TW201040839A - Large integer modular multiplication chip structure for signature cryptosystem - Google Patents

Large integer modular multiplication chip structure for signature cryptosystem Download PDF

Info

Publication number
TW201040839A
TW201040839A TW98116100A TW98116100A TW201040839A TW 201040839 A TW201040839 A TW 201040839A TW 98116100 A TW98116100 A TW 98116100A TW 98116100 A TW98116100 A TW 98116100A TW 201040839 A TW201040839 A TW 201040839A
Authority
TW
Taiwan
Prior art keywords
bit
parallel
carry
index
long
Prior art date
Application number
TW98116100A
Other languages
Chinese (zh)
Other versions
TWI403952B (en
Inventor
chang-qi Lai
Can-Xiong Liu
geng-hao Zhang
ming-xin Zhang
yu-ling Zheng
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to TW98116100A priority Critical patent/TWI403952B/en
Publication of TW201040839A publication Critical patent/TW201040839A/en
Application granted granted Critical
Publication of TWI403952B publication Critical patent/TWI403952B/en

Links

Landscapes

  • Semiconductor Integrated Circuits (AREA)
  • Storage Device Security (AREA)

Abstract

A large integer modular multiplication chip structure for improving Rivest-Shamir-Adleman Public-key Cryptosystem (RSA) and Elliptic curve cryptography (ECC) utilizes a modified modular multiplication algorithm structure architecture and utilizes an integrated parameter long-bit large integer multiplier that uses a 33-bit parallel carry look-ahead adder as a computing core and a parameter long-bit large integer modulus divider that also uses a 33-bit parallel carry look-ahead subtractor as a computing core to replace the computing function of a conventional large loop modular multiplication multiplier and divider to reduce the computing delay time of multiplication and division. The composition of this invention includes a parameter parallel carry look-ahead multiplication and parameter parallel carry look-ahead modulus divider module, a parameter index loop hardware module, and a data input and output buffer interface module.

Description

201040839 ·: 六、發明說明: 【發明所屬之技術領域】 本發明係有關於簽章密碼系統之大整數模指數晶片 中硬體實現的技術領域’特別是指利用修正型的模指數運 算設計架構技術所實現之RS A、ECC密碼系統與高速保 密裝置之整合應用。 【先前技術】 Ο 〇 現有的簽章密碼系統高速保密器,大都採用美國德州 儀器(Texas instruments )公司的數位處理器 DSP320C6202B元件,來執行高速的RSA、3则⑴响201040839 ·: 6. Description of the invention: [Technical field to which the invention pertains] The present invention relates to the technical field of hardware implementation in a large integer modulus index chip of a signature cryptosystem, particularly referring to a modified modular exponential operation design architecture. The integrated application of RS A, ECC cryptosystem and high-speed security device realized by technology. [Prior Art] Ο 〇 Existing signature cryptosystem high-speed security devices, most of which use Texas Instruments' digital processor DSP320C6202B component to perform high-speed RSA and 3 (1)

