CN104683094B - 用于rsa密码的蒙哥马利阶梯算法 - Google Patents

用于rsa密码的蒙哥马利阶梯算法 Download PDF

Info

Publication number
CN104683094B
CN104683094B CN201310627737.1A CN201310627737A CN104683094B CN 104683094 B CN104683094 B CN 104683094B CN 201310627737 A CN201310627737 A CN 201310627737A CN 104683094 B CN104683094 B CN 104683094B
Authority
CN
China
Prior art keywords
tmp
rsa cryptosystem
modn
mod
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310627737.1A
Other languages
English (en)
Other versions
CN104683094A (zh
Inventor
顾海华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Huahong Integrated Circuit Co Ltd
Original Assignee
Shanghai Huahong Integrated Circuit Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Huahong Integrated Circuit Co Ltd filed Critical Shanghai Huahong Integrated Circuit Co Ltd
Priority to CN201310627737.1A priority Critical patent/CN104683094B/zh
Publication of CN104683094A publication Critical patent/CN104683094A/zh
Application granted granted Critical
Publication of CN104683094B publication Critical patent/CN104683094B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Pharmaceuticals Containing Other Organic And Inorganic Compounds (AREA)
  • Complex Calculations (AREA)

Abstract

模密gkmod N是RSA密码中的核心运算,本发明公开了一种用于RSA密码的蒙哥马利阶梯算法。对于k的每一比特,这种算法把原来的两次模运算降为一次模运算。从而提高了模密的运算速度。适用于计算RSA密码中的核心运算—模密。

