Montgomery's algorithm , hereafter denoted Mn(·,·), is a process for computing Mn(A,B)=ABN mod n where N is a constant factor depending only on n. Usually, AB mod n is obtained by Mn(Mn(A,B),N−2 mod n) but in this article, we introduce an alternative approach consisting in pre-integrating N into cryptographic keys so that a single Mn(·,·) will replace directly each modular multiplication. Except the advantage of halving the number of Montgomery multiplications, our strategy skips the pre-calculation (and the storage) of the constant N−2 mod n and reveals to be particularly efficient when a hardware device implementing Mn(·,·) is the basic computational tool at one's command.
Unable to display preview. Download preview PDF.
- B. ARAZI, Modular multiplication is equivalent in complexity to a standard multiplication, Fortress U&T Internal Report (1992) available from Fortress U&T Information Safeguards, P.O. Box 1350, Beer-Sheva, IL-84110, Israel.Google Scholar
- J. BENALOH & M. de MARE, One-way accumulators: A decentralised alternative to digital signatures, Advances in cryptology: Proceedings of Eurocrypt'93, Lecture Notes in Computer Science, Springer-Verlag, to appear.Google Scholar
- W. DIFFIE & M. HELLMAN, New directions in cryptography, IEEE TIT, vol. 22, (1976), pp 644–654.Google Scholar
- S. DUSSE & B. KALISKI, A cryptographic library for the Motorola DSP56000. In Advances in Cryptology — Eurocrypt'90, pp. 230–244, Springer-Verlag, New-York, 1990.Google Scholar
- T. EL-GAMAL, A public-key cryptosystem and a signature scheme based on the discrete logarithm, IEEE TIT, vol. 31, No. 4, (1985), pp. 469–472.Google Scholar
- S. EVEN, Systolic modular multiplication, In Advances in Cryptology, Crypto'90, pages 619–624, Springer-Verlag, New-York, 1991.Google Scholar
- A. FIAT & A. SHAMIR, How to prove yourself: Practical solutions of identification and signature problems, Advances in Cryptology: Proceedings of Crypto'86, Lecture Notes In Computer Science, Springer-Verlag, Berlin, 263 (1987), pp 186–194.Google Scholar
- P. MONTGOMERY, Modular multiplication without trial division, Mathematics of Computation, vol. 44 (170), pp. 519–521 1985.Google Scholar
- D. NACCACHE, Can OSS be repaired?, Advances in cryptology: Proceedings of Eurocrypt'93, Lecture Notes in Computer Science, Springer-Verlag, to appear.Google Scholar
- National Institute of Standards and Technology, Publication XX: announcement and specifications for a digital signature standard (DSS), Federal Register, August 19, 1992.Google Scholar
- J.J. QUISQUATER & L. GUILLOU, A practical zero-knowledge protocol fitted to security microprocessor minimising both transmission and memory, Advances in cryptology: Proceedings of Eurocrypt'88 (C. Günter, ed.), Lecture Notes in Computer Science, Springer-Verlag, Berlin, 330 (1988), pp 123–128.Google Scholar
- R. RIVEST, A. SHAMIR & L. ADLEMANN, A method for obtaining digital signatures and public-key cryptosystems, CACM, vol. 21 (1978), pp. 120–126.Google Scholar
- C. SCHNORR, Efficient identification and signatures for smart-cards, Advances in cryptology: Proceedings of Eurocrypt'89 (G. Brassard ed.), Lecture Notes in computer science, Springer-Verlag, Berlin, 435 (1990), pp. 239–252.Google Scholar
- M. SHAND & J. VUILLEMIN, Fast implementations of RSA cryptography, 11th IEEE Symposium on Computer Arithmetic, 1993. To appear.Google Scholar