改进的蒙哥马利模乘算法及FPGA实现

doi:10.16180/j.cnki.issn1007-7820.2022.07.010

摘要/Abstract

摘要：

为了保障用户线上信息的安全,常采用公钥密码系统对数据信息进行加密。大整数模乘运算作为公钥密码系统的核心操作,其计算效率对公钥密码系统的性能至关重要。文中基于经典的蒙哥马利模乘算法,提出一种多项式展开的交叉蒙哥马利模乘算法。通过分解大位宽逻辑运算,以多项式展开来交叉执行模乘法和模约简运算,有效提高了大整数模乘运算的计算效率,降低了硬件实现的资源消耗。FPGA实验验证表明,相比于其它方法,文中所提方法分别减少96.5%和69%的面积时间积AT1与AT2,更好地实现了计算时间和硬件开销的平衡,有较高的灵活性和通用性,适合具有大量加密需求的成本敏感型应用。

关键词: 蒙哥马利模乘, 大整数模乘运算, RSA密码算法, 公钥密码算法, 信息安全, 现场可编程门阵列, 硬件加速, 软硬件协同设计

Abstract:

In order to ensure the online information security of users, the public key cryptosystem is used to encrypt the data information. As the core operation of public key cryptosystem, the computation efficiency of large integer modular multiplication is very important to the performance of public key cryptosystem. In this study, a polynomial expanded cross Montgomery modular multiplication algorithm is proposed, which is based on the classical Montgomery modular multiplication algorithm. By decomposing large bit-width logic operations, and performing modular multiplication and modular reduction operations with polynomial expansion, this algorithm can effectively improve the calculation efficiency of large integer modular multiplication operations, and reduce the resource consumption of hardware implementation. FPGA experiment verification shows that compared with other methods, the proposed algorithm can reduce AT1 and AT2 (the products of area and time) by 96.5% and 69% respectively, indicating that the proposed method achieves the balance between computing time and hardware overhead, has high flexibility and universality, and is suitable for cost-sensitive applications with a large number of encryption requirements.

Key words: Montgomery modular multiplication, modular multiplication of large integer, RSA cryptographic algorithm, public key cryptography algorithm, information security, FPGA, hardware acceleration, software-hardware co-design

中图分类号:

TP309.7

程碧倩,刘光柱,肖昊. 改进的蒙哥马利模乘算法及FPGA实现[J]. 电子科技, 2022, 35(7): 58-63.

CHENG Biqian,LIU Guangzhu,XIAO Hao. Improved Montgomery Modular Multiplication Algorithm and FPGA Implementation[J]. Electronic Science and Technology, 2022, 35(7): 58-63.