Description

用于RSA密码的蒙哥马利阶梯算法
技术领域
本发明涉及密码学领域,特别是涉及一种用于RSA密码的蒙哥马利阶梯算法。
背景技术
目前,蒙哥马利算法是计算RSA密码模密运算gkmod N的常用方法,其步骤如下:
步骤1,求ki,满足k=km-12m-1+…+k0,其中ki=0或1,且km-1≠0;
步骤2,R[0]=1,R[1]=g;
步骤3,i从m-1到0循环:
步骤3.1,如果ki=0,
那么R[2]=(R[0])2modN,R[1]=(R[0]·R[1])modN;
步骤3.2,如果ki=1,
那么R[2]=(R[0]·R[1])modN,R[1]=(R[1])2modN;
步骤3.3,R[0]=R[2];
步骤4,输出R[0]。
以上方法的不足在于:它对于k的每一比特,需要计算两次模(mod)运算。而模运算相对于整数运算更耗时。
发明内容
本发明要解决的技术问题是提供一种用于RSA密码的蒙哥马利阶梯算法,能够提高现有蒙哥马利阶梯算法的计算速度,从而加快RSA密码的运算效率。
为解决上述技术问题,本发明用于RSA密码的蒙哥马利阶梯算法,包括如下步骤:
步骤1,求ki,满足k=kn-14n-1+…+k0,其中ki=0,1,2或3,且kn-1≠0;
步骤2,R[0]=1,R[1]=g;
步骤3,i从n-1到0循环:
步骤3.1,如果ki=0,那么tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],R[2]=(tmp[0])2modN,R[1]=(tmp[0]·tmp[1])modN;
步骤3.2,如果ki=1,那么tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN;
步骤3.3,如果ki=2,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,R[2]=(tmp[0])2modN,R[1]=(tmp[0]·tmp[1])modN;
步骤3.4,如果ki=3,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN;
步骤3.5,R[0]=R[2];
步骤4,输出R[0]。
其中,(R[0])2,R[0]·R[1],(R[1])2是整数运算。指数k表示成4进制。
本发明给出了一个新的蒙哥马利阶梯算法来计算RSA密码中的核心运算-模密,由于整数乘法和整数平方运算比模乘和模平方更快,从而使得对于k的每一比特,由原来的两次模运算降为一次模运算。因此,这种新算法比现有蒙哥马利阶梯算法具有更快的速度。
附图说明
下面结合附图与具体实施方式对本发明作进一步详细的说明:
图1是在模密运算过程中使用本发明的流程图。
具体实施方式
结合图1所示,该附图是在模密运算过程中使用所述用于RSA密码的蒙哥马利阶梯算法的流程图,具体步骤如下:
步骤1,输入k和g;
步骤2,计算ki
步骤3,R[0]=1,R[1]=g,i=n-1;
步骤4,判断i>=0?,如果等于0,则输出R[0];否则,执行步骤5;
步骤5,判断ki=0?,如果等于0,则
tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],R[2]=(tmp[0])2modN,R[1]=(tmp[0]·tmp[1])modN;然后转移到步骤9;否则,执行步骤6;
步骤6,判断ki=1?,如果等于0,则
tmp[0]=(R[0])2
tmp[1]=R[0]·R[1],
R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN;然后转移到步骤9;否则,执行步骤7。
步骤7,判断ki=2?,如果等于2,则
tmp[0]=R[0]·R[1],
tmp[1]=(R[1])2
R[2]=(tmp[0])2modN,
R[1]=(tmp[0]·tmp[1])modN,然后转移到步骤9;否则执行步骤8。
步骤8,判断ki=3?,如果等于3,则
tmp[0]=R[0]·R[1],
tmp[1]=(R[1])2
R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN,然后执行步骤9。
步骤9,i←i-1,然后转移至步骤4。
下面,进一步说明本发明的具体实施细节。
N=7844103651472139353500897627513236177223729383550446115890824016199874550353399888692431053926758232577661145918249360488279699940909399191912440869790789242917484354747420404045764981210058112424867407031733075699511955240700843477065568146431093407939743325383847951189809041095408362722387032885027924653,
g=3952982090803682138952985280395553277586041344278685283725181054322498056080681442189084121119941942692918513836540129946425933712332163837819789261046967999995275928215512917579451667364657697097436928961110862934908708253490613228213129193009241870267437246733152037377237070645975842946668857598054978633,
k=11。则n=2,k0=3,k1=2。
R[0]=1
R[1]=3952982090803682138952985280395553277586041344278685283725181054322498056080681442189084121119941942692918513836540129946425933712332163837819789261046967999995275928215512917579451667364657697097436928961110862934908708253490613228213129193009241870267437246733152037377237070645975842946668857598054978633,
当i=n-1=1时:
tmp[0]=3952982090803682138952985280395553277586041344278685283725181054322498056080681442189084121119941942692918513836540129946425933712332163837819789261046967999995275928215512917579451667364657697097436928961110862934908708253490613228213129193009241870267437246733152037377237070645975842946668857598054978633,
tmp[1]=5586094300043973494811854288928343275968517018669251789174561663885052158376219650790666954140747525131895117870102447257767084530338627712345024122391627076308627602404619859749813972609671568887425736294876364987236546791990511400885540151141430903394302734165139160675316446210920741387688248417587847225,
R[2]=5586094300043973494811854288928343275968517018669251789174561663885052158376219650790666954140747525131895117870102447257767084530338627712345024122391627076308627602404619859749813972609671568887425736294876364987236546791990511400885540151141430903394302734165139160675316446210920741387688248417587847225,
R[1]=4236496415172284103028768668688349412904933962930713016825115702263227115327820957233311275499579665654100494154494592760509482182620210879939962722292674683971554182742092247251364552325114048061740718976146703129219671160832402715071663153670377546824788430885686203701483532482784278723661193401913848264,
当i=0时
tmp[0]=3314210524738639909576455635998944460401196588522028237513332030245958958258340446075262818192218033946159546324655349558750036534839674421329016382272175546465317601703727655182256681548071343685594515037716764316920450394746527754030262058827175626684006140267629414825427233100190948609607875718220600692,
tmp[1]=4895094280707149087758136161772685786389508220756552491262762126601556499776452427563477157927975740422703033943786322670705095015043202696807146860401120570428925644276588512227211900047494649410354439094010956813080460438968729019845738117079393125171030731178089854404767024463249681902860310872373776872,
R[2]=734879665100288537801601491289284742124356248051830231792549302409057182251327008685688823808404734685978948337406340985497557168826965858840677565486743414356753235144464955187708522399904054663289496293491196257460108383247960418032635161179217424877900514387978175243034284287780489064451895347207691916,
R[1]=2892022227747990769695482588236505148588556311562340583432109623440056129254418946566404605085195489344830587872775312803034220405374697233559040535860840221110880231523310695749267352610011039728953587498493498965353115167417422426185053477840735008296144441188239311873221172756749352685180683673288196181,
于是
R[0]=734879665100288537801601491289284742124356248051830231792549302409057182251327008685688823808404734685978948337406340985497557168826965858840677565486743414356753235144464955187708522399904054663289496293491196257460108383247960418032635161179217424877900514387978175243034284287780489064451895347207691916,
即g^k mod N=734879665100288537801601491289284742124356248051830231792549302409057182251327008685688823808404734685978948337406340985497557168826965858840677565486743414356753235144464955187708522399904054663289496293491196257460108383247960418032635161179217424877900514387978175243034284287780489064451895347207691916。
以上通过实施例,对本发明进行了详细的说明,但本发明的保护范围不限于所述的实施例。在不脱离本发明原理的情况下,本领域技术人员还可做出许多变形和改进,这些也应视为本发明的保护范围。

Claims (4)