Data Encryption Standard). AES (Advanced Encryption —)衫所需的演算法數學運算,雖^ IC擁有 獨立的乘法和除法累加數位運算處理器架構,但是若要執 行1〇24摘以上的長整數運算時,則需經過百萬次迴圈 的重複計算,運算速度會大植 咬异迷度T大蝠降低,因此若使用者需要運 用RSA和ECC執行大批的資料芩立 幻貝抖簽早運算時,會更顯得運 算結果無法即時提供服務,會因 此大幅提兩使用者的等待 時間。 RSA等演算法則所 間’為改進其速度太慢的缺 本發明鑑於執行上述高速ECc、 必需處理大量的數學運算時 點,遂提出以修正型模指數演算 弃在為貫現硬體設計的基本 架構,和使用3 3位元之平行前視 规進位加法器為運算核心 3 201040839 的參數型長位元之大整數乘法器’與使用33位元之平行 前視進位減法器為運算核心的參數型長位元之大整數模 數除法器,以取代傳統的大迴圈模數乘法器和除法器的運 算動作,來達到縮減一般乘法器和除法器計算延遲的時間 與加快保密器的簽章速度。 【發明内容】 〇 卜本發明之目的即在於提出一種可藉由硬體架構設計 技術實現之修正型的模指數演算法,可以提高rsa、ecc 簽早運算速度,特別是在大量資料要做RSA、ECC簽章 運算時可以得到較快的執行速度,以提高使用者應用高速 保密裝置的效率。 達成上述發明目的之用於簽章密碼系統之大整數模 指數晶片結構,係一種運用修正型模指數演算法 (Modified Modular MultipHcati〇n 八如缝…的設計架 構,和使用33位元之平行前視進位加法器為運算核心的 參數型長位元之大整數乘法器,與使用33位元之平行前 視進位減法器為$算核心、的參數型長位元之大整數模數 除法器,以取代傳統的大迴圈模數乘法的運算動作,來達 到縮減乘法計算延遲的時間的設計架構。此修正型模指數 演算法是-種取代每次大整數乘法後在進行模數除法器 的動作,來達到減少乘法運算延遲時間與縮減乘法元件的 電晶體元件,再利用修改後的平行前視進位加法器與平行 201040839 前視進位減法器的組合架構,以達到快速運算的目的。簽 章密碼系統的修正型模指數設計架構,其功能包括: (1) 提供參數設定模指數運算長度(512、1〇24、 2048、4096Bits); (2) 提供參數型指數迴圈的最大長度之運算架構; (3) 提供快速模數乘法和模數除法器的硬體設計架 構; 、 (4) 提供快速模指數迴圈的硬體設計架構; (5) 提供資料輸入與輸出緩衝器介面設計架構。 【實施方式】 請參閱圖-所示,為本發明於簽章密碼系統之應用架 構圖’使用者可透過主機與簽章密碼系統t咖咖通 訊介面連接,經由簽章密碼系統之控制器2來控制簽章密 碼系統之大整數模指數運算晶片1,來產生正確的運算 值,再經由控制器2 /Μτ 刼作Ethernet通訊介面來取回運算 -月參閱圖一所不,為本發明之參數型長位元之平行前 視進位乘法器的硬體模組内部架構圖,其組成主要包含參 數型長位元之密碼資料A仏 „ 一 1貝科A輸入早兀3、參數型長位元之 碼資料B輸入單元4、3λ 位之平行前視進位加法器 預先進位)5、33位元之巫一此' 疋之千仃則視進位加法器(有預先 位)6、3 3位元之平行俞鉬 卞仃引視進位加法器之進位判斷檢查器 201040839 及、32:的暫存器8。其中基本核心加速元件為33位元 γ ί視進位加法器’用參數設定方式將欲執行大整數 =指數乘法,以平行向量陣列(Ve— Α㈣組成的平 订別視進位加法器晶片,在一個時脈週期⑺〇c) 内同時作大整數的乘法運算,再將每一個向量陣列的加法 y 、疋(Carry bit),當作選擇正確加法後資料處理 Ο Ο 器的路衩’再使用多個32_bit的暫存器8組合成正 確的結果。 、請參閱圖三所示,為本發明之參數型長位元之平行前 視進位模數除法器的硬體模組内部架構圖,其組成主要包 含參數型長位元之密碼資料A輸入單元(有預先借位輸 入)9、參數型長位元之密碼資料3輸入單元(無預先借位 輸入)10、33 <立元之平行前視進位減法器(無預先借 位)11、33位元之平行前視進位減法器(有預先借位⑴、 33位元之平行前視進位加法器之借位判斷檢查器13及 32-lnt的暫存器14。其係用以替代模數除法運算,其中 基本核心加速元件為33位元之平行前視進位減法器,以 參數設定方式將欲執行大整數的模指數除法,以平行向量 陣列(Vector Array)組成的減法器,在一個時脈週期 (Clock Cycle)内同時作大整數的除法運算,再檢查最 大的減法器之進位元(Carrybi〇是否被借位,若無,則 停土作大整數的除法運算’若有被借位’則重複執行大整 6 201040839 數的除法運算。最後將每一個向量陣列的減法器之進位元 被借位的狀況,當作選擇正確資料處理多工器的路徑,再 使用多個32-bit的暫存器14組合成正確的結果。 Ο 請參閱圖四所示,為本發明使用於密碼運算模組元件 之修正型模指數演算法硬體執行方塊圖,其中包括:參數 型33位元之平行前視進位乘法器2〇、參數型33位元之 平行前視進位模數除法器21及參數型長位元乘法迴圈的 控制硬體模組(由修正型模指數演算法之乘法迴圈的暫存 益1 8及修正型模指數演算法之位元掃描判斷檢查器η Ο 組成)。其執行修正型模指數演算法(M〇dmed Moduh MultiplicationAlg〇rithm)之輸入值為A B及模數n之 大整數’條件為,輸出為AxB(m〇dN),其步驟包含: 首先使用者輸入密碼金鑰長度參數(模數n),修正型模指 數演算法之乘法迴圈的暫存器18會自動的設定長位元乘 法需使用的最大暫存器數目和迴圈的控制數目,並由修正 型模指數演算法之位元掃描 乘法迴圈模組的運算次數, 修正型模指數演算法之平行 判斷檢查器19以執行長位元 提高模指數運算的效率;接著 前視進位乘法器20將輸入值 a’b進行乘法演算,盆演置b、 /貝I疋以圖二之硬體進行,由 數型33位元之平行前禎推 視進位加法器6負責執行將每一 位元掃描後所選擇的平行累 累加運舁。本發明可依據參數Data Encryption Standard). AES (Advanced Encryption —) required algorithm mathematical operations, although IC has independent multiply and divide accumulate digital arithmetic processor architecture, but to perform long integer operations above 1〇24 , it needs to be repeated calculations of millions of loops, the operation speed will be greatly reduced, and the big bat will be reduced. Therefore, if the user needs to use RSA and ECC to execute a large amount of data, the audition will be performed early. It seems that the result of the operation cannot provide the service immediately, which will greatly increase the waiting time of the two users. Algorithms such as RSA are in the process of improving the speed of the invention. In view of the implementation of the above-mentioned high-speed ECc, it is necessary to deal with a large number of mathematical operations, and propose a modified model-index calculus to abandon the basic architecture designed for the hardware. And the parallel forward-gauge adder using 3 3 bits is the parameter type of the large integer multiplier of the parameter type long bit of the operation core 3 201040839 and the parallel type forward look-up subtractor using the 33-bit as the parameter type of the operation core The long bitwise large integer modulus divider replaces the traditional large loop modulus multiplier and divider operation to reduce the delay time of the general multiplier and divider calculation and speed up the signature of the security. . SUMMARY OF THE INVENTION The object of the present invention is to propose a modified mode index algorithm which can be realized by hardware architecture design technology, which can improve the speed of early signing of rsa and ecc, especially in a large amount of data to do RSA. ECC signature calculation can get faster execution speed to improve the efficiency of users applying high-speed security devices. The large integer modulus index wafer structure for the signature cryptosystem that achieves the above object is a design architecture using a modified modular exponential algorithm (Modified Modular MultipHcati〇n, and a parallel using 33 bits) The visual adder is a large integer multiplier of the parametric long bit of the operation core, and a large integer analog multiplier of the parametric long bit using the parallel forward look-attenuator of 33 bits. To replace the traditional large loop modulus multiplication operation, to achieve the design of reducing the delay time of multiplication calculation. This modified model exponential algorithm is a kind of substitution of each large integer multiplication after the analog-digital divider Action, to achieve the reduction of the multiplication delay time and reduce the transistor components of the multiplying component, and then use the modified parallel forward-looking carry adder and parallel 201040839 forward-looking carry reducer combination architecture to achieve the purpose of fast calculation. The modified model index design architecture of the cryptosystem, its functions include: (1) Provide parameter setting modulus index operation length (512, 1〇24, 2048, 4096Bits); (2) an arithmetic architecture that provides the maximum length of the parametric index loop; (3) a hardware design architecture that provides fast modulus multiplication and a modular divider; (4) provides a fast mode exponential loop (5) Provide data input and output buffer interface design architecture. [Embodiment] Please refer to the figure - shows the application architecture diagram of the invention in the signature cryptosystem. The signature cipher system is connected to the communication interface, and the controller 2 of the signature cryptosystem controls the large integer modulus index operation chip 1 of the signature cryptosystem to generate the correct operation value, and then via the controller 2 / Μτ 刼The Ethernet communication interface is used to retrieve the operation-month. Referring to Figure 1, the internal architecture diagram of the hardware module of the parametric forward-looking carry multiplier of the parameter-type long bit of the present invention is mainly composed of parametric long bits. The password data A仏„ 1 Beike A input early 3, the parameter type long bit code data B input unit 4, 3λ bit parallel forward-looking carry adder advanced level) 5, 33 bit witch ' 疋之千Then, according to the carry adder (with pre-bit) 6, parallel 3 位 卞仃 卞仃 卞仃 卞仃 卞仃 卞仃 卞仃 判断 判断 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 2010 The bit γ ί depends on the carry adder 'parameter setting method to execute large integer = exponential multiplication, parallel vector array (Ve - Α (four) composed of flat-order add-up adder chip, in one clock cycle (7) 〇 c) Multiply the large integers at the same time, and then add the y and bit (Carry bit) of each vector array as the path of selecting the correct addition data processing 衩 再 'reuse multiple 32_bit registers 8 Group the correct results. Please refer to FIG. 3 , which is an internal architecture diagram of a hardware module of a parallel forward-looking carry modulus divider of a parameter type long bit of the present invention, which mainly comprises a parameter type long bit cryptographic data A input unit. (With pre-borrow input) 9, parameter type long bit password data 3 input unit (no pre-borrow input) 10, 33 < Li Yuan parallel forward-looking carry subtractor (no pre-borrowing) 11, 33 Bit parallel forward-looking carry subtractor (pre-borrowed (1), 33-bit parallel forward-looking carry adder borrowing judgment checker 13 and 32-lnt register 14. It is used instead of modulus Dividing operation, wherein the basic core accelerating component is a 33-bit parallel forward-looking carry subtractor, which is a parameter-setting method to divide the modulus exponent of a large integer, and a subtractor composed of a parallel vector array (Vector Array) at one time In the Clock Cycle, divide the large integer at the same time, and then check the carryer of the largest subtractor (Carrybi〇 is borrowed, if not, then stop the division of large integers) if borrowed 'Execute the whole 6 The division of the number of 201040839. Finally, the state of the borrower of each vector array subtractor is borrowed as the path of selecting the correct data processing multiplexer, and then using multiple 32-bit registers 14 to form The correct result. Ο Please refer to FIG. 4, which is a hardware block diagram of a modified mode index algorithm used in the cryptographic operation module component of the present invention, including: a parametric 33-bit parallel forward-looking carry multiplier 2〇, parametric 33-bit parallel forward-looking carry modulus divider 21 and parametric long-bit multiplicative loop control hardware module (storage benefit 1 of the multiplication loop of the modified model exponential algorithm) 8 and the modified mode index algorithm for the bit scan judgment checker η Ο composition). The input modulus of the modified model index algorithm (M〇dmed Moduh MultiplicationAlg〇rithm) is AB and the large integer of the modulus n The condition is that the output is AxB(m〇dN), and the steps include: First, the user inputs the password key length parameter (modulo n), and the temporary storage 18 of the multiplication loop of the modified mode index algorithm is automatically set. Long bit multiplication The maximum number of registers used and the number of control of the loop, and the number of operations of the multiplication loop module is scanned by the bit of the modified mode index algorithm, and the parallel judgment checker 19 of the modified mode index algorithm performs long The bit increases the efficiency of the modulus index operation; then the forward-looking multiplier 20 multiplies the input value a'b, and the potting is set to b, /I I疋 is performed by the hardware of Figure 2, and the number 33-bit is used. The parallel front push push carryer 6 is responsible for performing the parallel accumulation operation selected after each bit scan. The invention can be based on parameters

