Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementation of the RSA Algorithm on a Dataflow Architecture

Published byColeen Cooper Modified over 8 years ago

Similar presentations

Presentation on theme: "Implementation of the RSA Algorithm on a Dataflow Architecture"— Presentation transcript:

1 Implementation of the RSA Algorithm on a Dataflow Architecture
Nikola Bežanić Advisors: Veljko Milutinović, Jelena Popović-Božović, and Ivan Popović School of Electrical Engineering, University of Belgrade, 2013.

2 Introduction Case study area: Public key cryptography acceleration
Problem: RSA implementation on Maxeler Existing problem solutions: None Summary: Under review (IPSI) Approach: Accelerate multiplications Analyze usability Conclusions: Multiplication speedup: 70% (28% total) Usability: Picture encryption 2/10

3 RSA ------------------------------------ bits 1 bit
Montgomery method: n -> r r=2sw -> power of 2 Montgomery product (MonPro): modulo r arithmetic ms-1 m1 m0 bits function ModExp(M, e, n) {n is odd} Step 1. Compute n’. Step 2. Mm := M ∙ r mod n Step 3. xm := 1 ∙ r mod n Step 4. for i = k – 1 down to 0 do Step xm := MonPro(xm, xm) Step if ei = 1 then xm := MonPro(Mm, xm) Step 7. x := MonPro(xm, 1) Step 8. return x ek-1 e1 e0 1 bit 3/10

4 Montgomery product function MonPro(a, b) Step 1. t := a ∙ b
Step 2. m := t ∙ n’ mod r Step 3. u := (t + m ∙ n) / r Step 4. if u ≥ n then return u – n else return u a and b are big numbers Breaking them to digits: bs-1…b1b0 as-1…a1a0 Processing on a word basis for i = 0 to s-1 C := 0 for j = 0 to s-1 (C, S) := t[i + j] + a[j]∙b[i] + C t[i + j] := S t[i + S] := C 4/10

5 Montgomery product: Step 1
for i = 0 to s-1 C := 0 for j = 0 to s-1 (C, S) := t[i + j] + a[j]∙b[i] + C t[i + j] := S t[i + S] := C a[j] b[i] X CPU Product: hi low 32 bits 5/10

6 Dataflow multiplier CPU Dataflow engine (DFE) a[j] b[i] X hi low
Product: hi low 32 bits Stream a Constant b0 Dataflow engine (DFE) X Stream y Stream x 6/10

7 Dataflow multiplier: Pipeline problem
Next iteration (next constant b1) => new DFE run New DFE run => new pipeline fill-up overhead 1024-bits key requires only 32 digits (32 bits each) Not enough to fill-up the pipeline Result: CPU time < DFE time ! Solution: Work on blocks of data Do not use constants, rather use a stream Stream has redundant values: acts as a const. b0 b1 a0 a2 a1 a3 a2 a3 a0 a1 X Stream y Stream x 7/10

8 Dataflow multiplier: Blocks of data
b0 x a < = > Block 0 Block 1 Big streams for each run Block z-1 8/10

9 Results Using blocks pipeline is full
Using one multiplier speed up is 10% for RSA Speedup is 70% for multiplication using 4 multiplers It leads to 28% for complete RSA (Amdahl’s law) Future work Deal with carry at DFE or Overlap carry propagation at CPU and multiplication at DFE 9/10

10 The End function ModExp(M, e, n) { n is odd } Step 1. Compute n’.
Step 2. Mm := M ∙ r mod n Step 3. xm := 1 ∙ r mod n Step 4. for i = k – 1 down to 0 do Step xm := MonPro(xm, xm) Step if ei = 1 then xm := MonPro(Mm, xm) Step 7. x := MonPro(xm, 1) Step 8. return x The End 10/10

Download ppt "Implementation of the RSA Algorithm on a Dataflow Architecture"

Similar presentations

Acceleration of Cooley-Tukey algorithm using Maxeler machine

Acceleration of Cooley-Tukey algorithm using Maxeler machine
Fourier Transform Fourier transform decomposes a signal into its frequency components Used in telecommunications, data compression, digital signal processing,

Fourier Transform Fourier transform decomposes a signal into its frequency components Used in telecommunications, data compression, digital signal processing,
CDA 3101 Fall 2010 Discussion Section 08 CPU Performance

CDA 3101 Fall 2010 Discussion Section 08 CPU Performance
School of Engineering & Technology Computer Architecture Pipeline.

School of Engineering & Technology Computer Architecture Pipeline.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
Fast Modular Reduction

Fast Modular Reduction
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
22C:19 Discrete Structures Integers and Modular Arithmetic

22C:19 Discrete Structures Integers and Modular Arithmetic
Capstone Project Presentation A Tool for Cryptography Problem Generation CSc 499 Mark Weston Winter 2006.

Capstone Project Presentation A Tool for Cryptography Problem Generation CSc 499 Mark Weston Winter 2006.
22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.

22C:19 Discrete Math Integers and Modular Arithmetic Fall 2010 Sukumar Ghosh.
1 EFFICIENT ADDERS TO SPEEDUP MODULAR MULTIPLICATION FOR CRYPTOGRAPHY Adnan Gutub Hassan Tahhan Computer Engineering Department KFUPM, Dhahran, SAUDI ARABIA.

1 EFFICIENT ADDERS TO SPEEDUP MODULAR MULTIPLICATION FOR CRYPTOGRAPHY Adnan Gutub Hassan Tahhan Computer Engineering Department KFUPM, Dhahran, SAUDI ARABIA.
Abdullah Sheneamer CS591-F2010 Project of semester Presentation University of Colorado, Colorado Springs Dr. Edward RSA Problem and Inside PK Cryptography.

Abdullah Sheneamer CS591-F2010 Project of semester Presentation University of Colorado, Colorado Springs Dr. Edward RSA Problem and Inside PK Cryptography.
Dynamic Warp Formation and Scheduling for Efficient GPU Control Flow Wilson W. L. Fung Ivan Sham George Yuan Tor M. Aamodt Electrical and Computer Engineering.

Dynamic Warp Formation and Scheduling for Efficient GPU Control Flow Wilson W. L. Fung Ivan Sham George Yuan Tor M. Aamodt Electrical and Computer Engineering.
1. RSA basics 2. Key generation 3. What it would take to break RSA

1. RSA basics 2. Key generation 3. What it would take to break RSA
Lecture 2 Aug 28 goals: Introduction to recursion examples of recursive programs.

Lecture 2 Aug 28 goals: Introduction to recursion examples of recursive programs.
CS 584. Logic The art of thinking and reasoning in strict accordance with the limitations and incapacities of the human misunderstanding. The basis of.

CS 584. Logic The art of thinking and reasoning in strict accordance with the limitations and incapacities of the human misunderstanding. The basis of.
Design of a Reconfigurable Hardware For Efficient Implementation of Secret Key and Public Key Cryptography.

Design of a Reconfigurable Hardware For Efficient Implementation of Secret Key and Public Key Cryptography.
VLSI Design Spring03 UCSC By Prof Scott Wakefield Final Project By Shaoming Ding Jun Hu

VLSI Design Spring03 UCSC By Prof Scott Wakefield Final Project By Shaoming Ding Jun Hu
An Expandable Montgomery Modular Multiplication Processor Adnan Abdul-Aziz GutubAlaaeldin A. M. Amin Computer Engineering Department King Fahd University.

An Expandable Montgomery Modular Multiplication Processor Adnan Abdul-Aziz GutubAlaaeldin A. M. Amin Computer Engineering Department King Fahd University.
Technion – Israel Institute of Technology Department of Electrical Engineering High Speed Digital Systems Lab Written by: Haim Natan Benny Pano Supervisor:

Technion – Israel Institute of Technology Department of Electrical Engineering High Speed Digital Systems Lab Written by: Haim Natan Benny Pano Supervisor:

Similar presentations

Ads by Google