• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.269-271
• /
• 2003

본 논문에서는 타원 곡선 암호의 성능을 향상시키기 위한 효율적인 최적 확장체 연산 알고리즘을 제안한다. 제안하는 알고리즘은 CPU에서 제공되는 정수 곱셈 명령 1회 실행에 두 개의 하위체 연산을 병렬적으로 수행하도록 함으로써 최적 확장체에서의 곱셈, 제곱, 역원 연산의 속도를 향상시킨다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.313-314
• /
• 2021

최근 개인 정보 보호를 위해 주목 받고 있는 동형암호 알고리즘은 암호화된 상태로 덧셈과 곱셈 연산이 가능하여, 연산을 위한 복호화 과정 없이 데이터에 대한 가공이 가능하다. 따라서 이러한 동형암호 알고리즘이 개인 정보 보호를 위한 방법으로 떠오르고 있으며, 특히 완전동형암호 알고리즘의 경우 덧셈과 곱셈 연산을 모두 지원하며, 유효 연산 횟수에도 제한이 없어 응용 분야에서 널리 활용될 것으로 예상된다. 그러나, 완전동형암호 알고리즘의 경우 암호문의 크기가 평문대비 크게 증가하고, 다항식으로 구성된 암호문의 덧셈 및 곱셈 연산도 복잡하여 이에 대한 가속이 필요한 실정이다. 이에 FPGA 기반의 동형암호 가속기 개발이 많이 연구되고 있으며, 이를 통해 동형암호 연산의 특징을 이해하고 가속기 연구 동향을 알아보려 한다.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.42 no.5 s.335
• /
• pp.23-30
• /
• 2005

In the construction of an extension field, there is a connection between the polynomial multiplication method and the degree of polynomial. The existing methods, KO and MSK methods, efficiently reduce the complexity of coefficient-multiplication. However, when we construct the multiplication of an extension field using KO and MSK methods, the polynomials are padded with necessary number of zero coefficients in general. In this paper, we propose basic properties of KO and MSK methods and algorithm that can reduce coefficient-multiplications. The proposed algorithm is more reducible than the original KO and MSK methods. This characteristic makes the employment of this multiplier particularly suitable for applications characterized by specific space constrains, such as those based on smart cards, token hardware, mobile phone or other devices.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.8
• /
• pp.867-873
• /
• 2014

Since the computation of a multiplicative inverse using MONB includes many squarings and thus calculating inverse is expensive, we, in this paper, propose a low cost inverse algorithm requiring $nb(2^nm-1)+w(2^nm-1)-2$ multiplications and $2^n-1$ squarings to compute an inverse in $GF(2^{2^nm})^*$ using special normal basis over $GF(2^{2^n})$, and give some implementation results using the algorithm and, show that the timing results of our implementation is faster than that of Itoh et al.'s method.

• Journal of KIISE:Computer Systems and Theory
• /
• v.30 no.5_6
• /
• pp.324-329
• /
• 2003

The public-key cryptosystems such as Diffie-Hellman Key Distribution and Elliptical Curve Cryptosystems are built on the basis of the operations defined in GF(2$^{m}$ ):addition, subtraction, multiplication and multiplicative inversion. It is important that these operations should be computed at high speed in order to implement these cryptosystems efficiently. Among those operations, as being the most time-consuming, multiplicative inversion has become the object of lots of investigation Formant's theorem says $\beta$$^{-1}$ =$\beta$$^{2}$sup m/-2/, where $\beta$$^{-1}$ is the multiplicative inverse of $\beta$$\in$GF(2$^{m}$ ). Therefore, to compute the multiplicative inverse of arbitrary elements of GF(2$^{m}$ ), it is most important to reduce the number of times of multiplication by decomposing 2$^{m}$ -2 efficiently. Among many algorithms relevant to the subject, the algorithm proposed by Itoh and Tsujii[2] has reduced the required number of times of multiplication to O(log m) by using normal basis. Furthermore, a few papers have presented algorithms improving the Itoh and Tsujii's. However they have some demerits such as complicated decomposition processes[3,5]. In this paper, in the case of 2$^{m}$ -2, which is mainly used in practical applications, an efficient algorithm is proposed for computing the multiplicative inverse at high speed by using both the factorization formula x$^3$-y$^3$=(x-y)(x$^2$＋xy＋y$^2$) and normal basis. The number of times of multiplication of the algorithm is smaller than that of the algorithm proposed by Itoh and Tsujii. Also the algorithm decomposes 2$^{m}$ -2 more simply than other proposed algorithms.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.2
• /
• pp.68-78
• /
• 2007

D-class is defined as a set of equivalent $n{\times}n$ boolean matrices according to a given equivalence relation. The D-class computation requires the multiplication of three boolean matrices for each of all possible triples of $n{\times}n$ boolean matrices. However, almost all the researches on boolean matrices focused on the efficient multiplication of only two boolean matrices and a few researches have recently been shown to deal with the multiplication of all boolean matrices. The paper suggests a mathematical theory that enables the efficient multiplication for all possible boolean matrix triples and the efficient computation of all D-classes, and discusses algorithms designed with the theory and their execution results.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.2
• /
• pp.62-68
• /
• 2007

This paper proposes an efficient integer division algorithm for high speed FPGAs' which support built-in RAMs' and multipliers. The integer division algorithm is iterative with RAM-based LUT and multipliers, which minimizes the usage of logic fabric and connection resources. Compared with some popular division algorithms such as division by subtraction or division by multiply-subtraction, the number of iteration is much smaller, so that very low latency can be achieved with pipelined implementations. We have implemented our algorithm in the Xilinx virtex-4 FPGA with VHDL coding and have achieved 300MSPS data rate in 17bit integer division. The algorithm used less than 1/6 of logic slices, 1/4 of the built-in multiply-accumulation units, and 1/3 of the latencies compared with other popular algorithms.

• Journal of the Korean Institute of Telematics and Electronics D
• /
• v.35D no.10
• /
• pp.107-115
• /
• 1998

A multiplier bit-pair recoding technique derived from Booth algorithm is used as an effective method that can carry out a fast binary multiplication regardless of a sign of both multiplicand and multiplier. In this paper, we propose an implementation of an optical high-speed multiplier which consists of a symbolic substitution adder and an optical multiplication algorithm, which transforms and enhances the multiplier bit-pair recoding algorithm to be fit for optical characteristics. Specially, a symbolic substitution addition rules are coded with a dual-rail logic, and so the complement of the logic of the symbolic substitution adder is easily obtained with a shift operation because it is always present. We also construct the symbolic substitution system which makes superposition image by superimposing two shifted images in a serial connection and recognizes a reference image by feeding this superimposed image to a mask. Thus, the optical multiplier, which is compared with a typical system, is implemented to the smaller system by reducing the number of optical passive elements and the size of this system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.2
• /
• pp.35-44
• /
• 2002

In this paper, an implementation method of RSA exponentiator based on Radix-$2^k$ modular multiplication algorithm is presented and verified. We use Booth receding algorithm to implement Radix-$2^k$ modular multiplication and implement radix-16 modular multiplier using 2K-byte memory and CSA(carry-save adder) array - with two full adder and three half adder delays. For high speed final addition we use a reduced carry generation and propagation scheme called pseudo carry look-ahead adder. Furthermore, the optimum value of the radix is presented through the trade-off between the operating frequency and the throughput for given Silicon technology. We have verified 1,024-bit RSA processor using Altera FPGA EP2K1500E device and Samsung 0.3$\mu\textrm{m}$ technology. In case of the radix-16 modular multiplication algorithm, (n+4+1)/4 clock cycles are needed and the 1,024-bit modular exponentiation is performed in 5.38ms at 50MHz.

• The KIPS Transactions:PartA
• /
• v.15A no.3
• /
• pp.161-166
• /
• 2008

In this paper, an efficient digit-serial systolic array is proposed for multiplication in finite field GF($2^m$) using the polynomial basis representation. The proposed systolic array is based on the most significant digit first (MSD-first) multiplication algorithm and produces multiplication results at a rate of one every "m/D" clock cycles, where D is the selected digit size. Since the inner structure of the proposed multiplier is tree-type, critical path increases logarithmically proportional to D. Therefore, the computation delay of the proposed architecture is significantly less than previously proposed digit-serial systolic multipliers whose critical path increases proportional to D. Furthermore, since the new architecture has the features of a high regularity, modularity, and unidirectional data flow, it is well suited to VLSI implementation.