設 定最多使用 128個 33_blt的加法器同時作 1024 至 4096 201040839Set up to 128 33_blt adders simultaneously for 1024 to 4096 201040839

GG

Q 位元的大整數的乘法運算,在-個時脈週期(clock Cycle)㈣時並行作乘積運算,再將每—個向量陣列的 平行加法器之進位i(c:arrybit),當作正確資料處理單 元的多工器選擇路徑’再以參數來輪出相對的Μ如的 暫存器來組合成正確的結果;接著由修正㈣指數演算法 之平行前視進位模數除法器21進行除法演算其演算是 以圖三之硬體進行’由參數型33位元之平行前視進二 法器11貞責執行模數除法H时行累減運算。本發明可 依據參數設定最多使用128们3摘的減法器同時作 1〇24至觀位元的大整數的模數除法器,在-個時脈週 期(Clock Cycle)内同時並行作減法運算,測試每一個 向量陣列的平行減法器之進位元(Carry⑷是否被借 位’再使用迴圈控制使得最高的暫存器之進位元不被借 位以每4固平行剛視進位減法器的進位元當作正確資料 處理單元的多工器選擇路徑,再以參數來輸出相對的 32-bit的暫存ϋ來組合成正確的結果。 圖四之輸出結果再由指數R_L二元方法硬體執行控 制硬體模組根據使用者輸入的密碼指數的每一位元的高 低位準電壓’來判斷控制硬體模組是否作密碼原資料,與 更新資料的相乘,再取其模數除法器餘數;或原資料的平 方乘積後再取其模數除法器餘數。 -月參閱圖五所不’為本發明之指冑二元方法之 8 201040839 硬體執行方塊圖’其執行運算包含:⑴參數型長位元模 指數運算之明文或密文資料Μ輸入23及參數型長位元模 拓數運异之金鑰貧料Ν輪入24,經由參數型長位元模指 數運#之乘法迴圈的暫存器初始值設定%及執行參數型 長位元模指數運算之乘法迴圈的暫存器資料的平方乘積 再作模數除法運算25;⑺參數型長位元模指數運算之加 ❹ ❹ 解密金錄資料M D輸人28經由加解密金瑜資料 之位兀掃$判斷檢查器29判斷是做加密或解密運算;再 執仃加岔或解密運算包含由參數型長位元模指數運算之 乘法迴圈的暫存器初始_ 27,及執行參數型長位元 乘法迴圈的暫存器資料的乘積再作模數除法運算3〇;⑶ 最後整“1)及⑵將參數型長位元乘法迴圈的結果輸出 31 〇 综合上述之具體實施例是用來詳細說明本創作之目 的、特徵及功效’根據上述說明,可能對該具體實施例作 #變更及修改’而並不脫離出本創作之精神料,所 以 本創作之專利範圍是由附加中請專利保護範圍來加 說明。 本創作特點及功效除具有技術内容中所敘述之功 能’尚有下列特色: ()省電功能。大整數模指數晶片結構不執行時, 會自動進入待機模式。 201040839 的數位產 與運算信 口)可以將本創作整合設計於的密碼傳輸 品中,以達到節劣硬體成本、提高資料傳送速度 號穩定等特性。 【圖式簡單說明】The multiplication of the large integer of the Q bit is performed in parallel in the clock cycle (four), and the carry i (c:arrybit) of the parallel adder of each vector array is regarded as correct. The multiplexer selection path of the data processing unit is then combined with the parameters such as the register to form the correct result; then the parallel forward look-ahead modulus divider 21 of the modified (four) exponential algorithm is used for division The calculus is calculated by the hardware of Figure 3. 'The parametric subtraction operation is performed when the parallel division of the parametric 33-bit parallel forward is used. According to the parameter setting, the modulus divider of the large integer of 1〇24 to the viewpoint element can be used at the same time according to the parameter setting, and the subtraction operation is simultaneously performed in parallel in the clock cycle (Clock Cycle). Test the carry-in of the parallel subtractor of each vector array (whether or not Carry(4) is borrowed' and then use the loop control so that the highest register's carry is not borrowed to carry the carry-in of the 4-bit parallel-only carry-subtractor As the multiplexer selection path of the correct data processing unit, the relative 32-bit temporary storage 输出 is output as a parameter to combine the correct results. The output result of Figure 4 is then controlled by the exponential R_L binary method. The hardware module judges whether the control hardware module uses the original data of the password according to the high and low level voltage of each bit of the password index input by the user, multiplies the updated data, and then takes the remainder of the modulus divider. Or the square product of the original data and then the remainder of the modulus divider. - Month refers to Figure 5 is not 'the binary method of the fingerprint of the invention. 8 201040839 Hardware execution block diagram' its execution operation includes: (1) The explicit or ciphertext data of the long-term meta-exponential operation of the numerical type Μ input 23 and the parameter-type long-distance module extension number of the different key 贫 Ν Ν , , , , , , , , , , , , 经由 经由 经由 经由 经由 经由 经由 经由 经由The initial value of the register of the loop is set to % and the square product of the register data of the multiplication loop of the parameter type long bit mode index operation is subjected to the modulus division operation 25; (7) the parameter type long bit mode index operation Coronation ❹ Decrypted gold record data MD loser 28 via the encryption and decryption of the Golden Yoga data 兀 sweep $ judgment checker 29 judges to do the encryption or decryption operation; then the 仃 岔 or decryption operation includes the parameter type long bit modulo The initial value of the register of the multiplication loop of the exponential operation is _ 27, and the product of the register data of the parameter type long bit multiplication loop is subjected to the modulus division operation 3〇; (3) the last whole "1) and (2) parameters The result output of the type of long bit multiplication loop 31 〇 The above specific embodiment is used to explain the purpose, features and effects of the present work. 'Depending on the above description, it is possible to make #change and modify the specific embodiment. Without leaving the spirit of this creation, The patent scope of this creation is explained by the scope of patent protection in addition. The features and functions of this creation have the following features in addition to the functions described in the technical content: () Power saving function. Large integer modulus index wafer structure When it is not executed, it will automatically enter the standby mode. The digital production and operation interface of 201040839 can integrate the design into the password transmission product, so as to achieve the advantages of poor hardware cost and stable data transmission speed number. Simple description of the schema]

請參閱有關本發明之詳細說 瞭解本發明之技術内容及其目的 明及其附圖,將可進一步 功效;有關附圖為: 為 了使貴審查委員能更進一 步了解本發明 之特點及 技術内容,請參閱以下有關本發明之附圖 僅提供參考與說明,並非用來對本發明加 實施例之附圖如下: ’然而所附圖式 以限制。有關該 圖—為本發明於簽章密碼系統之應用架構圖; 圖二為本發明之參數型長位元之平行前視進位乘法 器内部架構圖;Please refer to the detailed description of the present invention to understand the technical contents of the present invention and its purpose and the accompanying drawings, which will be further effective; the related drawings are: In order to enable the reviewing committee to further understand the features and technical contents of the present invention, The drawings which are referred to below are only for the purpose of illustration and description, and are not intended to be construed as the accompanying drawings. The figure is the application architecture diagram of the signature cryptosystem of the present invention; FIG. 2 is an internal architecture diagram of the parallel forward-looking carry multiplier of the parameter type long bit of the present invention;

圖二為本發明之參數型長位元之平行前視進位模數 除法器内部架構圖; 圖四為發明之修正型模指數演算法硬體執行方塊圖; 圖五為發明之指數R-L二元方法之硬體執行方塊圖。 【主要元件符號說明】 1簽章密碼系統之大整數模指數運算晶片 2簽章密碼系統之控制器 3參數型長位元之密碼資料a輸入單元 4參數型長位元之密碼資料b輸入單元 201040839 5 33位元之平行前視進位加法器(無預先進位) 6 33位元之平行前視進位加法器(有預先進位) 33位兀之平行刖視進位加法器之進位判斷檢查 8 32-bit的暫存器 碼資料A輸入單元(有預先借 9參數型長位元之密 位輸入)2 is an internal architecture diagram of a parallel forward-looking carry modulus divider of a parameter type long bit of the present invention; FIG. 4 is a hardware execution block diagram of a modified mode index algorithm of the invention; FIG. 5 is an index RL binary of the invention. The hardware implementation of the method is a block diagram. [Main component symbol description] 1 Signature cryptosystem large integer modulus index operation chip 2 signature cryptosystem controller 3 parameter type long bit cipher data a input unit 4 parameter type long bit cipher data b input unit 201040839 5 33-bit parallel forward-looking carry adder (no pre-advanced bit) 6 33-bit parallel forward-looking carry adder (with pre-advanced bit) 33-bit parallel contiguous carry adder carry judgment judgment 8 32- Bit register data A input unit (with a pre-funded 9-parameter long bit input)

10參數型長位元之密碼資 位輸入) 料B輸入單元(無預先借 11 33位元之平行前視進位減法器(無預先借位) 12 33位几之平行前視進位減法器(有預先借位) 13 33位元之平行前視進位加法器之借位判斷檢查 14 32-bit的暫存器 15修正型模指數演算法之模數N輸入 17修正型杈指數演算法之乘數與被乘數A, B輸入 18修正型模指數演算法之乘法迴圈的暫存器 19修正型模指數演算法之位元掃描判斷檢查器 2〇修正型模指數演算法之平行前視進位乘法器 21修正型模指t演算法之平行前視進位模數除法 22修正型模指數演算法 之乘法迴圈的結果輸出 11 201040839 23參數型長位元模指數運算 輸入 之明文或密文資料 Μ 24參數型長位元模指數運算之切:㈣ν輪入 25執行參數型長位元模指數運算之乘法迴圈的暫 存器資料的平方乘積再作模數除法運算 26’27參數型長位元模指數運算之乘法迴圈的暫 存器初始值設定 Ο 28參數型長位元模指數運算之加解密金鑰資料ε 或D輸入 29加解密金鑰資料以D之位元掃插判斷檢查器 3〇執行參數型長位元乘法迴圈的暫存器資料的乘 積再作模數除法運算 31參數型長位元乘法迴圈的結果輪出10 parameter type long bit password input) material B input unit (no pre-borrowing 11 33 bit parallel forward-looking carry subtractor (no pre-borrowing) 12 33-digit parallel forward-looking carry subtractor (with Pre-borrowing) 13-bit parallel forward-looking carry adder judgment check 14 32-bit register 15 modified mode index algorithm modulus N input 17 modified type index algorithm multiplier The multiplier A, B input 18 modified mode index algorithm multiplication loop register 19 modified type modulus index algorithm bit scan judgment checker 2 〇 modified mode index algorithm parallel forward carry Multiplier 21 modified type model finger t algorithm parallel forward view carry modulus division 22 modified mode index algorithm multiplication loop result output 11 201040839 23 parameter type long bit mode index operation input plaintext or ciphertext data Μ 24 parameter type long bit mode exponential operation cut: (4) ν round-in 25 execution parameter type long bit mode exponential operation multiplication method of the square product of the register data and then the modulus division operation 26'27 parameter type length Multiplication of bit modulus exponential operation The initial value of the register of the loop is set Ο 28 parameter type long bit mode index operation of the encryption and decryption key data ε or D input 29 encryption and decryption key data with D bit scan check checker 3 〇 execution parameter type The product of the register data of the long bit multiplication loop is then subjected to the modulus division operation 31. The result of the parameter type long bit multiplication loop is rotated.

1212

Claims (1)

201040839 - 七、申請專利範圍: 1. 一種用於簽章密碼系統之大整數模指數晶片結構,係 運用於修正型模指數演算法之硬體設計,包括: (A) 參數型長位元之平行前視進位乘法器的硬體 模組; (B) 參數型長位元之平行前視進位模數除法器的 硬體模組; 〇 (C) 參數型長位元乘法迴圈的控制硬體模組; (D )指數R-L二元方法硬體執行控制硬體模組; 前述結構首先由使用者輸入密碼金鑰長度參數,由 該參數型長位元乘法迴圈的控制硬體模組自動設定長 位元乘法需使用的最大暫存器數目、迴圈的控制數目 以及運算次數;接著由該參數型長位元之平行前視進 位乘法器的硬體模組進行乘法演算,其負責執行將每 〇 —次位元掃描後所選擇的平行累加運算;再接著由誃 參數型長位元之平行前視進位模數除法器的硬體模紐 進行除法演算,其負責執行模數除法器的平行累減運 算;最後輸出結果再由該指數R_L二元方法硬體執行 控制硬體模組根據使用者輸入的密碼指數的每一位元 的高低位準電壓,來判斷控制硬體模組是否作密碼原 資料。 ” 2·如申請專利範圍第1項所述之用於簽章密^统之大 13 201040839 整數模指數晶片結構,其中該參數型長位元之平行前 視進位乘法器的硬體模組, 文匕3.參數型長位元 之密碼資料輪入單元、3 〜 位70之平行前視進位加法器 (無預先進位)、33 > · ^ τ ^ 位几之平行則視進位加法器(有預先 進位)3 3位元之平行前視進位加法之.隹 忒器之進位判斷檢 —器及32-bit的暫存器。 Ο 〇 3·如申請專利範圍第 嗦所迷之用於簽章密碼系統之大 整數模指數晶片結構,其中 傅兴甲这Μ位兀之平行前視進位 加法器是以承/ «上 a 疋以千仃向量陣列(Vect〇r Array)組成的平行 刖視進位加法器晶片,可在-個時脈週期(Clock WO内同時作大整數的乘法運算,再將每—個向量 車歹J的加法器之進位元(Can>y⑹),當作選擇正確加 法後資料處理多工器的路徑,供多個32 bit的暫存器 組合成正確的結果。 如申5:專利範圍第1項所述之用於簽章密碼系統之大 正數模指數晶片結構,纟中該參數型長位元之平行前 視進位除法器的硬體模組,主要包含:參數型長位元 之达、碼資料八輸入單元(有預先借位輸入)、參數型長 凡之役碼資料B輸入單元(無預先借位輸入)、33位 70之平行前視進位減法器(無預先借位)、33位元之平 行別視進位減法器(有預先借位)、33位元之平行前視 進位 Adεκ 法Is之借位判斷檢查器及32-bit的暫存器。 14 201040839 5. ❹ 如申吻專利|&圍第4項所述之用於簽章密碼系統之大 整數模指數晶片結構,其中該33位元之平行前視進位 減法器是以平行向量陣列(VeetGr A—組成的減法 器,可在一個時脈週期(cl〇ckCycle)内同時作大整 數的除法運算’再檢查最大的減法器之進位元(Carry Mt)是否被借位,若無,則停止作大整數的除法運算, 右有被借位’則重複執行大整數的除法運算丨;;最 後將每-個向量陣列的減法器之進位元被借位的狀 況’當作選擇正確資料處理多工器的路徑,供多個 32-bit的暫存器組合成正確的結果。201040839 - VII. Patent application scope: 1. A large integer modulus index wafer structure for signature cryptosystem, which is applied to the hardware design of modified model index algorithm, including: (A) Parametric long bit The hardware module of the parallel forward-looking carry multiplier; (B) the hardware module of the parallel-type forward-precision module divider of the parametric long-bit; 〇(C) the control of the parameter-type long-bit multiplication loop (D) exponential RL binary method hardware execution control hardware module; the foregoing structure first input the cryptographic key length parameter by the user, and the control hardware module of the parameter type long bit multiplication loop Automatically set the maximum number of registers to be used for long bit multiplication, the number of control of the loop, and the number of operations; then the multiplication algorithm is performed by the hardware module of the parallel forward multiplier of the parameter type long bit, which is responsible for Performing a parallel accumulation operation selected after each scan-by-bit scan; and then performing a division calculus by the hardware module of the parallel forward-looking carry modulus divider of the parametric long-bit element, which is responsible for performing the modulus division The parallel output subtraction operation; the final output result is further controlled by the index R_L binary method hardware control module to determine the control hardware module according to the high and low level voltage of each bit of the password index input by the user. Whether to make the original password data. 2. The integer module exponential chip structure for the signing of the 13th 201040839 integer, as described in the first paragraph of the patent application scope, wherein the parameterized long bit parallel forward-looking carry multiplier hardware module, Wen Wei 3. Parameter type long bit cipher data rounding unit, 3 ~ bit 70 parallel forward-looking carry adder (no pre-advanced bit), 33 > · ^ τ ^ bit parallel, then the carry adder ( There is a pre-advanced bit) 3 3 bit parallel forward-looking carry addition. The carry-in judgment of the device and the 32-bit register. Ο · 3 · For the patent application scope The large integer modulus index wafer structure of the cryptosystem, in which the parallel forward-looking carryer of Fu Xingjia is a parallel contiguous carry addition consisting of a / « 疋 疋 疋 疋 疋 Array Array Array Array The chip can be multiplied by a large integer in a clock cycle (Clock WO, and then the carryer of each adder of the vector 歹J (Can> y(6)) is selected as the data after the correct addition. Handling the path of the multiplexer for multiple 3 The 2-bit register is combined into the correct result. As described in claim 5: the large positive-digital exponential-index wafer structure for the signature cryptosystem described in the first paragraph of the patent scope, the parallel front view of the parametric long-bit element The hardware module of the carry divider mainly includes: parameter type long bit, code data eight input unit (with pre-borrow input), parameter type long code data B input unit (no pre-borrow input) ), 33-bit 70 parallel forward-looking carry reducer (without pre-borrowing), 33-bit parallel-viewing carry-subtractor (with pre-borrowing), 33-bit parallel forward-looking carry Adεκ method Is borrowing Judging the checker and the 32-bit register. 14 201040839 5. ❹ The large integer-modular index wafer structure for the signature cryptosystem, as described in the fourth paragraph of the application, and the 33-bit The parallel forward-looking carry reducer is a parallel vector array (VeetGr A - a subtractor that can simultaneously divide large integers in one clock cycle (cl〇ckCycle)' and then check the carryer of the largest subtractor (Carry Mt) is borrowed, if not Then, the division operation of the large integer is stopped, and the right is borrowed 'the repetition operation of the large integer is repeated;; finally, the condition of the borrower of the subtractor of each vector array is taken as the correct choice. The data processing multiplexer path is used to combine multiple 32-bit registers into the correct result. 6·如申請專利範圍第!項所述之用於簽章密碼系統之大 整數模指數晶片結構,其中該參數型長位元乘法迴圈 的控制硬體模組的硬體模組,主要包含:修正型模指 數演算法之乘法迴圈的暫存器及修正型模指數演算法 之位元掃描判斷檢查器;使用者輸入密碼金输長度參 數時,可自動的設定長位元乘法需使用的最大暫存器 數目和迴圈的控制數目,以執行長位元乘法迴圈模組 的運算次數,提高模指數運算的效率。 如申請專利範圍第丨項所述之用於簽章密碼线之大 整數模指數W結構,#中該指數R_L二元方法執行 控制硬體模組,是根據使用者輸入的密碼指數的每一 位元的高低位準電壓來判斷控制硬體模組是否作密碼 15 201040839 ' 原資料與更新資料的相乘乘績後再取其模數除法器餘 數,或原資料的平方乘績後再取其模數除法器餘數。6. If you apply for a patent scope! The large integer modulus index wafer structure for the signature cryptosystem, wherein the parameterized long bit multiplication loop control hardware module of the hardware module mainly includes: a modified mode index algorithm The bit-scanning checker of the multiplier loop and the modified mode index algorithm; when the user inputs the password gold length parameter, the maximum number of scratchpads to be used for long bit multiplication can be automatically set and back. The number of control of the circle, to perform the number of operations of the long bit multiplication loop module, to improve the efficiency of the modulus index operation. For example, the large integer modulus index W structure for signing the password line described in the scope of the patent application, the index R_L binary method execution control hardware module is based on the password index input by the user. The high and low level voltage of the bit is used to judge whether the control hardware module is used as a password. 15 201040839 ' After the original data and the updated data are multiplied, the remainder of the modulus divider is taken, or the square of the original data is taken. Its modulus divider remainder. 1616
TW98116100A 2009-05-15 2009-05-15 A large integer modulus index chip structure for signature cryptography TWI403952B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW98116100A TWI403952B (en) 2009-05-15 2009-05-15 A large integer modulus index chip structure for signature cryptography

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW98116100A TWI403952B (en) 2009-05-15 2009-05-15 A large integer modulus index chip structure for signature cryptography

Publications (2)

Publication Number Publication Date
TW201040839A true TW201040839A (en) 2010-11-16
TWI403952B TWI403952B (en) 2013-08-01

Family

ID=44996108

Family Applications (1)

Application Number Title Priority Date Filing Date
TW98116100A TWI403952B (en) 2009-05-15 2009-05-15 A large integer modulus index chip structure for signature cryptography

Country Status (1)

Country Link
TW (1) TWI403952B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10209957B2 (en) * 2015-05-04 2019-02-19 Samsung Electronics Co., Ltd. Partial remainder/divisor table split implementation

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6557020B1 (en) * 1997-12-10 2003-04-29 Seiko Epson Corporation Information processing system, enciphering/deciphering system, system LSI, and electronic apparatus
IL128007A (en) * 1999-01-11 2003-02-12 Milsys Ltd Enhancements on compact logic devices and also for accelerating and securing computations in modular arithmetic especially for use in public key cryptographic co-processors designed for elliptic curve and rsa type computations
US7664810B2 (en) * 2004-05-14 2010-02-16 Via Technologies, Inc. Microprocessor apparatus and method for modular exponentiation
TW200842611A (en) * 2007-04-24 2008-11-01 Chunghwa Telecom Co Ltd Modular exponentiation silicon intellectual property design architecture for increasing computation speed of cryptosystem

Also Published As

Publication number Publication date
TWI403952B (en) 2013-08-01

Similar Documents

Publication Publication Date Title
CN109039640B (en) Encryption and decryption hardware system and method based on RSA cryptographic algorithm
Lee et al. A 521-bit dual-field elliptic curve cryptographic processor with power analysis resistance
Karakoyunlu et al. Efficient and side-channel-aware implementations of elliptic curve cryptosystems over prime fields
US20110311041A1 (en) Crytographically transforming data text
JP4351987B2 (en) Montgomery conversion device, arithmetic device, IC card, encryption device, decryption device, and program
Elkhatib et al. Accelerated RISC-V for post-quantum SIKE
Kaleel Rahuman et al. Reconfigurable architecture for elliptic curve cryptography using fpga
KR100508092B1 (en) Modular multiplication circuit with low power
Großschädl High-speed RSA hardware based on Barret’s modular reduction method
CN200990078Y (en) Fast RSA cipher code and large digital/analog exponential computing circuit
Ghosh et al. A 334 μW 0.158 mm 2 ASIC for Post-Quantum Key-Encapsulation Mechanism Saber With Low-Latency Striding Toom–Cook Multiplication
TW201040839A (en) Large integer modular multiplication chip structure for signature cryptosystem
CN102135871B (en) Device for generating random number by using chaos theory and dynamic password token thereof
JP2004125891A (en) Power remainder computer
Smyth et al. An adaptable and scalable asymmetric cryptographic processor
Lee et al. Processor with side-channel attack resistance
JP5179933B2 (en) Data processing device
Saggese et al. A tamper resistant hardware accelerator for RSA cryptographic applications
Lim et al. Elliptic curve digital signature algorithm over GF (p) on a residue number system enabled microprocessor
Elango et al. High-Performance Multi-RNS-Assisted Concurrent RSA Cryptosystem Architectures
Amiri et al. Concurrent reconfigurable architecture for mapping and encrypting a message in Elliptic Curve Cryptography
Do-Nguyen et al. Multi-Functional Resource-Constrained Elliptic Curve Cryptographic Processor
KR100451570B1 (en) Method and apparatus for implementing elliptic curve cryptosystem resisting against simple power attacks
Poomagal et al. Modular multiplication algorithm in cryptographic processor: A review and future directions
Ramakrishnan Design and Verification of an RSA Encryption Core

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees