CN104683094B - 用于rsa密码的蒙哥马利阶梯算法 - Google Patents

用于rsa密码的蒙哥马利阶梯算法 Download PDF

Info

Publication number
CN104683094B
CN104683094B CN201310627737.1A CN201310627737A CN104683094B CN 104683094 B CN104683094 B CN 104683094B CN 201310627737 A CN201310627737 A CN 201310627737A CN 104683094 B CN104683094 B CN 104683094B
Authority
CN
China
Prior art keywords
tmp
rsa cryptosystem
modn
mod
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310627737.1A
Other languages
English (en)
Other versions
CN104683094A (zh
Inventor
顾海华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Huahong Integrated Circuit Co Ltd
Original Assignee
Shanghai Huahong Integrated Circuit Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Huahong Integrated Circuit Co Ltd filed Critical Shanghai Huahong Integrated Circuit Co Ltd
Priority to CN201310627737.1A priority Critical patent/CN104683094B/zh
Publication of CN104683094A publication Critical patent/CN104683094A/zh
Application granted granted Critical
Publication of CN104683094B publication Critical patent/CN104683094B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Complex Calculations (AREA)
  • Pharmaceuticals Containing Other Organic And Inorganic Compounds (AREA)

Abstract

模密gkmod N是RSA密码中的核心运算,本发明公开了一种用于RSA密码的蒙哥马利阶梯算法。对于k的每一比特,这种算法把原来的两次模运算降为一次模运算。从而提高了模密的运算速度。适用于计算RSA密码中的核心运算—模密。