图/表 6

图1

图2

图3

图4

表1

表2

参考文献 18

[1]	黄泽. 树与单圈图优雅标号算法的新型图形密码研究[J]. 电子科技, 2019, 32(3):77-81.
	Huang Ze. New type of graphical password study based on the elegant label algorithm of tree and unicyclic graph[J]. Electronic Science and Technology, 2019, 32(3):77-81.
[2]	郑志静, 李旭伟. 利用泛化洛伦茨方程进行消息加密和密钥分发[J]. 计算机工程与设计, 2017, 38(12):3247-3305.
	Zheng Zhijing, Li Xuwei. Message encryption and key distribution using generalized Lorenz equation[J]. Computer Engineering and Design, 2017, 38(12):3247-3305.
[3]	龚文杰. RSA算法的FPGA快速实现[D]. 西安: 西安电子科技大学, 2016.
	Gong Wenjie. FPGA fast implementation of RSA algorithm[D]. Xi'an: Xidian University, 2016.
[4]	Montgomery P L. Modular multiplication without trial division[J]. Mathematics of Computation, 1985, 44(170):519-521. doi: 10.1090/S0025-5718-1985-0777282-X
[5]	李泽祥. RSA软硬件协同设计的研究与实现[D]. 广州: 华南理工大学, 2018.
	Li Zexiang. Research and implementation of RSA hardware/software design[D]. Guangzhou: South China University of Technology, 2018.
[6]	Liu R, Li S. A design and implementation of Montgomery modular multiplier[C]. Sapporo: Proceedings of the IEEE International Symposium on Circuits and Systems, 2019.
[7]	Gu Z, Li S. A division-free toom-cook multiplication-based montgomery modular multiplication[J]. IEEE Transactions on Circuits and Systems II: Express Briefs, 2018, 66(8):1401-1405. doi: 10.1109/TCSII.2018.2886962
[8]	Ding J, Li S. A low-latency and low-cost montgomery modular multiplier based on NLP multiplication[J]. IEEE Transactions on Circuits and Systems II: Express Briefs, 2019, 67(7):1319-1323. doi: 10.1109/TCSII.2019.2932328
[9]	Pan J S, Song P, Yang C S. Efficient digit-serial modular multiplication algorithm on FPGA[J]. IET Circuits, Devices & Systems, 2018, 12(5):662-668. doi: 10.1049/iet-cds.2017.0300
[10]	Mukhopadhyay D, Roy D B. Revisiting FPGA implementation of montgomery multiplier in redundant number system for efficient ECC application in GF(p)[C]. Dublin: Proceedings of the Twenty-eighth International Conference on Field Programmable Logic and Applications, 2018.
[11]	Roy D B, Mukhopadhyay D. High-speed implementation of ECC scalar multiplication in GF(p) for generic montgomery curves[J]. IEEE Transactions on Very Large Scale Integration Systems, 2019, 27(2):1587-1600. doi: 10.1109/TVLSI.2019.2905899
[12]	Fatemi S, Zare M, Khavari A F, et al. Efficient implementation of digit-serial montgomery modular multiplier architecture[J]. IET Circuits, Devices & Systems, 2019, 13(7):942-949. doi: 10.1049/iet-cds.2018.5182
[13]	Rezai A, Keshavarzi P. High-throughput modular multiplication and exponentiation algorithms using multibit-scan-multibit-shift technique[J]. IEEE Transactions on Very Large Scale Integration Systems, 2014, 23(9):1710-1719. doi: 10.1109/TVLSI.2014.2355854
[14]	何安平, 郭慧波, 冯志华, 等. 基于异步电路设计的RSA算法加密芯片[J]. 计算机工程与设计, 2019, 40(4):906-913.
	He Anping, Guo Huibo, Feng Zhihua, et al. RSA algorithm encryption chip based on asynchronous circuit design[J]. Computer Engineering and Design, 2019, 40(4):906-913.
[15]	Walter C D. Montgomery exponentiation needs no final subtractions[J]. Electronics Letters, 1999, 35(21): 1831-1832. doi: 10.1049/el:19991230
[16]	Dai W, Chen D D, Cheung R C C, et al. Area-time efficient architecture of FFT-based montgomery multiplication[J]. IEEE Transactions on Computers, 2016, 66(3):375-388. doi: 10.1109/TC.2016.2601334
[17]	Erdem S S, Yanlk T, Çelebi A. A general digit-serial architecture for montgomery modular multiplication[J]. IEEE Transactions on Very Large Scale Integration Systems, 2017, 25(5):1658-1668. doi: 10.1109/TVLSI.2017.2652979
[18]	Chen D D, Yao G X, Cheung R C C, et al. Parameter space for the architecture of FFT-based montgomery modular multiplication[J]. IEEE Transactions on Computers, 2016, 65(1):147-160. doi: 10.1109/TC.2015.2417553

算法	乘法器位宽	加法器位宽	存储空间/bit
经典	2n	2n+1	(4n)+(2n+1)
本文	x+y/2x	x+y+2/2x+1	(3n+x+2(x+y+2)+2x+1)

算法	时间/μs	资源使用情况		AT1	AT2
算法	时间/μs	LUT数量	DSP数量	AT1	AT2
文献[16]	3.60	13 811 LUT	27 DSP	49.7	0.097
文献[17]	1.01	22 625 LUT	0 DSP	22.9	0.000
文献[18]	3.80	25 309 LUT	135 DSP	96.2	0.513
本文算法	1.62	2 317 LUT	131 DSP	3.4	0.195