1.一种用于RSA密码的蒙哥马利阶梯算法,其特征在于,包括如下步骤:
步骤1,求ki,满足k=kn-14n-1+…+k0,其中ki=0,1,2或3,且kn-1≠0;
步骤2,R[0]=1,R[1]=g;
步骤3,i从n-1到0循环:
步骤3.1,如果ki=0,那么tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],
R[2]=(tmp[0])2mod N,R[1]=(tmp[0]·tmp[1])mod N;
步骤3.2,如果ki=1,那么
tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],
R[2]=(tmp[0]·tmp[1])mod N,R[1]=(tmp[1])2mod N;
步骤3.3,如果ki=2,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,
R[2]=(tmp[0])2mod N,R[1]=(tmp[0]·tmp[1])mod N;
步骤3.4,如果ki=3,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,
R[2]=(tmp[0]·tmp[1])mod N,R[1]=(tmp[1])2mod N;
步骤3.5,R[0]=R[2];
步骤4,输出R[0]。
2.如权利要求1所述的蒙哥马利阶梯算法,其特征在于:步骤1中指数k表示成4进制。
3.如权利要求1所述的蒙哥马利阶梯算法,其特征在于:步骤3.1、步骤3.2中的(R[0])2和R[0]R[1]是整数运算。
4.如权利要求1所述的蒙哥马利阶梯算法,其特征在于:步骤3.3、步骤3.4中的R[0]·R[1]和(R[1])2是整数运算。
CN201310627737.1A 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法 Active CN104683094B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310627737.1A CN104683094B (zh) 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310627737.1A CN104683094B (zh) 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法

Publications (2)

Publication Number Publication Date
CN104683094A CN104683094A (zh) 2015-06-03
CN104683094B true CN104683094B (zh) 2018-10-26

Family

ID=53317728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310627737.1A Active CN104683094B (zh) 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法

Country Status (1)

Country Link
CN (1) CN104683094B (zh)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1786900A (zh) * 2005-10-28 2006-06-14 清华大学 基于改进的蒙哥马利算法的模乘器
CN101599828A (zh) * 2009-06-17 2009-12-09 刘霁中 一种高效的rsa加解密方法及其协处理器
CN103226461A (zh) * 2013-03-26 2013-07-31 中山大学 一种蒙哥马利模乘方法及其电路

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8859209B2 (en) * 2006-01-12 2014-10-14 Carviar Aps Reimmunization and antibody design
KR20140053822A (ko) * 2010-12-03 2014-05-08 유티믹스 바이오사이언스 인코포레이티드 (+)-1-(3,4-디클로로페닐)-3-아자비시클로[3.1.0]헥산의 제조방법 및 모노아민 신경전달물질에 의해 영향을 받는 병태를 치료하기 위한 용도

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1786900A (zh) * 2005-10-28 2006-06-14 清华大学 基于改进的蒙哥马利算法的模乘器
CN101599828A (zh) * 2009-06-17 2009-12-09 刘霁中 一种高效的rsa加解密方法及其协处理器
CN103226461A (zh) * 2013-03-26 2013-07-31 中山大学 一种蒙哥马利模乘方法及其电路

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
一种改进的RSA模幂乘算法;王慧等;《网络安全技术与应用》;20080615;第85-86页 *
改进的RSA算法在数字签名中的应用;肖振久等;《计算机工程与应用》;20130118;第106-109页 *

Also Published As

Publication number Publication date
CN104683094A (zh) 2015-06-03

Similar Documents

Publication Publication Date Title
CN103942031A (zh) 椭圆域曲线运算方法和椭圆域曲线运算器
CN103078732B (zh) 一种素域椭圆曲线加密的点乘加速电路
CN102306091B (zh) 椭圆曲线点乘硬件快速实现方法
Zhao et al. Ultra high-speed SM2 ASIC implementation
CN102868532B (zh) 基于可重构技术的加解密算法中基本算子的提取方法
CN104184578A (zh) 一种基于fpga的椭圆曲线标量乘法加速电路及其算法
CN102109974A (zh) 适用于椭圆曲线密码安全保护的随机点生成方法
Qing-Hai et al. Research on design principles of elliptic curve public key cryptography and its implementation
MY187024A (en) Isis-based flooding method and device
CN104683094B (zh) 用于rsa密码的蒙哥马利阶梯算法
CN103229465A (zh) 一种发送报文的方法和设备
CN106909339A (zh) 一种基于二叉树结构的有限域乘法器
CN107885486A (zh) 一种基于查找树的复合有限域求逆装置
CN104462023B (zh) 基于mapreduce框架的超大规模稀疏矩阵乘法运算的方法
CN108228138A (zh) 一种sidh中特殊域快速模乘的方法
CN105094746A (zh) 一种椭圆曲线密码的点加/点倍的实现方法
Zhang et al. Fast symmetric pairing revisited
US20150067011A1 (en) Finite field inverter
Al Musa et al. Fast scalar multiplication for elliptic curves over binary fields by efficiently computable formulas
Akyıldız et al. An overview of trace based public key cryptography over finite fields
Zhao et al. Exploring the speed limit of SM2
CN112134704A (zh) 一种sm2性能优化实现方法
CN106712949A (zh) 一种基于Montgomery的分段计算标量乘方法
CN104917634A (zh) 一种路由器卡时钟频率确定方法及装置
Heyman Pairwise non-coprimality of triples

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant