Athens, where he is currently

References (6)

  • R. Rivest et al.

    A method for obtaining digital signature and public-key cryptosystems

    Commun. ACM

    (1978)
  • P.L. Montgomery

    Modular multiplication without trial division

    Math. Comput.

    (1985)
  • S.E. Eldridge et al.

    Hardware Implementation of Montgomery's modular multiplication algorithm

    IEEE Trans. Comput.

    (1993)
There are more references available in the full text version of this article.

Cited by (2)

Kiamal Pekmestzi received his Diploma in Electrical Engineering from the National Technical University of Athens (1975). From 1975 to 1981 he was a research fellow in the Electronics Department of the Nuclear Research Center “Demokritos”. He received his Ph.D. in Electrical Engineering from the University of Patras (1981). From 1983 to 1985 he was a Professor at Higher School of Electronics in Athens. Since 1985 he has been with the National Technical University of Athens, where he is currently a Professor in the Department of Electrical and Computer Engineering. His research interests include computer arithmetic, microprocessor-based systems and VLSI architectures for fast digital signal processing.

Nikos Moshopoulos received his Diploma in Computer Engineering in 1996 and his Ph.D. in Electrical Engineering in 2001, both from the National Technical University of Athens. His research interests include computer arithmetic, cryptography and VLSI architectures for digital signal processing.

View full text
Copyright © 2001 Elsevier Science B.V. All rights reserved.