FFT-Based McLaughlin's Montgomery Exponentiation without Conditional Selections

Modular multiplication forms the basis of many cryptographic functions such as RSA, Diffie-Hellman key exchange, and ElGamal encryption. For large RSA moduli, combining the fast Fourier transform (FFT) with McLaughlin's Montgomery modular multiplication (MLM) has been validated to offer cost-ef...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on computers 2018-09, Vol.67 (9), p.1301-1314
Main Authors: Dai, Wangchen, Chen, Donglong, Cheung, Ray C. C., Koc, Cetin Kaya
Format: Article
Language:English
Subjects:
Algorithms
Computer architecture
Convolution
Cryptography
Efficiency
Encryption
Fast Fourier transformations
field-programmable gate array (FPGA)
Fourier transforms
Hardware
modular exponentiation
Montgomery modular multiplication
Multiplication
Multiplication & division
number-theoretic weighted transform
RSA encryption
Run time (computers)
Timing
Transforms
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53
cites cdi_FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53
container_end_page 1314
container_issue 9
container_start_page 1301
container_title IEEE transactions on computers
container_volume 67
creator Dai, Wangchen
Chen, Donglong
Cheung, Ray C. C.
Koc, Cetin Kaya
description Modular multiplication forms the basis of many cryptographic functions such as RSA, Diffie-Hellman key exchange, and ElGamal encryption. For large RSA moduli, combining the fast Fourier transform (FFT) with McLaughlin's Montgomery modular multiplication (MLM) has been validated to offer cost-effective implementation results. However, the conditional selections in McLaughlin's algorithm are considered to be inefficient and vulnerable to timing attacks, since extra long additions or subtractions may take place and the running time of MLM varies. In this work, we restrict the parameters of MLM by a set of new bounds and present a modified MLM algorithm involving no conditional selection. Compared to the original MLM algorithm, we inhibit extra operations caused by the conditional selections and accomplish constant running time for modular multiplications with different inputs. As a result, we improve both area-time efficiency and security against timing attacks. Based on the proposed algorithm, efficient FFT-based modular multiplication and exponentiation are derived. Exponentiation architectures with dual FFT-based multipliers are designed obtaining area-latency efficient solutions. The results show that our work offers a better efficiency compared to the state-of-the-art works from and above 2048-bit operand sizes. For single FFT-based modular multiplication, we have achieved constant running time and obtained area-latency efficiency improvements up to 24.3 percent for 1,024-bit and 35.5 percent for 4,096-bit operands, respectively.
doi_str_mv 10.1109/TC.2018.2811466
format article
fullrecord <record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_ieee_primary_8307235</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8307235</ieee_id><sourcerecordid>2117122750</sourcerecordid><originalsourceid>FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53</originalsourceid><addsrcrecordid>eNo9kDFPwzAQhS0EEqUwM7BEYmBK8dlxHI8QtYDUqgNhthzHaV2lcYkTQf89jlox3ene905PD6F7wDMALJ6LfEYwZDOSASRpeoEmwBiPhWDpJZrgIMWCJvga3Xi_wxinBIsJWi8WRfyqvKmilV6qYbNtbPvko5Vr-43bm-4YzX8PrjVtb1VvXRv92H7rhj7KXVvZ8aKa6NM0Ro-7v0VXtWq8uTvPKfpazIv8PV6u3z7yl2WsSSb6OMtSyCgGToRhylRpRWrCmNYkBBU1B1IC1pzSpCRamYyUSgPngaqSpKwYnaLH099D574H43u5c0MXsnhJAIKfcIYD9XyidOe870wtD53dq-4oAcuxNVnkcmxNnlsLjoeTwxpj_ukQlRPK6B_pDWfe</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2117122750</pqid></control><display><type>article</type><title>FFT-Based McLaughlin's Montgomery Exponentiation without Conditional Selections</title><source>IEEE Electronic Library (IEL) Journals</source><creator>Dai, Wangchen ; Chen, Donglong ; Cheung, Ray C. C. ; Koc, Cetin Kaya</creator><creatorcontrib>Dai, Wangchen ; Chen, Donglong ; Cheung, Ray C. C. ; Koc, Cetin Kaya</creatorcontrib><description>Modular multiplication forms the basis of many cryptographic functions such as RSA, Diffie-Hellman key exchange, and ElGamal encryption. For large RSA moduli, combining the fast Fourier transform (FFT) with McLaughlin's Montgomery modular multiplication (MLM) has been validated to offer cost-effective implementation results. However, the conditional selections in McLaughlin's algorithm are considered to be inefficient and vulnerable to timing attacks, since extra long additions or subtractions may take place and the running time of MLM varies. In this work, we restrict the parameters of MLM by a set of new bounds and present a modified MLM algorithm involving no conditional selection. Compared to the original MLM algorithm, we inhibit extra operations caused by the conditional selections and accomplish constant running time for modular multiplications with different inputs. As a result, we improve both area-time efficiency and security against timing attacks. Based on the proposed algorithm, efficient FFT-based modular multiplication and exponentiation are derived. Exponentiation architectures with dual FFT-based multipliers are designed obtaining area-latency efficient solutions. The results show that our work offers a better efficiency compared to the state-of-the-art works from and above 2048-bit operand sizes. For single FFT-based modular multiplication, we have achieved constant running time and obtained area-latency efficiency improvements up to 24.3 percent for 1,024-bit and 35.5 percent for 4,096-bit operands, respectively.</description><identifier>ISSN: 0018-9340</identifier><identifier>EISSN: 1557-9956</identifier><identifier>DOI: 10.1109/TC.2018.2811466</identifier><identifier>CODEN: ITCOB4</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Algorithms ; Computer architecture ; Convolution ; Cryptography ; Efficiency ; Encryption ; Fast Fourier transformations ; field-programmable gate array (FPGA) ; Fourier transforms ; Hardware ; modular exponentiation ; Montgomery modular multiplication ; Multiplication ; Multiplication &amp; division ; number-theoretic weighted transform ; RSA encryption ; Run time (computers) ; Timing ; Transforms</subject><ispartof>IEEE transactions on computers, 2018-09, Vol.67 (9), p.1301-1314</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2018</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53</citedby><cites>FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53</cites><orcidid>0000-0002-5192-1649 ; 0000-0002-2572-9565</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8307235$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,54796</link.rule.ids></links><search><creatorcontrib>Dai, Wangchen</creatorcontrib><creatorcontrib>Chen, Donglong</creatorcontrib><creatorcontrib>Cheung, Ray C. C.</creatorcontrib><creatorcontrib>Koc, Cetin Kaya</creatorcontrib><title>FFT-Based McLaughlin's Montgomery Exponentiation without Conditional Selections</title><title>IEEE transactions on computers</title><addtitle>TC</addtitle><description>Modular multiplication forms the basis of many cryptographic functions such as RSA, Diffie-Hellman key exchange, and ElGamal encryption. For large RSA moduli, combining the fast Fourier transform (FFT) with McLaughlin's Montgomery modular multiplication (MLM) has been validated to offer cost-effective implementation results. However, the conditional selections in McLaughlin's algorithm are considered to be inefficient and vulnerable to timing attacks, since extra long additions or subtractions may take place and the running time of MLM varies. In this work, we restrict the parameters of MLM by a set of new bounds and present a modified MLM algorithm involving no conditional selection. Compared to the original MLM algorithm, we inhibit extra operations caused by the conditional selections and accomplish constant running time for modular multiplications with different inputs. As a result, we improve both area-time efficiency and security against timing attacks. Based on the proposed algorithm, efficient FFT-based modular multiplication and exponentiation are derived. Exponentiation architectures with dual FFT-based multipliers are designed obtaining area-latency efficient solutions. The results show that our work offers a better efficiency compared to the state-of-the-art works from and above 2048-bit operand sizes. For single FFT-based modular multiplication, we have achieved constant running time and obtained area-latency efficiency improvements up to 24.3 percent for 1,024-bit and 35.5 percent for 4,096-bit operands, respectively.</description><subject>Algorithms</subject><subject>Computer architecture</subject><subject>Convolution</subject><subject>Cryptography</subject><subject>Efficiency</subject><subject>Encryption</subject><subject>Fast Fourier transformations</subject><subject>field-programmable gate array (FPGA)</subject><subject>Fourier transforms</subject><subject>Hardware</subject><subject>modular exponentiation</subject><subject>Montgomery modular multiplication</subject><subject>Multiplication</subject><subject>Multiplication &amp; division</subject><subject>number-theoretic weighted transform</subject><subject>RSA encryption</subject><subject>Run time (computers)</subject><subject>Timing</subject><subject>Transforms</subject><issn>0018-9340</issn><issn>1557-9956</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><recordid>eNo9kDFPwzAQhS0EEqUwM7BEYmBK8dlxHI8QtYDUqgNhthzHaV2lcYkTQf89jlox3ene905PD6F7wDMALJ6LfEYwZDOSASRpeoEmwBiPhWDpJZrgIMWCJvga3Xi_wxinBIsJWi8WRfyqvKmilV6qYbNtbPvko5Vr-43bm-4YzX8PrjVtb1VvXRv92H7rhj7KXVvZ8aKa6NM0Ro-7v0VXtWq8uTvPKfpazIv8PV6u3z7yl2WsSSb6OMtSyCgGToRhylRpRWrCmNYkBBU1B1IC1pzSpCRamYyUSgPngaqSpKwYnaLH099D574H43u5c0MXsnhJAIKfcIYD9XyidOe870wtD53dq-4oAcuxNVnkcmxNnlsLjoeTwxpj_ukQlRPK6B_pDWfe</recordid><startdate>20180901</startdate><enddate>20180901</enddate><creator>Dai, Wangchen</creator><creator>Chen, Donglong</creator><creator>Cheung, Ray C. C.