Systematic Design of RSA Processors Based on High-Radix
Montgomery Multipliers
ABSTRACT:
This paper presents a systematic design approach to provide the optimized Rivest–
Shamir–Adleman (RSA) processors based on high-radix Montgomery multipliers satisfying
various user requirements, such as circuit area, operating time, and resistance against sidechannel attacks. In order to involve the tradeoff between the performance and the resistance,
we apply four types of exponentiation algorithms: two variants of the binary method
with/without Chinese Remainder Theorem (CRT). We also introduce three multiplier-based
datapath-architectures using different intermediate data forms: 1) single form, 2) semi carrysave form, and 3) carry-save form, and combined them with a wide variety of arithmetic
components. Their radices are parameterized from 28 to 2128 A total of 242 datapaths for 1024bit RSA processors were obtained for each radix. The potential of the proposed approach is
demonstrated through an experimental synthesis of all possible processors with a 90-nm CMOS
standard cell library. As a result, the smallest design of 861 gates with 118.47 ms/RSA to the
fastest design of 0.67 ms/RSA at 153 862 gates were obtained. In addition, the use of the CRT
technique reduced the RSA operation time of the fastest design to 0.24 ms. Even if we
employed the exponentiation algorithm resistant to typical side-channel attacks, the fastest
design can perform the RSA operation in less than 1.0 ms.
Key-Words: Application-specific integrated circuit (ASIC) implementation, high-radix
Montgomery multiplication, Rivest–Shamir–Adleman (RSA) cryptosystem.
INTRODUCTION:
CRYPTOGRAPHIC modules are now mounted on many embedded systems, such as smart cards
and digital consumer electronics, and are used to ensure the protection of privacy and
confidential information in communication. The encryption/ decryption process usually
requires a large amount of arithmetic operations with very large operands. In particular, Rivest–
Shamir–Adleman (RSA) cryptosystem usually performs modular exponentiation using operands
longer than 1000 bits. Modular exponentiation is performed by repeating modular
multiplication and squaring operations, and thus optimization of modular multiplication is
essential in order to achieve high-performance RSA cryptosystem designs. The Montgomery
multiplication algorithm, which does not require trial division, is widely used for practical
hardware and software implementations because of its high speed capability. Many
computational techniques and hardware architectures have been proposed for Montgomery
multiplication. Among them, the radix-2 algorithms proposed in [3] and [4] are primarily
VEDLABS, #112, Oxford Towers, Old airport Road, Kodihalli, Bangalore-08,
www.vedlabs.com , Email id: projects@vedlabs.com, Ph: 080-42040494.
Page 1
implemented with long -bit adders to scan the –bit operand bit-by-bit in a straightforward
manner.
BLOCK DIAGRAM:
Fig 1: RSA processor architecture
Fig. 1 shows a block diagram of our RSA processor, which consists of six components:
Multiplication Block, Sequencer Block, Memories, Data Counter, Memory Address Generator,
and Key Shift. The exponent E is set into the -bit shift register key shift. The k-bit data X and
modulus N are divided into m blocks, and are sequentially stored into Memory0. Multiplication
Block implemented with one of the three multipliers performs the multiply-addition operations
repeatedly according to the exponent bits. The read and write addresses for the data are
generated by Memory Address Generator. The iteration count and/or the data size are counted
by Data Counter. The secret key bit is fed to the Sequencer Block bit by bit from the MSB side
(or the LSB side) through the Key Shift.
The Sequencer Block performs state transition control and generates the control signals for the
datapath core. Sequencer Block has a three-level hierarchical structure. Level-1 supports lowlevel functions, such as basic modular arithmetic, Montgomery multiplication, as well as pre-
VEDLABS, #112, Oxford Towers, Old airport Road, Kodihalli, Bangalore-08,
www.vedlabs.com , Email id: projects@vedlabs.com, Ph: 080-42040494.
Page 2
processing and post-processing for Montgomery multiplication. Level-2 executes one of the
modular exponentiation. The highest level, Level-3, supports RSA operations including CRT.
Input-output processing is also supported in this hierarchy. Our architecture has a clearly
separated control structure and thus it is easy to design and modify the logic due to its high
flexibility for functional extensions.
HARDWARE AND SOFTWARE REQUIREMENTS:
Software Requirement Specification:

Operating System: Windows XP with SP2

Synthesis Tool: Xilinx 12.2.

Simulation Tool: Modelsim6.3c.
Hardware Requirement specification:

Minimum Intel Pentium IV Processor

Primary memory: 2 GB RAM,

Spartan III FPGA

Xilinx Spartan III FPGA development board

JTAG cable, Power supply
REFERENCES:
[1] R. L. Rivest, A. Shamir, and L. Adliman, “A method for obtaining digital signatures and publickey crypto systems,” Commun. ACM, vol. 21, no. 2, pp. 120–126, Feb. 1978.
[2] P. L. Montgomery, “Modular multiplication without trial division,” Math. Comput., vol. 44,
no. 170, pp. 519–521, Apr. 1985.
[3] A. Daly and W. Marnane, “Efficient architectures for implementing Montgomery modular
multiplication and RSA modular exponentiation on reconfigurable logic,” in Proc. ACM/SIGDA
10th Int. Symp. On Field-Program. Gate Arrays, Nov. 2002, pp. 40–49
[4] C. McIvor, M. McLoone, J. McCanny, A. Daly, and W. Marnane, “Fast Montgomery modular
multiplication and RSA cryptographic processor architectures,” in Proc. 37th Annu. Asilomar
Conf. Signals, Syst. Comput., Nov. 2003, pp. 379–384.
VEDLABS, #112, Oxford Towers, Old airport Road, Kodihalli, Bangalore-08,
www.vedlabs.com , Email id: projects@vedlabs.com, Ph: 080-42040494.
Page 3
[5] F. Crowe, A. Daly, and W. Marnane, “A scalable dual mode arithmetic unit for public key
cryptosystems,” in Proc. IEEE Int. Conf. Inf. Technol.: Coding Comput. (ITCC), Apr. 2005, pp. 568
573.
VEDLABS, #112, Oxford Towers, Old airport Road, Kodihalli, Bangalore-08,
www.vedlabs.com , Email id: projects@vedlabs.com, Ph: 080-42040494.
Page 4