KR100858559B1 - Method for adding and multipying redundant binary and Apparatus for adding and multipying redundant binary - Google Patents

Abstract

A method of adding a redundant binary number, a method of multiplying a redundant binary number, a redundant binary adder, and a redundant binary multiplier is disclosed.

The present invention is a multiplier of an encryption system that performs a multiplication of arbitrary redundant binary numbers X and Y when a multiplier is Y, a multiplier is X, and a modular value is M, and converts the binary values in order from the least significant bit of X. A barrel register full adder, a multiplexer for selecting any one of the Y, the M, the Y plus M, or 0 according to the bit value of the converted X, the binary value for the selected value and X Performing a first addition to generate a result of the first addition consisting of a carry value that is a binary value and an island that is a negative number, and carry a carry of the previous digit among the carry of the first addition, the island of the first addition, and the negative for X Performing a second addition that adds the number of to generate a result of the second addition consisting of a carry, which is a negative number, and an island, which is a binary value, wherein the full barrel register adds the most significant bit of X. The surplus binary adder repeats the first and second additions and converts the result of the second addition during the repetition of the first and second additions until the binary binary adder converts the binary value. And an accumulator that applies to binary values for X and negative numbers for X.

According to the present invention, it is possible to provide an adder that functions as a combiner without carry propagation, and introduces a surplus binary concept to the part performing addition of three operands that occupy most of the critical path delay time of Montgomery multiplication and newly proposed surplus. Binary adders can be used to reduce space and time complexity, simplifying the implementation of RSA cryptosystems with repeating modular multiplications and several critical building blocks of functionality in multipliers.

Description

Addition method of redundant binary, multiplication method of redundant binary, redundant binary adder and redundant binary multiplier {Method for adding and multipying redundant binary and Apparatus for adding and multipying redundant binary}

1A is a schematic block diagram of a redundant binary adder applied to the present invention.

1B is a block diagram of a multiplier of redundant binary numbers in accordance with the present invention.

FIG. 2A is a detailed block diagram of the redundant binary adder of FIG. 1A. FIG.

2B is a flowchart of operation of the redundant binary adder of FIG. 1A.

3 is a block diagram of the barrel register full adder of FIG. 1A.

4 is a detailed block diagram of an MFA applied to FIG. 3.

5 is a flowchart of a method for adding a redundant binary number according to the present invention.

6 is a flowchart of a multiplication method of a redundant binary number according to the present invention.

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to binary adders and multipliers, and more particularly, to a method of adding redundant binary numbers, a method of multiplying redundant binary numbers, a redundant binary adder, and a redundant binary multiplier in an encryption system for data security.

The RSA cryptosystem is known to most closely reflect the concept of a public key cryptosystem proposed by Diffie and Hellman. RSA cryptosystems are cryptosystems that take advantage of the difficulty of factoring very large integers and requiring a lot of time to find solutions. As a general war, the RSA cryptosystem performs modular exponential operations based on large numbers of more than 1,024 bits in order to increase the safety of the system. Since modular exponentiation consists of repeated modular multiplications, the hardware implementation of efficient modular multiplication algorithms improves the efficiency of cryptographic systems.

Among the modular multiplication algorithms, Montgomery multiplication algorithms are widely used to implement RSA cryptosystems that perform modular operations repeatedly. The Carry Save Adder (CSA) and the Redundant Binary Adder (RBA) are presented to efficiently perform the addition of the three operands that have the greatest influence on the clock cycles that determine the operation speed in the Montgomery multiplication algorithm. It became. The CSA method preserves the output carry C and the sum S in the form (C, S) for use as the input value of the next multiplication. In this case, an additional register is needed to store the carry, but it is not suitable for high speed operation because no addition is performed.

The RSA cryptosystem, a representative public key cryptosystem, is more stable in proportion to the length of the key, but the computation speed is relatively slow. Modular exponential operation, which is the main operation, consists of repeated modular multiplication, so the design of a fast modular multiplication algorithm is the focus of research in this field.

However, since a conventional multiplier needs to use a combiner to use the result of multiplication as an input value of the next multiplication, the space complexity in hardware design is inevitably increased, and the time complexity increases.

The first technical problem to be achieved by the present invention is to provide an adder functioning as a combiner without carry propagation in the encryption system, and to provide a method for adding redundant binary numbers that can reduce space complexity and time complexity.

The second technical task of the present invention is to introduce a redundant binary concept to the part of the addition of three operands that occupy most of the critical path delay time of Montgomery multiplication, and to use the newly proposed redundant binary adder to solve the spatial and temporal complexity. The present invention provides an RSA cryptosystem with repeatable modular multiplication and a redundant binary multiplication method that allows simple implementation of multiple systems, which are important building blocks of functionality in multipliers.

The third technical problem to be achieved by the present invention is to provide a redundant binary adder to which the method of adding a redundant binary number is applied.

The fourth technical problem to be achieved by the present invention is to provide a redundant binary multiplier to which the multiplication method of the redundant binary numbers is applied.

In order to achieve the first technical problem, the present invention provides a method for adding an encryption system using a logical gate of any redundant binary numbers X, Y, and Z, and adding a redundant binary number for X and a binary value for Y. Performing a first addition to generate a result of the first addition comprising a carry value of a binary value and an island of a negative number; and a carry of a previous position among the carry of the first addition, the island of the first addition, and the Z. And performing a second addition by adding a negative number to generate a result of the second addition comprising a carry as a negative number and an island as a binary value.

In order to achieve the second technical problem, the present invention, in the multiplication method of the encryption system using a logic gate of any redundant binary X, Y when the multiplier is Y, the multiplier is X, the modular value M, the X Converting to a binary value in order from the least significant bit of, selecting one of the Y, the M, the Y plus M, or 0 according to the converted bit value of X, the selected value and the Performing a first addition on the binary value for X to generate a result of the first addition consisting of a carry value, which is a binary value, and an island with a negative number, and a carry of a previous position among the carry of the first addition, and the first addition. Performing a second addition that adds an island of and a negative number for X to generate a result of the second addition consisting of a carry, which is a negative number, and an island, which is a binary value; Applying the result of the second addition the number of notes on the binary value and the X relative to the X, and provides the multiplication method of the surplus, it characterized in that the binary number to repeat performing the above process.

In order to achieve the third technical problem, the present invention provides an adder of an encryption system that performs addition of arbitrary redundant binary numbers X, Y, and Z, and includes: a first value of adding a redundant binary number for X and a binary value for Y; A first addition block for generating a result of the first addition consisting of a carry as a binary value and an island with a negative number, and a carry of a previous position among the carry of the first add, the island of the first add and the Z A second binary adder including a second addition block that generates a result of the second addition consisting of a carry of a negative number and an island of a binary value is performed by performing a second addition that adds a negative number to.

In order to achieve the fourth technical problem, the present invention provides a multiplier of an encryption system that performs a multiplication of an arbitrary redundant binary number X and Y when a multiplier is Y, a multiplier is X, and a modular value is M. A barrel register full adder for converting from the least significant bit to a binary value sequentially, a multiplexer for selecting any one of the Y, the M, the sum of Y and M, or 0 according to the bit value of the converted X, the selected value And performing a first addition on the binary value for X to generate a result of the first addition comprising a carry value, which is a binary value, and an island having a negative number, and carry the first position of the carry of the first addition, the first carry. Performing a second addition that adds an island of addition and a negative number for the X to produce a result of the second addition consisting of a carry of negative number and an island of binary value, the barrel The redundant binary adder and the first and second additions repeating the redundant binary adder repeatedly performing the first and second additions until a register full adder converts the most significant bit of the X into a binary value. A redundant binary multiplier comprising an accumulator that applies the result of the second addition to the binary value for X and the negative number for X during execution.

In the present invention, a new addition rule is applied to reconstruct a redundant binary adder (RBA) logic structure to improve efficiency. In addition, the redundant binary adder (NRBA) according to the present invention is designed to perform the role of the combiner as well as the addition of the main operation. Therefore, the problem of increasing space complexity can be solved.

The present invention uses a Carry Save Adder (CSA) and a Redundant Binary Adder (RBA) to efficiently add the three operands that have the greatest influence on the clock cycle in the Montgomery multiplication algorithm. to provide.

In the present invention, we design a new redundant binary adder (NRBA) and apply it to the Montgomery multiplication algorithm. In addition, the present invention can provide a faster RSA cryptosystem using the Montgomery multiplication algorithm designed as such.

The present invention is based on the conventional 4-2 CSA Montgomery multiplication structure. At this time, the 4-2 CSA is replaced by a redundant binary adder (NRBA) incorporating a new addition rule. As a result, the input value consists of the redundant binary numbers X, Y and binary M, and the output value becomes the redundant binary A. In addition, the barrel register full adder used to accurately calculate the Xi value for determining whether to add Y is replaced by the barrel register full adder (MBRFA) according to the present invention.

4-2 The CSA Montgomery multiply structure computes and stores the addition of the input values Y and M before the recursive syntax begins. The barrel register full adder uses the FA from the least significant bit of X, represented by the carry and island, to produce the correct Xi value. Partial result and addition are performed by selecting from Y + M, Y, M, and 0 according to Xi value and ui = (ac0 + as0) + Xi * y0 mod2 value. The final result is output in Cary Ac and Island As.

을 이용하여 수학식 1을 통해 몽고메리 도메인의 원소인 X,Y로 변환시킨다.The structure of the Montgomery multiplier is In the following, it is assumed that M is n-bit modulus. To perform Montgomery multiplication on integers U and V less than a given M

Using Equation 1 is converted into X, Y elements of the Montgomery domain.

X = U × R (mod M), Y = V × R (mod M),

을 모듈러 M에 대하여 R의 역원이라 할 때, X,Y의 몽고메리 곱셈은 수학식 2와 같이 정의한다.

When is the inverse of R with respect to the modular M, Montgomery multiplication of X, Y is defined as in Equation 2.

Mont(X,Y)=X×Y× = U×V×R(mod M)

Mont (X, Y) = X × Y × = U × V × R (mod M)

Given that the multiplication is performed only once, the complexity of this process is higher than that of the general multiplication. However, Montgomery multiplication is efficient in environments that require iterative modular multiplication, such as exponential multiplication in RSA cryptosystems. Montgomery multiplication algorithms can be configured more efficiently for exponential power operations. Since the comparison operation and the subtraction performed by the Montgomery multiplication algorithm occupy a large amount of calculation, it can be removed by replacing the range of X and Y with the conventional 0≤X, Y <M from 0≤X, Y <2M. This makes the input and output values the same size, so that the output value can be repeated by the input value of the next step.

The modified Montgomery multiplication algorithm (hereinafter referred to as "Algorithm 1") is as follows.

을 0이라 하고 반복 연산을 한 번 더 수행한다. 반복 연산이 두 번 더 수행되지만 곱셈기의 구성상 종래 방법보다 효율적이다. 또한 Y를 한 비트 늘려 최하위 비트를 0으로 만들어 반복 연산을 한 번 더 수행함으로써 몽고메리 곱셈 알고리즘의

의 연산을 보다 간단히 수행할 수 있다.Therefore, X and Y become n + 1 bits increased by one bit, and repeat operation increases. Most significant bit of X to make the intermediate result A size 0≤A <2M

Is 0 and repeat operation is performed once more. The iterative operation is performed twice but is more efficient than the conventional method due to the construction of the multiplier. In addition, by increasing Y by one bit to make the least significant bit zero, iterates one more iteration of the Montgomery multiplication algorithm.

The operation of can be done more simply.

에서 세 연산자의 덧셈과정에서 발생하는 캐리 전파를 처리하는 과정이 알고리즘 지연 시간의 대부분을 차지한다.The critical path delay time of the modified Montgomery multiplication algorithm results from the operation of the three operands.

In Carrier propagation, which takes place during the addition of the three operators, takes most of the algorithm delay time.

As shown in Equation 3, the addition of the three input values of Step 2.2 in Algorithm 1 occupies the largest part of Algorithm 1's time complexity. However, this problem can be efficiently performed using CSA or redundant binary adder (RBA).

, 합:

)을 출력하는 덧셈기인 CSA를 이용한 방법이다.

의 연산 결과는 CSA를 이용하여 캐리

와 합

으로 나타낼 수 있고,

는 다음 곱셈의 입력으로 사용되므로 Y 또한

으로 표현 한다. 따라서

의 연산은

를 X의 i번째 비트라 할 때

으로 나타낼 수 있으므로 다섯 개의 입력 값과 두 개의 출력 값을 갖는 McIvor의 1 방법이 된다. The first solution is to add over three input values and carry two values (Carry:

, Sum:

It is a method using CSA, which is an adder that outputs.

The result of the operation is carried using CSA

Sum with

Can be represented as

Is used as the input for the next multiplication, so Y is

Express as therefore

The operation of

Is the i th bit of X

This is McIvor's 1 method with five input values and two output values.

의 연산에서

와

의 값에 따라 덧셈에 필요한 피 연산자의 조합은 달라진다.

인 경우 단지

의 연산이 되고

인 경우

의 연산이 되며

의 경우

의 연산이 된다. 하지만

의 경우 다섯 개의 피 연산자로 구성된

의 연산을 수행하게 된다. 피 연산자의 항의 개수가 증가하는 문제점을 해결하기 위하여 사전 연산을 통해 그림 1과 같이 항의 개수를 줄인 McIvor의 2 방법이 제안되었다. 곱셈이 시작하기 전 사전 연산을 통하여

의 연산을 수행하고 그 결과 캐리

와 합

를 저장한 후

를 이용하여

와

의 경우에 선택적으로 사용하는 방법이다.

In the operation of

Wow

The combination of operands for addition depends on the value of.

If just

Is the operation of

If

Is the operation of

In the case of

Is the operation of. However

Consists of five operands

Will perform the operation of. In order to solve the problem of increasing the number of terms of the operands, McIvor's 2 method is proposed, which reduces the number of terms through the dictionary operation as shown in Figure 1. Before the multiplication begins,

Perform the operation of and carry the result

Sum with

After saving

Using

Wow

In this case, it is used selectively.

4-2 CSA Montgomery Multiplication Suitable for Cryptographic Systems The CSA is the main operation. 4-2 Input values for CSA are (A1, A2) and (D1, D2). Since A = (A1 + A2) and D = (D1 + D2), if the addition row is possible without carry propagation, there will be two input values.

There is a method of solving the carry propagation problem by expressing the code bit by extending the redundant binary number system instead of the binary number system.

1A is a schematic block diagram of a redundant binary adder applied to the present invention.

,

에 대하여 덧셈을 수행할 때 경우의 수는 표 1과 같다.Simple example two bits

,

Table 1 shows the number of cases when addition is performed for.

0 0 0 0 0 One One

One 0 One

One One One 0

와 합

이 모두 1인 경우 캐리가 발생할 수 있다. 따라서 표 1과 같이 수행하면 캐리 전파를 제거할 수 있다. 그러나

을 나타내기 위해서는 부호 비트를 사용해야 한다. 잉여 이진수 덧셈기(RBA)는 입력 값이 두 개이고 출력 값이 한 개이지만 부호 비트를 포함하므로 4-2 CSA와 동일한 형태를 갖추지만 내부 구조를 간단히 하여 효율성을 높일 수 있다는 장점을 갖는다.

Sum with

If both are 1, a carry may occur. Therefore, the carry propagation can be removed as shown in Table 1. But

The sign bit must be used to indicate. The redundant binary adder (RBA) has the same form as 4-2 CSA because it has two input values and one output value but contains sign bits, but it has the advantage of increasing efficiency by simplifying the internal structure.

는 단계별로 입력되는 비트값을 구분하기 위한 단계별 식별자를 의미한다.Hereinafter, the sign bit if the subscript is "sign" or the superscript is "s", and the bit value if the subscript is "value" or the superscript is "v", the subscript

Denotes a step identifier for distinguishing bit values input step by step.

The SD number system and the general number system differ in how they are represented for each digit. In r notation, the general number system is represented by r elements of {0,1,2, ..., r-1}, while the SD number system is {-(r-1),-(r-2) , ...., 0, .., r-2, r-1}. By allowing each digit in the SD number system to have a positive value as well as a negative value, the SD number system has a surplus characteristic that one number can be expressed differently. The general number system uses a code-size representation, a one's complement representation, or a two's complement representation to distinguish negative numbers and sizes. It has information about the sign.

이 되는 경우를 방지함으로써 캐리의 수평적 전달을 방지한다. 따라서 표 2의 덧셈 규칙을 따름으로써 SD 수 체계의 장점인 캐리 전파 제거 특성을 이진 SD 수 체계에서도 유지시킬 수 있다. Intermediate sum and previous carry equals 1 or

This prevents the carry from being horizontally transferred. Thus, by following the addition rules in Table 2, the carry propagation rejection characteristic of the SD number system can be maintained in the binary SD number system.

The redundant binary multiplier according to the present invention newly defines the input and output representation of the redundant binary adder according to the present invention, which is a component, thereby enabling efficient structure design.

Hereinafter, with reference to the drawings will be described a preferred embodiment of the present invention. However, embodiments of the present invention illustrated below may be modified in many different forms, and the scope of the present invention is not limited to the embodiments described below.

는 A와 B의 OR 연산,

는 A와 B의 AND 연산,

, A와 B의 XOR 연산,

는 A의 전환(Invert) 연산이다.The operation used below is defined as follows. In other words,

Is an OR operation of A and B,

Is an AND operation of A and B,

, The XOR operation of A and B,

Is an invert operation of A.

1B is a block diagram of a multiplier of redundant binary numbers in accordance with the present invention.

Input Buffer 110 and Output Buffer 170 are the same buffers commonly used for 4-2 CSAs.

The barrel register full adder (MBRFA) 120 converts the binary values in order from the least significant bit of X.

The multiplexer 140 selects one of Y, M, Y plus M, or 0 130 according to the converted bit value of X.

The redundant binary adder (NRBA) 150 performs a first addition on the selected value and the binary value for X to generate a result of the first addition consisting of a carry value, which is a binary value, and an island, which is a negative number. The redundant binary adder 150 also consists of a carry that is a negative number and an island that is a binary value by performing a second addition that adds a carry of the previous digit among the carry of the first addition, an island of the first addition, and a negative number for X. Produces the result of the second addition being made. In this case, the block of logic gates performing the first addition of the redundant binary adder 150 is defined as the first addition block, and the block of the logic gates performing the second addition is defined as the second addition block.

The redundant binary adder 150 repeats the first addition and the second addition until the barrel register full adder 120 converts the most significant bit into a binary value starting from the least significant bit of X. At this time, the output during the repetition of the addition is stored in the accumulator 160 and applied to the next input of the addition.

Accumulator 160 applies the result of the second addition to the binary value for X and the negative number for X during the iteration of the first and second additions.

FIG. 2A is a detailed block diagram of the redundant binary adder 150 of FIG. 1A.

The redundant binary adder (NRBA) according to the present invention is a Sign + Binary + Negative-> Negative + Binary method rather than the conventional Sign + Sign-> Sign.

The method of adding redundant binary numbers according to the present invention consists of the following two steps.

즉,

을 수행하여 캐리

와 합

을 생성한다. 이 연산을 정리하면 하기의 표 3a 및 표 3b와 같다.Stage 1 :

In other words,

Carry by

Sum with

Create This operation is summarized in Tables 3a and 3b below.

즉,

과 1단계에서 생성된

와 이전 자리의 캐리

의 덧셈을 수행하여 캐리

와 합

을 생성한다. 이 연산을 정리하면 하기의 표 4a 및 표 4b와 같다.Step 2:

In other words,

Created in step 1

And carry of the previous seat

Carry by Doing Addition

Sum with

Create This operation is summarized in Tables 4a and 4b below.

In this case, Sig means a redundant binary number, Bin means a binary value, and Neg means a negative number.

이라 하고 이때 발생하는 캐리

, 합

라 할 때, 1단계에서 발생할 수 있는 경우의 수는 표 3a와 같이 총 6가지가 된다. 알고리즘을 효율적으로 구성하기 위해 표 3a의

와

대신 각각의 전환한 값을 적용하면, 즉

와

를 적용하면 표 3b와 같다.

Carrying this happens

, Sum

In this case, the number of cases that can occur in the first stage is a total of six as shown in Table 3a. In order to configure the algorithm efficiently,

Wow

Instead of applying each converted value, i.e.

Wow

If applied, it is as Table 3b.

와

는 표 3의 경우를 고려하면 수학식 4와 같이 연산된다.

Wow

Considering the case of Table 3 is calculated as shown in Equation 4.

이므로 두 번째 단계는

의 연산이 된다.

이라 하고, 이때 발생하는 캐리

, 합

이라 할때 경우의 수는 표 4a와 같다. 1단계와 마찬가지 로 알고리즘을 효율적으로 구성하기 위해 표 4a의

와

대신 각각의 전환한 값을 적용하면, 즉

와

를 적용하면 표 4b와 같다.In equation (4)

So the second step is

Is the operation of.

This is the carry that occurs

, Sum

The number of cases is shown in Table 4a. As in step 1, to efficiently configure the algorithm,

Wow

Instead of applying each converted value, i.e.

Wow

If applied, it is as Table 4b.

와

는 수학식 5와 같이 연산된다.

Wow

Is calculated as in Equation 5.

(단,

와

,

에 대한 덧셈의 결과로

를 출력하는 덧셈은 다음의 알고리즘(이하 "알고리즘 2"라고 한다)와 같다.Input value

(only,

Wow

,

As a result of addition to

The addition that prints is equivalent to the following algorithm (hereinafter referred to as "Algorithm 2").

The hardware architecture for single digit addition can consist of six cells provided by the Samsung STD130 0.18um 1.8V CMOS cell library.

이며 A는 전환 형태

를 가진다. 이 두 값은 곱 셈에서 중간 결과로써 사용된다. 그러나 다음 곱셈의 입력으로 재사용되기 위해서는 A, B를 하나의 Sig 값으로 생성하는 결합기(Coupler)를 사용해야 한다. A and B are

And A is the transition form

Has These two values are used as the intermediate result in multiplication. However, to be reused as the input of the next multiplication, you must use a combiner that generates A and B as a single Sig value.

에 대해, 두 값을 하나의 값

로 결합한다고 할 때 경우의 수는 표 5와 같다.However, the redundant binary adder (NRBA) according to the present invention serves as a combiner in one iteration without additional hardware. Two outputs of the addition result

For two values, one value

Suppose that the number of cases are shown in Table 5.

One 0 One 0 One One One One 0 0 0 One 0 One One 0

인 경우 오른쪽 4열과 동일함을 알 수 있다. 따라서

를 고정하고

에

를 대입하

에

를 대입하면 결합기의 역할을 수행할 수 있게 된다. 또한 입력 값

를 고정하면

는

값이 출력되고,

는

값이 출력된다. 따라서 최하위 자리에서

을 대입하고

을 대입한다.

을 대입하면

은

이 되고

은

가 된다. 따라서 덧셈의 2단계의 경우의 수와 동일하게 되므로 결합기의 역할을 수행할 수 있다. Table 5 shows in Table 4b

If it is the same as the right 4 columns. therefore

And fix it

on

Substitute

on

Substituting can act as a combiner. Also input value

When fixed

Is

Value is output,

Is

The value is output. So at the lowest position

Substituting

Replace with

If you substitute

silver

Become this

silver

Becomes Therefore, since it is equal to the number of cases in the second step of addition, it can serve as a combiner.

FIG. 2B is a flowchart of operation of the redundant binary adder 150 of FIG. 1A.

When expressing a signed digit, there are two ways to express it.

로 표시한다. 예를 들어, (0,0)=0, (0,1)=1, (1,1)=-1 이다. 포지티브-네가티브(positive-negative) 방법은

로 표시한다. 예를 들어, (0,0)=(1,1)=0, (1,0)=1, (0,1)=-1 이다.The sign-value method is

To be displayed. For example, (0,0) = 0, (0,1) = 1, (1,1) =-1. Positive-negative methods

To be displayed. For example, (0,0) = (1,1) = 0, (1,0) = 1, (0,1) =-1.

는 멀티플렉서(Multiplexer, 140)를 통한 값으로 부호-비트값(sign-value)으로 표현되어 있고,

는 어큐뮬레이터(accumulator, 160)로서, 포지티브-네가티브(positive-negative)로 표현되어 있다. In Figure 2b, at the input

Is a value through a multiplexer (140), expressed as a sign-value,

Is an accumulator 160, which is expressed as positive-negative.

Positive-negative representations are used only inside the multiplier and output to the outside is converted to a sign-value representation. If there is a separate converter to convert additional hardware is required, the present invention uses a redundant binary adder as a converter. As such, the final result of the multiplier is output as a sign-value representation and is designed for direct use in the next multiplication.

3 is a block diagram of the barrel register full adder 120 of FIG. 1A.

들을 바이너리(binary) 수로 바꾸는 역할을 수행한다. Modified Barrel Register Full Adder according to the present invention is represented by a signed digit.

It converts them into binary numbers.

를 입력으로 한다. 한편, MFA(121)는 도 4의 구조를 가지며, 도 4의 MFA(121)를 수학식으로 표현하면, 상기 수학식 4와 같다.The barrel register full adder according to the present invention is composed of the MFA 121 and the register 122, as shown in Figure 3, shifted from the lowest digit (digit) is input

As input. Meanwhile, the MFA 121 has the structure of FIG. 4, and the MFA 121 of FIG. 4 is represented by Equation 4 as shown in Equation 4 above.

가 잉여 이진수(signed digit)으로 표현될 경우 더 많은 레지스터를 사용해야 하고 더 많은 경우의 수를 고려해야 하기 때문에 종래의 배럴 레지스터 전가산기의 수정이 필요한 것이다.Determines whether Y is added on binary number

Is represented as a signed digit, it is necessary to modify the conventional barrel register full adder because more registers must be used and more cases must be taken into account.

In the barrel register full adder according to the present invention, since X for determining whether to add Y is a redundant binary number, the operation of -Y or -Y + M is required, and the number of registers and operations for the same increases. Converts X to binary.

The multiplier of the present invention replaces the addition portion with a redundant binary adder (RBA) to the 4-2 CSA Montgomery multiplier and replaces the barrel register full adder with the barrel register full adder according to the present invention. Conventional binary input values and output values are represented by redundant binary numbers.

는 최하위 디지트(digit)부터 곱셈기가 루프를 반복할 때마다 쉬프트 되면서 계산하므로 추가적인 시간을 요구하지 않는다. X = Σ

Does not require additional time since the multiplier calculates the shift from the lowest digit each time the loop repeats.

Using an Invert value is used to simplify the gate representation. When the exponentiation operation is performed, the multiplier uses Invert value from the beginning, so the multiplier does not cost Invert separately.

The multiplier according to the present invention uses two expression methods at the same time in the addition part.

4 is a detailed block diagram of the MFA 121 applied to FIG. 3.

As shown in FIG. 4, the MFA 121 of FIG. 3 may include two OR gates, one AND gate, and two NAND gates.

5 is a flowchart of a method for adding a redundant binary number according to the present invention.

First, a first addition is performed for any redundant binary numbers X, Y, and Z by adding a redundant binary number for X and a binary value for Y. In this case, the result of the first addition includes a carry, which is a binary value, and an island, which is a negative number, in operation 530.

Next, a second addition is performed by adding a carry of the previous position among the carry of the first addition, an island of the first addition, and a negative number for Z. In this case, the result of the second addition includes a carry, which is a negative number, and an island, which is a binary value, in operation 540. In this way, one redundant binary output can be obtained without carry propagation.

6 is a flowchart of a multiplication method of a redundant binary number according to the present invention.

When multiplying Y, multiplicand X, and modular value M, a multiplication using a logic gate of arbitrary redundant binary numbers X and Y is assumed.

First, a binary value is converted in order from the least significant bit of X (step 610).

Next, one of Y, M, Y, and M or 0 is selected according to the converted bit value of X (step 620).

Next, a first addition is performed on the selected value and the binary value for X to generate a result of the first addition including a carry value, which is a binary value, and an island, which is a negative number, in operation 630.

When the result of the first addition is generated, a second addition is performed by adding a carry of the first place among the carry of the first addition, an island of the first addition, and a negative number for X, thereby forming a carry which is a negative number and an island having a binary value. In operation 640, the result of the second addition is generated.

Next, the result of the second addition is stored in the accumulator and applied as an input when the next first addition is performed (step 650).

Finally, the above steps (steps 610-650) are repeated while applying the result of the second addition to the binary value for X and the negative number for X. At this time, if the most significant bit of X is converted into a binary value, and thus the first and second additions are performed, all processes are terminated (step 660).

와

와 같다. 또한

이고

가 약

비트 수라 할 때,

를 만족해야 한다. In general, the RSA encryption and decryption functions are given when X is plaintext, C is ciphertext, M is n-bit modulus, and e, d is public and secret index, respectively.

Wow

Same as Also

ego

About

Speaking of beats,

Must be satisfied.

The exponential power operation using surplus binary Montgomery multiplication according to the present invention is as follows.

Hereinafter, the efficiency of the redundant binary multiplier according to the present invention.

According to the present invention, the spatial complexity is reduced by about 18.5% and the time complexity is reduced by about 25.3% compared to 4-2 CSA. In addition, the time complexity is reduced by up to about 39.8% and at least about 14% compared to the conventional RBA. The spatial complexity is also reduced by up to about 62.7% and at least about 6.3% compared to conventional RBA. In addition, compared to the conventional RBA, the space complexity is 44.3%, the time complexity is reduced by 2.8%.

Table 7 shows a result of comparing the 4-2 CS Montgomery multiplier, the conventional redundant binary Montgomery multiplier, and the redundant binary Montgomery multiplier according to the present invention.

algorithm Clock cycle Critical Path Delay Time Spatial complexity 4-2 CSA Montgomery Multiplier n + 4 2FA + 4: 1MUX + 1xo2 9Register + 4: 1MUX + 1xo2 + 2FA Conventional Surplus Binary Montgomery Multiplier 1 n + 4 1RBA + 4: 1MUX + 1xo2 9Register + 4: 1MUX + 1xo2 + 1RBA Conventional Surplus Binary Montgomery Multiplier 2 n + 6 1RBA + 4: 1MUX + 1xo2 9Register + 4: 1MUX + 1xo2 + 1RBA + 1Coupler ^* Surplus Binary Montgomery Multiplier According to the Invention n + 6 1NRBA + 4: 1MUX + 1xo2 9Register + 4: 1MUX + 1xo2 + 1RBA 1Coupler ^* = 2nr2 + 1nd2 + 1nr2b + 1iv

The 4-2 CS Montgomery multiplier and the conventional redundant binary Montgomery multiplier have a clock cycle of n + 4, whereas the redundant binary Montgomery multiplier according to the present invention is n + 6. This is because the redundant binary Montgomery algorithm according to the present invention also serves as a combiner.

Although the redundant binary adder (NRBA) according to the present invention is applied to a Montgomery multiplier, the number of clock cycles is increased two more times compared to the 4-2 CSA Montgomery multiplier and the conventional redundant binary Montgomery multiplier, which is 1,024 bits or 2048 bits. The weight is not large in the operation. That is, since the unit time of multiplication is the shortest in 1024-bit or 2048-bit multiplication, the number of repetitions is not significant. Since the spatial complexity also has the same register number, multiplexer (MUX) and gate as the comparison object, the redundant binary adder according to the present invention, which is smaller in size than 2FA and 1RBA, has a significant meaning as the number of bits increases.

In addition, the same register count, multiplexer (MUX) and gates, and the small adder size and short unit time, can be very efficient in integer-based cryptographic systems such as RSA cryptosystems with repeated multiplication, and can be implemented with hardware chips. Can be used in a variety of environments.

The invention can be implemented via software. When implemented in software, the constituent means of the present invention are code segments that perform the necessary work. The program or code segments may be stored on a processor readable medium or transmitted by a computer data signal coupled with a carrier on a transmission medium or network.

The computer-readable recording medium includes all kinds of recording devices in which data is stored which can be read by a computer system. Examples of computer-readable recording devices include ROM, RAM, CD-ROM, DVD ± ROM, DVD-RAM, magnetic tape, floppy disks, hard disks, optical data storage devices, and the like. The computer readable recording medium can also be distributed over network coupled computer devices so that the computer readable code is stored and executed in a distributed fashion.

Although the present invention has been described with reference to one embodiment shown in the drawings, this is merely exemplary and will be understood by those of ordinary skill in the art that various modifications and variations can be made therefrom. However, such modifications should be considered to be within the technical protection scope of the present invention. Therefore, the true technical protection scope of the present invention will be defined by the technical spirit of the appended claims.

As described above, according to the present invention, it is possible to provide an adder that functions as a combiner without carry propagation, and introduces the concept of a redundant binary number in the part performing addition of three operands that occupy most of the critical path delay time of Montgomery multiplication. The new proposed redundant binary adder can reduce the space and time complexity, and it is possible to simplify the implementation of the RSA cryptosystem with repeating modular multiplication and the important components of the functional block in the multiplier. .

Claims (10)

In the method of adding an encryption system using a logical gate of arbitrary redundant binary numbers X, Y, and Z, Performing a first addition by adding a redundant binary number for X and a binary value for Y to generate a result of the first addition consisting of a carry value, which is a binary value, and an island with a negative number; And The second addition of the carry of the first addition, the second addition of the carry of the first position, the island of the first addition and the negative number for the Z to perform a second addition consisting of a carry of a negative number and the island of a binary value A method of adding a redundant binary number comprising generating a result. The method of claim 1, The surplus binary number for X is i bit is the sign bit

And bit values

Addition method of the binary number, characterized in that consisting of. The method of claim 2, Generating the result of the first addition is The carry of the first addition

, The island of the first addition

When we say, expression 4

(4) The method of adding a redundant binary number, characterized in that the step of using. The method of claim 3, wherein Generating the result of the second addition Carry the second addition

, The island of the second addition

, The negative number for Z

, The carry of the previous position among the carry of the first addition

When we say, expression 5

(5) The method of adding a redundant binary number, characterized in that the step of using. In the multiplication method of the encryption system using a logical gate of arbitrary redundant binary X, Y, when the multiplier is Y, the multiplicand is X, and the modular value is M, Converting a binary value in order from the least significant bit of X; Selecting any one of the Y, the M, the Y plus M, or 0 according to the converted bit value of X; Performing a first addition of the selected value and the binary value for the X to generate a result of the first addition consisting of a carry, which is a binary value, and an island, which is a negative number; And The second addition of the carry of the first addition, the second addition of the carry of the previous position, the island of the first addition and the negative number for the X is performed by the carry of the negative number and the island of binary values Generating a result, And repeating the process by applying the result of the second addition to a binary value for the X and a negative number for the X. In the adder of an encryption system that performs addition of arbitrary redundant binary numbers X, Y, Z, A first addition block configured to perform a first addition by adding a redundant binary number for the X and a binary value for the Y to generate a result of the first addition including a carry value which is a binary value and an island which is a negative number; And The second addition of the carry of the first addition, the second addition of the carry of the first position, the island of the first addition and the negative number for the Z to perform a second addition consisting of a carry of a negative number and the island of a binary value A redundant binary adder that includes a second addition block that produces a result. The method of claim 6, The surplus binary number for X is i bit is the sign bit

And bit values

Redundant binary adder, characterized in that consisting of. The method of claim 7, wherein The first addition block is The carry of the first addition

, The island of the first addition

When we say, expression 4

(4) A redundant binary adder, characterized by applying to a logic gate. The method of claim 8, The second addition block is Carry the second addition

, The island of the second addition

, The negative number for Z

, The carry of the previous position among the carry of the first addition

When we say, expression 5

(5) A redundant binary adder, characterized by applying to a logic gate. In the multiplier of an encryption system that performs multiplication of arbitrary redundant binary numbers X and Y when multiplier Y, multiplicand X, and modular value M, A barrel register full adder for converting the binary value into a binary value in order from the least significant bit of the X; A multiplexer for selecting any one of the Y, the M, the value of Y and M, or 0 according to the converted bit value of X; Performing a first addition on the selected value and the binary value for the X to generate a result of the first addition consisting of a carry, which is a binary value, and an island, which is a negative number, a carry of a previous position among the carry of the first addition, Performing a second addition that adds the island of first addition and a negative number for X to generate a result of the second addition consisting of a carry, which is a negative number, and an island, which is a binary value, wherein the full barrel register adder A redundant binary adder, wherein the redundant binary adder repeats the first and second additions until the most significant bit of X is converted into a binary value; And A redundant binary multiplier including an accumulator that applies the result of the second addition to the binary value for X and the negative number for X during the iteration of the first and second additions.

Images