• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.1_2
• /
• pp.62-68
• /
• 2006

The important arithmetic operations over finite fields include multiplication and exponentiation. An exponentiation operation can be implemented using a series of squaring and multiplication operations over GF($2^m$) using the binary method. Hence, it is important to develop a fast algorithm and efficient hardware for multiplication. This paper presents an efficient bit-serial systolic array for MSB-first multiplication in GF($2^m$) based on the polynomial representation. As compared to the related multipliers, the proposed systolic multiplier gains advantages in terms of input-pin and area-time complexity. Furthermore, it has regularity, modularity, and unidirectional data flow, and thus is well suited to VLSI implementation.

• Journal of the Institute of Electronics Engineers of Korea SC
• /
• v.41 no.6
• /
• pp.27-35
• /
• 2004

Finite or Galois fields have been used in numerous applications such as error correcting codes, digital signal processing and cryptography. These applications often require exponetiation on GF(2$^{m}$ ) which is a very computationally intensive operation. Most of the existing methods implemented the exponetiation by iterative methods using repeated multiplications, which leads to much computational load, or needed much hardware cost because of their structural complexity in implementing. In this paper, we present an effective VLSI architecture for exponentiation on GF(2$^{m}$ ). This circuit computes the exponentiation by multiplying product terms, each of which corresponds to an exponent bit. Until now use of this type algorithm has been confined to a primitive element but we generalize it to any elements in GF(2$^{m}$ ).

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.76-89
• /
• 2013

In this paper, we propose a novel optical fault detection scheme for RSA hardware based on Montgomery exponentiation, which can effectively detect optical fault injection during the exponent calculation. To protect the RSA hardware from the optical fault injection attack, we implemented integrity check logic for memory and optical fault detection logic for Montgomery-based multiplier. The proposed scheme is considered to be safe from various type of attack and it can be implemented with no additional operation time and small area overhead which is less than 3%.

• Journal of KIISE:Computer Systems and Theory
• /
• v.26 no.7
• /
• pp.743-751
• /
• 1999

공개키 암호 시스템에서 모듈러 지수 연산은 주된 연산으로, 이 연산은 내부적으로 모듈러 곱셈을 반복적으로 수행함으로써 계산된다. 본 논문에서는 GF(2m)상에서 수행할 수 있는 Montgomery 알고리즘을 분석하여 right-to-left 방식의 모듈러 지수 연산에서 공통으로 계산 가능한 부분을 이용하여 모듈러 제곱과 모듈러 곱셈을 동시에 수행하는 선형 시스톨릭 어레이를 설계한다. 본 논문에서 설계한 시스톨릭 어레이는 기존의 곱셈기보다 모듈러 지수 연산시 약 0.67배 처리속도 향상을 가진다. 그리고, VLSI 칩과 같은 하드웨어로 구현함으로써 IC 카드에 이용될 수 있다.Abstract One of the main operations for the public key cryptographic system is the modular exponentiation, it is computed by performing the repetitive modular multiplications. In this paper, we analyze Montgomery's algorithm and design a linear systolic array to perform modular multiplication and modular squaring simultaneously. It is done by using common-multiplicand modular multiplication in the right-to-left modular exponentiation over GF(2m). The systolic array presented in this paper improves about 0.67 times than existing multipliers for performing the modular exponentiation. It could be designed on VLSI hardware and used in IC cards.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.2
• /
• pp.33-41
• /
• 2010

Many experimental results shows that RSA-CRT algorithm can be broken by fault analysis attacks. We analyzed the previous fault attacks and their countermeasures on RSA-CRT algorithm and found an weakness of the countermeasure proposed by Abid and Wang. Based on these analyses, we propose a new countermeasure which uses both double exponentiation and fault infective computation method. The proposed method efficiently computes a fault verification information using double exponentiation. And, it is designed to resist simple power analysis attack and (N-1) attack.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.44 no.8
• /
• pp.30-37
• /
• 2007

An exponentiation in $GF(2^m)$ is a basic operation for several algorithms used in cryptography, digital signal processing, error-correction code and so on. Existing hardware implementations for the exponentiation operation organize by Right-to-Left method since a merit of parallel circuit. Our paper proposes a polynomial exponentiation structure with a trinomial that is organized by Left-to-Right method and that utilizes a weakly dual basis. The basic idea of our method is to decrease time delay using precomputation tables because one of two inputs in the Left-to-Right method is fixed. Since $T_{sqr}$ (squarer time delay) + $T_{mul}$(multiplier time delay) of ow method is smaller than $T_{mul}$ of existing methods, our method reduces time delays of existing Left-to-Right and Right-to-Left methods by each 17%, 10% for $x^m+x+1$ (irreducible polynomial), by each 21%, 9% $x^m+x^k+1(1, by each 15%, 1% for $x^m+x^{m/2}+1$.

• Journal of KIISE:Computer Systems and Theory
• /
• v.34 no.3
• /
• pp.93-100
• /
• 2007

Since Koblitz and Miller suggested the use of elliptic curves in cryptography, there has been an extensive literature on elliptic curve cryptosystem (ECC). The use of ECC is based on the observation that the points on an elliptic curve form an additive group under point addition operation. To realize secure cryptosystems using these groups, it is very important to find an elliptic curve whose group order is divisible by a large prime, and also to find a base point whose order equals this prime. While there have been many dramatic improvements on finding an elliptic curve and computing its group order efficiently, there are not many results on finding an adequate base point for a given curve. In this paper, we propose an efficient method to find a random base point on an elliptic curve defined over $GF(p^m)$. We first show that the critical operation in finding a base point is exponentiation. Then we present efficient algorithms to accelerate exponentiation in $GF(p^m)$. Finally, we implement our algorithms and give experimental results on various practical elliptic curves, which show that the new algorithms make the process of searching for a base point 1.62-6.55 times faster, compared to the searching algorithm based on the binary exponentiation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.2
• /
• pp.73-92
• /
• 1997

A modular exponentiation( E$M^{$=varepsilon$}$mod N) is one of the most important operations in Public-key cryptography. However, it takes much time because the modular exponentiation deals with very large operands as 512-bit integers. Modular exponentiation is composed of repetition of modular multiplications, and the number of repetition is the same as the length of the addition-chain of the exponent(E). Therefore, we can reduce the execution time of modular exponentiation by finding shorter addition-chain(i.e. reducing the number of repetitions) or by reducing the execution time of each modular multiplication. In this paper, we propose an addition-chain heuristics and two fast modular multiplication algorithms. Of two modular multiplication algorithms, one is for modular multiplication between different integers, and the other is for modular squaring. The proposed addition-chain heuristics finds the shortest addition-chain among exisiting algorithms. Two proposed modular multiplication algorithms require single-precision multiplications fewer than 1/2 times of those required for previous algorithms. Implementing on PC, proposed algorithms reduce execution times by 30-50% compared with the Montgomery algorithm, which is the best among previous algorithms.

• Bulletin of the Korean Mathematical Society
• /
• v.26 no.2
• /
• pp.179-184
• /
• 1989

• IEMEK Journal of Embedded Systems and Applications
• /
• v.7 no.2
• /
• pp.79-84
• /
• 2012

Efficient arithmetic design is essential to implement error correcting codes and cryptographic applications over finite fields. This article presents an efficient $AB^2$ multiplier in GF($2^m$) using a polynomial representation. The proposed multiplier produces the result in m clock cycles with a propagation delay of two AND gates and two XOR gates using O($2^m$) area-time complexity. The proposed multiplier is highly modular, and consists of regular blocks of AND and XOR logic gates. Especially, exponentiation, inversion, and division are more efficiently implemented by applying $AB^2$ multiplication repeatedly rather than AB multiplication. As compared to related works, the proposed multiplier has lower area-time complexity, computational delay, and execution time and is well suited to VLSI implementation.