Description

用于RSA密码的蒙哥马利阶梯算法
技术领域
本发明涉及密码学领域,特别是涉及一种用于RSA密码的蒙哥马利阶梯算法。
背景技术
目前,蒙哥马利算法是计算RSA密码模密运算gkmod N的常用方法,其步骤如下:
步骤1,求ki,满足k=km-12m-1+…+k0,其中ki=0或1,且km-1≠0;
步骤2,R[0]=1,R[1]=g;
步骤3,i从m-1到0循环:
步骤3.1,如果ki=0,
那么R[2]=(R[0])2modN,R[1]=(R[0]·R[1])modN;
步骤3.2,如果ki=1,
那么R[2]=(R[0]·R[1])modN,R[1]=(R[1])2modN;
步骤3.3,R[0]=R[2];
步骤4,输出R[0]。
以上方法的不足在于:它对于k的每一比特,需要计算两次模(mod)运算。而模运算相对于整数运算更耗时。
发明内容
本发明要解决的技术问题是提供一种用于RSA密码的蒙哥马利阶梯算法,能够提高现有蒙哥马利阶梯算法的计算速度,从而加快RSA密码的运算效率。
为解决上述技术问题,本发明用于RSA密码的蒙哥马利阶梯算法,包括如下步骤:
步骤1,求ki,满足k=kn-14n-1+…+k0,其中ki=0,1,2或3,且kn-1≠0;
步骤2,R[0]=1,R[1]=g;
步骤3,i从n-1到0循环:
步骤3.1,如果ki=0,那么tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],R[2]=(tmp[0])2modN,R[1]=(tmp[0]·tmp[1])modN;
步骤3.2,如果ki=1,那么tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN;
步骤3.3,如果ki=2,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,R[2]=(tmp[0])2modN,R[1]=(tmp[0]·tmp[1])modN;
步骤3.4,如果ki=3,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN;
步骤3.5,R[0]=R[2];
步骤4,输出R[0]。
其中,(R[0])2,R[0]·R[1],(R[1])2是整数运算。指数k表示成4进制。
本发明给出了一个新的蒙哥马利阶梯算法来计算RSA密码中的核心运算-模密,由于整数乘法和整数平方运算比模乘和模平方更快,从而使得对于k的每一比特,由原来的两次模运算降为一次模运算。因此,这种新算法比现有蒙哥马利阶梯算法具有更快的速度。
附图说明
下面结合附图与具体实施方式对本发明作进一步详细的说明:
图1是在模密运算过程中使用本发明的流程图。
具体实施方式
结合图1所示,该附图是在模密运算过程中使用所述用于RSA密码的蒙哥马利阶梯算法的流程图,具体步骤如下:
步骤1,输入k和g;
步骤2,计算ki
步骤3,R[0]=1,R[1]=g,i=n-1;
步骤4,判断i>=0?,如果等于0,则输出R[0];否则,执行步骤5;
步骤5,判断ki=0?,如果等于0,则
tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],R[2]=(tmp[0])2modN,R[1]=(tmp[0]·tmp[1])modN;然后转移到步骤9;否则,执行步骤6;
步骤6,判断ki=1?,如果等于0,则
tmp[0]=(R[0])2
tmp[1]=R[0]·R[1],
R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN;然后转移到步骤9;否则,执行步骤7。
步骤7,判断ki=2?,如果等于2,则
tmp[0]=R[0]·R[1],
tmp[1]=(R[1])2
R[2]=(tmp[0])2modN,
R[1]=(tmp[0]·tmp[1])modN,然后转移到步骤9;否则执行步骤8。
步骤8,判断ki=3?,如果等于3,则
tmp[0]=R[0]·R[1],
tmp[1]=(R[1])2
R[2]=(tmp[0]·tmp[1])modN,R[1]=(tmp[1])2modN,然后执行步骤9。
步骤9,i←i-1,然后转移至步骤4。
下面,进一步说明本发明的具体实施细节。
N=7844103651472139353500897627513236177223729383550446115890824016199874550353399888692431053926758232577661145918249360488279699940909399191912440869790789242917484354747420404045764981210058112424867407031733075699511955240700843477065568146431093407939743325383847951189809041095408362722387032885027924653,
g=3952982090803682138952985280395553277586041344278685283725181054322498056080681442189084121119941942692918513836540129946425933712332163837819789261046967999995275928215512917579451667364657697097436928961110862934908708253490613228213129193009241870267437246733152037377237070645975842946668857598054978633,
k=11。则n=2,k0=3,k1=2。
R[0]=1
R[1]=3952982090803682138952985280395553277586041344278685283725181054322498056080681442189084121119941942692918513836540129946425933712332163837819789261046967999995275928215512917579451667364657697097436928961110862934908708253490613228213129193009241870267437246733152037377237070645975842946668857598054978633,
当i=n-1=1时:
tmp[0]=3952982090803682138952985280395553277586041344278685283725181054322498056080681442189084121119941942692918513836540129946425933712332163837819789261046967999995275928215512917579451667364657697097436928961110862934908708253490613228213129193009241870267437246733152037377237070645975842946668857598054978633,
tmp[1]=5586094300043973494811854288928343275968517018669251789174561663885052158376219650790666954140747525131895117870102447257767084530338627712345024122391627076308627602404619859749813972609671568887425736294876364987236546791990511400885540151141430903394302734165139160675316446210920741387688248417587847225,
R[2]=5586094300043973494811854288928343275968517018669251789174561663885052158376219650790666954140747525131895117870102447257767084530338627712345024122391627076308627602404619859749813972609671568887425736294876364987236546791990511400885540151141430903394302734165139160675316446210920741387688248417587847225,
R[1]=4236496415172284103028768668688349412904933962930713016825115702263227115327820957233311275499579665654100494154494592760509482182620210879939962722292674683971554182742092247251364552325114048061740718976146703129219671160832402715071663153670377546824788430885686203701483532482784278723661193401913848264,
当i=0时
tmp[0]=3314210524738639909576455635998944460401196588522028237513332030245958958258340446075262818192218033946159546324655349558750036534839674421329016382272175546465317601703727655182256681548071343685594515037716764316920450394746527754030262058827175626684006140267629414825427233100190948609607875718220600692,
tmp[1]=4895094280707149087758136161772685786389508220756552491262762126601556499776452427563477157927975740422703033943786322670705095015043202696807146860401120570428925644276588512227211900047494649410354439094010956813080460438968729019845738117079393125171030731178089854404767024463249681902860310872373776872,
R[2]=734879665100288537801601491289284742124356248051830231792549302409057182251327008685688823808404734685978948337406340985497557168826965858840677565486743414356753235144464955187708522399904054663289496293491196257460108383247960418032635161179217424877900514387978175243034284287780489064451895347207691916,
R[1]=2892022227747990769695482588236505148588556311562340583432109623440056129254418946566404605085195489344830587872775312803034220405374697233559040535860840221110880231523310695749267352610011039728953587498493498965353115167417422426185053477840735008296144441188239311873221172756749352685180683673288196181,
于是
R[0]=734879665100288537801601491289284742124356248051830231792549302409057182251327008685688823808404734685978948337406340985497557168826965858840677565486743414356753235144464955187708522399904054663289496293491196257460108383247960418032635161179217424877900514387978175243034284287780489064451895347207691916,
即g^k mod N=734879665100288537801601491289284742124356248051830231792549302409057182251327008685688823808404734685978948337406340985497557168826965858840677565486743414356753235144464955187708522399904054663289496293491196257460108383247960418032635161179217424877900514387978175243034284287780489064451895347207691916。
以上通过实施例,对本发明进行了详细的说明,但本发明的保护范围不限于所述的实施例。在不脱离本发明原理的情况下,本领域技术人员还可做出许多变形和改进,这些也应视为本发明的保护范围。

Claims (4)

1.一种用于RSA密码的蒙哥马利阶梯算法,其特征在于,包括如下步骤:
步骤1,求ki,满足k=kn-14n-1+…+k0,其中ki=0,1,2或3,且kn-1≠0;
步骤2,R[0]=1,R[1]=g;
步骤3,i从n-1到0循环:
步骤3.1,如果ki=0,那么tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],
R[2]=(tmp[0])2mod N,R[1]=(tmp[0]·tmp[1])mod N;
步骤3.2,如果ki=1,那么
tmp[0]=(R[0])2,tmp[1]=R[0]·R[1],
R[2]=(tmp[0]·tmp[1])mod N,R[1]=(tmp[1])2mod N;
步骤3.3,如果ki=2,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,
R[2]=(tmp[0])2mod N,R[1]=(tmp[0]·tmp[1])mod N;
步骤3.4,如果ki=3,那么tmp[0]=R[0]·R[1],tmp[1]=(R[1])2,
R[2]=(tmp[0]·tmp[1])mod N,R[1]=(tmp[1])2mod N;
步骤3.5,R[0]=R[2];
步骤4,输出R[0]。
2.如权利要求1所述的蒙哥马利阶梯算法,其特征在于:步骤1中指数k表示成4进制。
3.如权利要求1所述的蒙哥马利阶梯算法,其特征在于:步骤3.1、步骤3.2中的(R[0])2和R[0]R[1]是整数运算。
4.如权利要求1所述的蒙哥马利阶梯算法,其特征在于:步骤3.3、步骤3.4中的R[0]·R[1]和(R[1])2是整数运算。
CN201310627737.1A 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法 Active CN104683094B (zh)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310627737.1A CN104683094B (zh) 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310627737.1A CN104683094B (zh) 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法

Publications (2)

Publication Number Publication Date
CN104683094A CN104683094A (zh) 2015-06-03
CN104683094B true CN104683094B (zh) 2018-10-26

Family

ID=53317728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310627737.1A Active CN104683094B (zh) 2013-11-29 2013-11-29 用于rsa密码的蒙哥马利阶梯算法

Country Status (1)

Country Link
CN (1) CN104683094B (zh)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1786900A (zh) * 2005-10-28 2006-06-14 清华大学 基于改进的蒙哥马利算法的模乘器
CN101599828A (zh) * 2009-06-17 2009-12-09 刘霁中 一种高效的rsa加解密方法及其协处理器
CN103226461A (zh) * 2013-03-26 2013-07-31 中山大学 一种蒙哥马利模乘方法及其电路

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8859209B2 (en) * 2006-01-12 2014-10-14 Carviar Aps Reimmunization and antibody design
JP2013544850A (ja) * 2010-12-03 2013-12-19 ユーシミクス バイオサイエンス,インク. モノアミン神経伝達物質によって影響を受ける病態の処置における(+)−1−(3,4−ジクロロフェニル)−3−アザビシクロ[3.1.0]ヘキサンの調製および使用

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1786900A (zh) * 2005-10-28 2006-06-14 清华大学 基于改进的蒙哥马利算法的模乘器
CN101599828A (zh) * 2009-06-17 2009-12-09 刘霁中 一种高效的rsa加解密方法及其协处理器
CN103226461A (zh) * 2013-03-26 2013-07-31 中山大学 一种蒙哥马利模乘方法及其电路

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
一种改进的RSA模幂乘算法;王慧等;《网络安全技术与应用》;20080615;第85-86页 *
改进的RSA算法在数字签名中的应用;肖振久等;《计算机工程与应用》;20130118;第106-109页 *

Also Published As

Publication number Publication date
CN104683094A (zh) 2015-06-03

Similar Documents

Publication Publication Date Title
WO2015164996A1 (zh) 椭圆域曲线运算方法和椭圆域曲线运算器
Borges et al. Parallel algorithms for modular multi-exponentiation
Zhao et al. Ultra high-speed SM2 ASIC implementation
CN101599828A (zh) 一种高效的rsa加解密方法及其协处理器
Qing-Hai et al. Research on design principles of elliptic curve public key cryptography and its implementation
MY187024A (en) Isis-based flooding method and device
CN102393812A (zh) 椭圆曲线密码体制中的快速点乘算法的实现方法
CN104683094B (zh) 用于rsa密码的蒙哥马利阶梯算法
CN102291240B (zh) Sm2签名的认证方法及系统
CN104123431A (zh) 一种元素的模逆计算方法及装置
CN103645883A (zh) 基于fpga的高基模乘器
CN104462023B (zh) 基于mapreduce框架的超大规模稀疏矩阵乘法运算的方法
US20150067011A1 (en) Finite field inverter
Al Musa et al. Fast scalar multiplication for elliptic curves over binary fields by efficiently computable formulas
CN106547642A (zh) 一种数据存储备份的方法及装置
Wu et al. Modular multiplier by folding Barrett modular reduction
Zhao et al. Exploring the speed limit of SM2
CN104750457B (zh) 一种基于模幂运算的数据处理方法和装置
Mennucci An intuitive presentation of Faà di Bruno’s formula
CN103501226B (zh) 一种改进的多变量公钥签名方案
CN202720630U (zh) 除法器逻辑电路
CN103197913A (zh) 计算模幂的方法
Chuengsatiansup Kummer strikes back: new DH speed records
Somsuk et al. Possible prime modified fermat factorization: New improved integer factorization to decrease computation time for breaking rsa
Heyman Pairwise non-coprimality of triples

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant