Modified Montgomery modular multiplication and RSA exponentiation techniques

Modified Montgomery modular multiplication and RSA exponentiation techniques

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IEE Proceedings - Computers and Digital Techniques — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Modified Montgomery multiplication and associated RSA modular exponentiation algorithms and circuit architectures are presented. These modified multipliers use carry save adders (CSAs) to perform large word length additions. These have the attraction that, when repeatedly used to perform RSA modular exponentiation, the (carry save) format of the output words is compatible with that required by the multiplier inputs. This avoids the repeated interim output/input format conversion, needed when previously reported Montgomery multipliers are used for RSA modular exponentiation. Thus, the lengthy and costly conventional additions required at each stage are avoided. As a consequence, the critical path delay and, hence, the data throughput rate of the resulting Montgomery multiplier architectures are also word length independent. The approach presented is based on a reformulation of the solution to modular multiplication within the context of RSA exponentiation. Two algorithmic variants are presented, one based on a five-to-two CSA and the other on a four-to-two CSA plus multiplexer. The practical application of the approach has been demonstrated by using this to design special purpose RSA processing units with 512-bit and 1024-bit key sizes. The resulting RSA units exhibit the highest data rates reported in the literature to date, reflecting the very low and word length independent critical path delay achieved.


    1. 1)
      • Network and Internetwork Security Principles and Practice
    2. 2)
      • Handbook of Applied Cryptography
    3. 3)
    4. 4)
      • Modular Multiplication without Trial Division
    5. 5)
    6. 6)
      • Elbirt, A.J., Paar, C.: `Towards an FPGA Architecture Optimized for Public-Key Algorithms', Presented at the SPIE Symp. on Voice, Video and Communications, Sept. 1999
    7. 7)
      • Blum, T., Paar, C.: `Montgomery Modular Exponentiation on Reconfigurable Hardware', Proc. 14th Symp. on Computer Arithmetic, 1999, p. 70–77
    8. 8)
      • Kim, Y.S., Kang, W.S., and Choi, J.R.: ‘Implementation of 1024-bit modular processor for RSA cryptosystem’.
    9. 9)
      • Bunimov, V., Schimmler, M., Tolg, B.: `A Complexity-Effective Version of Montgomery's Algorithm', Presented at the Workshop on Complexity Effective Designs (WECD02), May 2002
    10. 10)
      • Fast Decipherment Algorithm for RSA Public-Key Cryptosystem
    11. 11)
    12. 12)
      • Amphion Semiconductor Ltd.: ‘Data Security Data Sheets’.

Related content

This is a required field
Please enter a valid email address