</creator><creator>Koc, Cetin Kaya</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-5192-1649</orcidid><orcidid>https://orcid.org/0000-0002-2572-9565</orcidid></search><sort><creationdate>20180901</creationdate><title>FFT-Based McLaughlin's Montgomery Exponentiation without Conditional Selections</title><author>Dai, Wangchen ; Chen, Donglong ; Cheung, Ray C. C. ; Koc, Cetin Kaya</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Algorithms</topic><topic>Computer architecture</topic><topic>Convolution</topic><topic>Cryptography</topic><topic>Efficiency</topic><topic>Encryption</topic><topic>Fast Fourier transformations</topic><topic>field-programmable gate array (FPGA)</topic><topic>Fourier transforms</topic><topic>Hardware</topic><topic>modular exponentiation</topic><topic>Montgomery modular multiplication</topic><topic>Multiplication</topic><topic>Multiplication &amp; division</topic><topic>number-theoretic weighted transform</topic><topic>RSA encryption</topic><topic>Run time (computers)</topic><topic>Timing</topic><topic>Transforms</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Dai, Wangchen</creatorcontrib><creatorcontrib>Chen, Donglong</creatorcontrib><creatorcontrib>Cheung, Ray C. C.</creatorcontrib><creatorcontrib>Koc, Cetin Kaya</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE/IET Electronic Library</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on computers</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Dai, Wangchen</au><au>Chen, Donglong</au><au>Cheung, Ray C. C.</au><au>Koc, Cetin Kaya</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>FFT-Based McLaughlin's Montgomery Exponentiation without Conditional Selections</atitle><jtitle>IEEE transactions on computers</jtitle><stitle>TC</stitle><date>2018-09-01</date><risdate>2018</risdate><volume>67</volume><issue>9</issue><spage>1301</spage><epage>1314</epage><pages>1301-1314</pages><issn>0018-9340</issn><eissn>1557-9956</eissn><coden>ITCOB4</coden><abstract>Modular multiplication forms the basis of many cryptographic functions such as RSA, Diffie-Hellman key exchange, and ElGamal encryption. For large RSA moduli, combining the fast Fourier transform (FFT) with McLaughlin's Montgomery modular multiplication (MLM) has been validated to offer cost-effective implementation results. However, the conditional selections in McLaughlin's algorithm are considered to be inefficient and vulnerable to timing attacks, since extra long additions or subtractions may take place and the running time of MLM varies. In this work, we restrict the parameters of MLM by a set of new bounds and present a modified MLM algorithm involving no conditional selection. Compared to the original MLM algorithm, we inhibit extra operations caused by the conditional selections and accomplish constant running time for modular multiplications with different inputs. As a result, we improve both area-time efficiency and security against timing attacks. Based on the proposed algorithm, efficient FFT-based modular multiplication and exponentiation are derived. Exponentiation architectures with dual FFT-based multipliers are designed obtaining area-latency efficient solutions. The results show that our work offers a better efficiency compared to the state-of-the-art works from and above 2048-bit operand sizes. For single FFT-based modular multiplication, we have achieved constant running time and obtained area-latency efficiency improvements up to 24.3 percent for 1,024-bit and 35.5 percent for 4,096-bit operands, respectively.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TC.2018.2811466</doi><tpages>14</tpages><orcidid>https://orcid.org/0000-0002-5192-1649</orcidid><orcidid>https://orcid.org/0000-0002-2572-9565</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0018-9340
ispartof IEEE transactions on computers, 2018-09, Vol.67 (9), p.1301-1314
issn 0018-9340
1557-9956
language eng
recordid cdi_ieee_primary_8307235
source IEEE Electronic Library (IEL) Journals
subjects Algorithms
Computer architecture
Convolution
Cryptography
Efficiency
Encryption
Fast Fourier transformations
field-programmable gate array (FPGA)
Fourier transforms
Hardware
modular exponentiation
Montgomery modular multiplication
Multiplication
Multiplication & division
number-theoretic weighted transform
RSA encryption
Run time (computers)
Timing
Transforms
title FFT-Based McLaughlin's Montgomery Exponentiation without Conditional Selections
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T22%3A11%3A45IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=FFT-Based%20McLaughlin's%20Montgomery%20Exponentiation%20without%20Conditional%20Selections&rft.jtitle=IEEE%20transactions%20on%20computers&rft.au=Dai,%20Wangchen&rft.date=2018-09-01&rft.volume=67&rft.issue=9&rft.spage=1301&rft.epage=1314&rft.pages=1301-1314&rft.issn=0018-9340&rft.eissn=1557-9956&rft.coden=ITCOB4&rft_id=info:doi/10.1109/TC.2018.2811466&rft_dat=%3Cproquest_ieee_%3E2117122750%3C/proquest_ieee_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c289t-88618301729e5aed6d2f255cc20019f712b10c7334b2cae82bac177d2fd44bd53%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2117122750&rft_id=info:pmid/&rft_ieee_id=8307235&rfr_iscdi=true