Results 1  10
of
22
Discrete Logarithms in Finite Fields and Their Cryptographic Significance
, 1984
"... Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its appl ..."
Abstract

Cited by 87 (6 self)
 Add to MetaCart
Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element u GF(q) is that integer k, 1 k q  1, for which u = g k . The wellknown problem of computing discrete logarithms in finite fields has acquired additional importance in recent years due to its applicability in cryptography. Several cryptographic systems would become insecure if an efficient discrete logarithm algorithm were discovered. This paper surveys and analyzes known algorithms in this area, with special attention devoted to algorithms for the fields GF(2 n ). It appears that in order to be safe from attacks using these algorithms, the value of n for which GF(2 n ) is used in a cryptosystem has to be very large and carefully chosen. Due in large part to recent discoveries, discrete logarithms in fields GF(2 n ) are much easier to compute than in fields GF(p) with p prime. Hence the fields GF(2 n ) ought to be avoided in all cryptographic applications. On the other hand, ...
RSA Hardware Implementation
, 1995
"... Introduction to Arithmetic for Digital System Designers. New York, NY: Holt, Rinehart and Winston, 1982. 28 #14# C#. K. Ko#c and C. Y. Hung. Multioperand modulo addition using carry save adders. Electronics Letters, 26#6#:361#363, 15th March 1990. #15# C# . K. Ko#c and C. Y. Hung. Bitlevel syst ..."
Abstract

Cited by 24 (1 self)
 Add to MetaCart
Introduction to Arithmetic for Digital System Designers. New York, NY: Holt, Rinehart and Winston, 1982. 28 #14# C#. K. Ko#c and C. Y. Hung. Multioperand modulo addition using carry save adders. Electronics Letters, 26#6#:361#363, 15th March 1990. #15# C# . K. Ko#c and C. Y. Hung. Bitlevel systolic arrays for modular multiplication. Journal of VLSI Signal Processing, 3#3#:215#223, 1991. #16# M. Kochanski. Developing an RSA chip. In H. C. Williams, editor, Advances in Cryptology CRYPTO 85, Proceedings, Lecture Notes in Computer Science, No. 218, pages 350#357. New York, NY: SpringerVerlag, 1985. #17# I. Koren. Computer Arithmetic Algorithms. Englewood Cli#s, NJ: PrenticeHall, 1993. #18# D. C. Kozen. The Design and Analysis of Algorithms. New York, NY: SpringerVerlag, 1992. #19# R. Ladner and M. Fischer. Parallel pre#x computation. Journal of the ACM, 27#4#:831# 838, October 1980. #20# S.
Modular Exponentiation on Reconfigurable Hardware
, 1999
"... It is widely recognized that security issues will play a crucial role in the majority of future computer and communication systems. A central tool for achieving system security are cryptographic algorithms. For performance as well as for physical security reasons, it is often advantageous to realize ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
It is widely recognized that security issues will play a crucial role in the majority of future computer and communication systems. A central tool for achieving system security are cryptographic algorithms. For performance as well as for physical security reasons, it is often advantageous to realize cryptographic algorithms in hardware. In order to overcome the wellknown drawback of reduced flexibility that is associated with traditional ASIC solutions, this contribution proposes arithmetic architectures which are optimized for modern field programmable gate arrays (FPGAs). The proposed architectures perform modular exponentiation with very long integers. This operation is at the heart of many practical publickey algorithms such as RSA and discrete logarithm schemes. We combine two versions of Montgomery modular multiplication algorithm with new systolic array designs which are well suited for FPGA realizations. The first one is based on a radix of two and is capable of processing a ...
Complexity and fast algorithms for multiexponentiation
 IEEE Transactions on Computers
, 2000
"... for multiexponentiations ..."
Cryptography on FPGAs: State of the Art Implementations and Attacks
, 1999
"... this paper is devoted to studying FPGAs from a systems security perspective. We do this by looking at attacks documented in the literature against FPGAs as well as attacks that have been performed against other hardware platforms and by adapting them and their solutions to FPGAs. Furthermore, we pro ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
this paper is devoted to studying FPGAs from a systems security perspective. We do this by looking at attacks documented in the literature against FPGAs as well as attacks that have been performed against other hardware platforms and by adapting them and their solutions to FPGAs. Furthermore, we provide a list of open problems regarding system security of FPGAs
The Design Space Layer: Supporting Early Design Space Exploration for CoreBased Designs
"... A novel library layer, called the "design space layer," is proposed, aimed at supporting both, IPbased and traditional "inhouse " design methodologies, during early design space exploration. Strategies for effectively pruning the large design spaces characteristic of systemonchip designs, and for ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
A novel library layer, called the "design space layer," is proposed, aimed at supporting both, IPbased and traditional "inhouse " design methodologies, during early design space exploration. Strategies for effectively pruning the large design spaces characteristic of systemonchip designs, and for transparently retrieving information on cores adequate for implementing the system components, are supported by the proposed layer. The layer is selfdocumented and highly compartmentalized into hierarchies of classes of design objects, and is thus easily scalable. A design space layer developed for encryption applications is presented and discussed in some detail. 1 Introduction The trend towards developing corebased, systemonchip solutions for complex application specific systems is clearly irreversible. Increasing the level of design integration is quite attractive from a reliability, power consumption, and unitcost perspective. The use of cores, i.e., macrocells developed by thir...
A ComplexityEffective Version of Montgomery’s Algorithm
 in Workshop on Complexity Effective Designs, ISCA’02, May 2002, http://www.ee.rochester.edu:8080/ ∼ albonesi/wced02
, 2002
"... AbstractA new version of Montgomery’s algorithm for modular multiplication of large integers and its implementation in hardware is presented. It has been designed to meet the predominant requirements of most modern devices: small chip area and low power consumption. The algorithm is superior to th ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
AbstractA new version of Montgomery’s algorithm for modular multiplication of large integers and its implementation in hardware is presented. It has been designed to meet the predominant requirements of most modern devices: small chip area and low power consumption. The algorithm is superior to the original method by a factor of 2, with respect to both area and latency. The new method has a simple structure. It requires a small amount of precomputation and storage in order to reduce the number of neccessary additions by a factor of 2. Index terms—modulo multiplication, carry save addition, Montgomery algorithm A.
XTR Implementation on Reconfigurable Hardware
 of Lecture Notes in Computer Science
, 2004
"... Abstract. Recently, Lenstra and Verheul proposed an efficient cryptosystem called XTR. This system represents elements of F ∗ p6 with order dividing p 2 − p + 1 by their trace over Fp2. Compared with the usual representation, this one achieves a ratio of three between security size and manipulated d ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Abstract. Recently, Lenstra and Verheul proposed an efficient cryptosystem called XTR. This system represents elements of F ∗ p6 with order dividing p 2 − p + 1 by their trace over Fp2. Compared with the usual representation, this one achieves a ratio of three between security size and manipulated data. Consequently very promising performance compared with RSA and ECC are expected. In this paper, we are dealing with hardware implementation of XTR, and more precisely with Field Programmable Gate Array (FPGA). The intrinsic parallelism of such a device is combined with efficient modular multiplication algorithms to obtain effective implementation(s) of XTR with respect to time and area. We also compare our implementations with hardware implementations of RSA and ECC. This shows that XTR achieves a very high level of speed with small area requirements: an XTR exponentiation is carried out in less than 0.21 ms at a frequency beyond 150 MHz.
Moduli for Testing Implementations of the RSA Cryptosystem
 in IEEE 14th Symposium on Computer Arithmetic
, 1999
"... Comprehensive testing of any implementation of the RSA cryptosystem requires the use of a number of moduli with specific properties. It is shown how to generate a sufficient variety of these to enable testing which will justify high confidence in the correctness of both the design and the operation ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
Comprehensive testing of any implementation of the RSA cryptosystem requires the use of a number of moduli with specific properties. It is shown how to generate a sufficient variety of these to enable testing which will justify high confidence in the correctness of both the design and the operation of hardware implementations. The tests avoid the necessity of another implementation for comparison. Many of these moduli are also suitable for testing software implementations. Furthermore, the methods apply equally well to other similar modular arithmetic based cryptosystems which use exponentiation, such as DiffieHelman key exchange. Key Words: Computer arithmetic, cryptography, RSA modulus, testing, correctness, verification, implementation validation benchmark. 1 Introduction The RSA cryptosystem [5] is widely used for key exchange and increasingly for the long term storage of sensitive data. A large number of such systems have been designed and built in both software and hardware. ...