Senior Fitness - Exercise and Nutrition for Aging Men and Women
FREE Article Feed for your website.
Home Ownership Magazine
Party Planning Information
Article Marketing Resources
Bio-Medical Research Article Database
Informative Articles on Life, Love and Happiness
Tutorials on Business to Writing
Famous Quotes from Famous People
Song Lyric Information
New US Patent Information
Comprehensive List of Content by Category
Online Auctions and Shopping Related Articles
Article Search
Most Recent Articles
 

Bad Credit Loans Made Easier by Pre Approval
Category:Business  

Vitamin supplements by Nguang Nguek Fluek
Category:Health / Fitness  

How you Can Save Money if you Book Hotels in Central Rome
Category:Travel  

Universal Life Insurance guide 101
Category:Finance / Investment  

FINE or VICE Cash Loans
Category:Finance / Investment  

Why Blogs are so popular
Category:Marketing  

Office Supplies and Client Relation
Category:Business  

Buying a Hidden Spy Camera
Category:Business  

Understanding Flower Bulbs
Category:Home And Family  

Parenting 101 Get Into a Parenting Class
Category:Home And Family  

Lanzarote Tourist
Category:Travel  

A Visitors Guide to Paris France
Category:Travel  

Personal Accounts Choosing Your Bank
Category:Business  

Acne A Clean Face First Step In A 12 Step Program
Category:Health / Fitness  

Inspiring Chicago Musical
Category:Entertainment / Television  

VOIP security guide
Category:Computers  

Three Reasons For Becoming A Foster Parent
Category:Home And Family  

Affiliate Programs MLM Income Opportunity Residual
Category:Business  

Hepatitis C Symptoms What are the Signs and Symptoms of Hepatiti...
Category:Health / Fitness  

Sales Success Who Do You Really Work For
Category:Business  

Stress Testing Tools How to Test for Stress Level DHEA
Category:Health / Fitness  

Stay At Home CEO How a Single Dad Found Financial Success Workin...
Category:Business  

Build Your Confidence and Find Your Soulmate
Category:Entertainment / Television  

Importance of Good Web Design
Category:Business  

WANT MORE CHANCES OF WINNING THE LOTTERY JACKPOT
Category:Business  

Eight Strategies to Become a Winner
Category:Self Help  

Business Property Investment can provide Guaranteed Returns For ...
Category:Business  

IVR Surveys The secret to Increasing response Rates
Category:Business  

New Bankruptcy Training Course Provides 7 CLE Credits for Parale...
Category:Business  

Something new to try What about a head or face massage
Category:Health / Fitness  

10 Tips for Rapid Fat Loss
Category:Health / Fitness  

A Guide to Tropical Wall Murals
Category:Home And Family  

Debt Relief Solutions Get the Way for Financial Relief
Category:Finance / Investment  

Evolution of Myspace from a social networking website to a marke...
Category:Marketing  

Top Networking Marketing Opportunities Is There Such A Thing
Category:Business  

What are you prepared to risk to optimise your chances of intern...
Category:Marketing  

Using a Free Baby Shower Word Scramble Game
Category:Home And Family  

To Everyone that Wants to Taste the Love
Category:Entertainment / Television  

Business Loans
Category:Business  

PSP Downloads Site Receives 5 Star Rating
Category:Home And Family  

Did Colorado Kill Doc Holliday
Category:Travel  

What is franchising
Category:Business  

Dead Ducks Don t Quack
Category:Business  

Capital and Repayment Mortgages
Category:Finance / Investment  

Three Online Stock Trading Systems
Category:Finance / Investment  

Compare Gyms and Save
Category:Health / Fitness  

What are the Health Benefits of an Infrared Sauna
Category:Health / Fitness  

Timeframe of long term SEO results
Category:Marketing  

Why You Might Consider Enhancement After LASIK Laser Eye Surgery...
Category:Health / Fitness  

One Way Links and Reciprocal Link Exchange and Traffic
Category:Marketing  

YES Real Estate Investing Works In Your Area Too
Category:Finance / Investment  

Avoid Cold Calling Download Ebook Free Online
Category:Business  

handbags
Category:Computers  

Ergonomic Keyboards As Healthy Computing Christmas Presents
Category:Health / Fitness  

Cottage Getaway to Plan Book early to secure your Cottage Rental...
Category:Travel  

Understanding Teen Acne
Category:Home And Family  

Tropical Home Decor
Category:Home And Family  

12 Cost effective Ways to Keep Your Child Safe around the Home
Category:Home And Family  

Its A Massive Participation For Ebook Free Internet Marketing
Category:Business  

What Are Supplemental Credit Cardholders
Category:Business  

How a High Fiber Diet Can Save Your Life
Category:Health / Fitness  

Equity Indexed Annuity is a Fixed Annuity Now Known as an Index ...
Category:Finance / Investment  

Do You Have Fear and Anxiety
Category:Health / Fitness  

Using A Data Recovery Service A Quick Overview
Category:Computers  

Hemorrhoids Exercises to Easy Your Hemorrhoids
Category:Health / Fitness  

What Comprises a Good Graphic Design
Category:Computers  

Email Marketing For Success
Category:Business  

Rx Assistance For NY Citizens By ACIRX
Category:Business  

Secured Loan
Category:Finance / Investment  

Are there really free online surveys that pay
Category:Business  

Bread Makers Why your Kitchen is Begging for One
Category:Home And Family  

Is Refinancing for Credit Repair a Good Idea
Category:Finance / Investment  

Before you buy a pedometer
Category:Health / Fitness  

SEO 101 For Beginners Revised
Category:Marketing  

How to building and managing an opt in list for a website
Category:Marketing

Montgomery modular multiplier using a compressor and multiplication method Number:7,412,474 from the United States Patent and Trademark Office (PTO) owispatent

Home    Author Login    Submit Article    Article Search    Add Your Link    Edit Your Link    Contact Us    Advertising    Disclaimer

   

 
Web LinkGrinder.com

Top Breaking News
     Greek, Cypriot Leaders Resume Unification Talks in Nicosia by Nathan Morley
     Indonesia Tobacco Sales Grow, Raising Health Fears
     South Korea Allows Top Defector to Travel Overseas by VOA News

Title: Montgomery modular multiplier using a compressor and multiplication method

Abstract: A Montgomery modular multiplier receiving a multiplicand (A), a modulus (M), and a multiplier (B), using a t-s compressor, where t>3 and s>1, and a multiplication method performed in the same. In response to a carry propagation adder signal, the t-s compressor performs additions on the carry C and the sum S and obtains the final results in a carry propagation adder structure.

Patent Number: 7,412,474 Issued on 08/12/2008 to Son

Inventors: Son; Hee-Kwan (Suwon, KR)
Assignee: Samsung Electronics Co., Ltd. (Gyeonggi-do, KR)
Appl. No.: 10/660,476
Filed: September 12, 2003

Foreign Application Priority Data
Dec 30, 2002 [KR] 10-2002-0087243

Current U.S. Class: 708/492 ; 380/28; 380/30; 708/490
Current International Class: G06F 7/00 (20060101)
Field of Search: 708/492 380/28,30

References Cited [Referenced By]
U.S. Patent Documents
5073870 December 1991 Morita
5745398 April 1998 Monier
6151393 November 2000 Jeong
6920473 July 2005 Elbe et al.
6973470 December 2005 Takahashi et al.
2004/0054705 March 2004 Le Quere
Foreign Patent Documents
695 06 674 May., 1999 DE
2 788 867 Jul., 2000 FR
WO 02/067108 Aug., 2002 WO
WO 02/073450 Sep., 2002 WO

Other References

Takagi N Ed-Kornerup P et al: "A radix-4 modular multiplication hardware algorithm efficient for iterative modular multiplication hardware algorithm efficient for iterative modular multiplications" Computer Arithmetic, 1991, Los Alamitos, CA, USA, IEEE Comput. Soc, US, Jun. 26, 1991, pp. 35-42, XP010034049 isbn:0-8186-9151-4. cited by other .
Drescher W et al: "VLSI architectures for multiplication in GF(2<m>) for application tailored digital signal processors" VLSI Signal Processing, IX, 1996., Yworkshop on San Francisco, CA, USA, Oct. 30-Nov. 1, New York, NY, USA, IEEE, US, Oct. 30, 1996, pp. 55-64, XP010198998, isbn: 0-7803-3134-6. cited by other .
Orup H Ed Knowles S et al: "Simplifying quotient determination in high-radix modular multiplication": Computer Arithmetic, 1995., Proceedings of the 12.sup.th Symposium on Bath, UK Jul. 19-21, 1995, Los Alamitos, CA, USA, IEEE Comput. Soc, US, Jul. 19, 1995, pp. 193-199, XP010146635, ISBN: 0-8186-7089-4. cited by other .
Preliminary Search Report for French Divisional App. No. 04-3488 dated Mar. 24, 2006. cited by other .
Preliminary Search Report for French App. No. 03-14199 dated Mar. 27, 2006. cited by other .
German Patent Office Action dated Oct. 17, 2007, for corresponding German Application No. P 10357661.4-53. cited by other.

Primary Examiner: Bullock, Jr.; Lewis A.
Assistant Examiner: Yaary; Michael
Attorney, Agent or Firm: Harness, Dickey & Pierce, P.L.C.
Claims


What is claimed is:

1. A Montgomery modular multiplier of a public-key cryptographic system that calculates a value congruent to "ABR.sup.-1" (mod M) used in the cryptographic system, where A and B are input n-bit numbers, R.sup.-1 is an inverse number of R modular-multiplied for "mod M", and M is a modulus, the Montgomery modular multiplier comprising: an A-register storing a bit value a.sub.i (where `i` denotes an integer in the range of 0 to n-1) of the number A, which is smaller than the modulus M; a B-register storing a bit value b.sub.i of the number B, which is smaller than the modulus M; an M-register storing a bit value m.sub.i of the modulus M, which is an odd number; a b.sub.iA calculation logic circuit multiplying the number A by the bit value b.sub.i to obtain b.sub.iA; a q.sub.i calculation logic circuit solving a Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)", where s.sub.0 is the least significant bit (LSB) of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is the bit value of the number B, and a.sub.0 is the LSB of the number A, to obtain a bit value q.sub.i; a q.sub.iM calculation logic circuit multiplying the modulus M by the bit value q.sub.i to obtain q.sub.iM; a 4-2 compressor performing `n` additions on the carry C, the sum S, the b.sub.iA, and the q.sub.iM to obtain interim values and summing the interim values to obtain a result using a carry propagation adder in response to a carry propagation adder signal; an S-register in which a bit value s.sub.i of the sum S is updated and stored; and a C-register in which a bit value c.sub.i of the carry C is updated and stored.

2. The Montgomery modular multiplier of claim 1, wherein the 4-2 compressor comprises: a first full adder unit summing a bit value b.sub.ia.sub.i of the b.sub.iA, a bit value s.sub.i+1 of the sum S, and the bit value c.sub.i of the carry C to obtain a carry cA.sub.i and a sum sA.sub.i; a multiplexer (MUX) unit selectively outputting either a bit value q.sub.im.sub.i of the q.sub.iM, a carry cA.sub.i-1, and the sum sA.sub.i or the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and a bit value c.sub.i-1 of the carry C, in response to the carry propagation adder signal; and a second full adder unit performing `n` additions on the bit value q.sub.im.sub.i of q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i to calculate interim bit values s.sub.i of the sum S and c.sub.i of the carry C, when the carry propagation adder signal is in an inactive state, and summing the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and the bit value c.sub.i-1 of the carry C to obtain final results of the sum S and the carry C, when the carry propagation adder signal is in an active state.

3. The Montgomery modular multiplier of claim 2, wherein a carry save adder structure is a 4-input 2-output structure, in which the first and second full adder units operate when the carry propagation adder signal is in the inactive state.

4. The Montgomery modular multiplier of claim 2, wherein a carry propagation adder structure is a 3-input 2-output structure, in which only the second full adder unit operates when the carry propagation adder signal is in the active state.

5. The Montgomery modular multiplier of claim 2, wherein the LSB of the carry cA.sub.i-1 and the LSB of the carry c.sub.i-1 are in a first logic state.

6. The Montgomery modular multiplier of claim 2, wherein the most significant bit (MSB) of the sum S is equal to the bit value cA.sub.n-1 at a clock pulse before the carry propagation adder signal is activated.

7. A method of performing a Montgomery modular multiplication in a Montgomery modular multiplier of a public-key cryptographic system, in which the Montgomery modular multiplier includes registers for storing bit values a.sub.i, b.sub.i, m.sub.i, c.sub.i, and s.sub.i (where `i` denotes an integer in the range of 0 to n-1) of a word A, a word B, a modulus M, a carry C, and a sum S, respectively, and calculates a value congruent to "ABR.sup.-1" (mod M), where A and B are input n-bit numbers, R.sup.-1 is an inverse number of R modular-multiplied for "mod M", and M is a modulus, the method comprising: receiving the number A, the number B, and the modulus M; multiplying the number A by a bit value b.sub.i to obtain each bit of b.sub.iA; solving a Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)", where s.sub.0 is the least significant bit (LSB) of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is the bit value of the number B, and a.sub.0 is the LSB of the number A, to obtain a bit value q.sub.i; multiplying the modulus M by the bit value q.sub.i to obtain each bit of q.sub.iM; performing `n` additions on the carry C, the sum S, the b.sub.iA, and the q.sub.iM to obtain interim values for each bit of the sum S and the carry C in a carry save adder structure, in response to a carry propagation adder signal; and summing the interim values to obtain the final results of the sum S and the carry C in a carry propagation adder structure, in response to the carry propagation adder signal.

8. The method of claim 7, wherein the number A is smaller than the modulus M.

9. The method of claim 7, wherein the number B is smaller than the modulus M.

10. The method of claim 7, wherein the modulus M is an odd number.

11. The method of claim 7, wherein the interim values and final results of the sum S and the interim values and final results of the carry C are calculated by: summing a bit value b.sub.ia.sub.i of the b.sub.iA, a bit value s.sub.i+1 of the sum S, and a bit value c.sub.i of the carry C to obtain a carry cA.sub.i and a sum sA.sub.i; selectively outputting either a bit value q.sub.im.sub.i of the q.sub.iM, a carry cA.sub.i-1, and the sum sA.sub.i or the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and a bit value c.sub.i-1 of the carry C, in response to the carry propagation adder signal; performing `n` additions on the bit value q.sub.im.sub.i of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i to calculate interim bit values s.sub.i of the sum S and c.sub.i of the carry C, when the carry propagation adder signal is in an inactive state; and summing the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and the bit value c.sub.i-1 of the carry C to obtain final results of the sum S and the carry C, when the carry propagation adder signal is in an active state.

12. The method of claim 7, wherein the carry save adder structure is a 4-input 2-output structure, in which the interim values of the sum S and the carry C are obtained from the b.sub.iA and the q.sub.iM when the carry propagation adder signal is in an inactive state.

13. The method of claim 7, wherein the carry propagation adder structure is a 3-input 2-output structure, in which the final results of the sum S and the carry C are obtained from the interim values of the sum S and the carry C when the carry propagation adder signal is in an active state.

14. The method of claim 11, wherein the LSB of the carry cA.sub.i-1 and the LSB of the carry c.sub.i-1 are in a first logic state.

15. The method of claim 11, wherein the most significant bit (MSB) of the sum S is equal to the bit value cA.sub.n-1 at a clock pulse before the carry propagation adder signal is activated.

16. A Montgomery modular multiplier of a public-key cryptographic system, comprising: a multiplicand register, storing a bit value a.sub.i of a number A; a modulus register, storing a bit value m.sub.i of a modulus M; a multiplier register, storing a bit value b.sub.i of a number B; a b.sub.iA calculation logic circuit multiplying the number A by a bit value b.sub.i to obtain each bit of b.sub.iA; a q.sub.i calculation logic circuit solving a Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)", where s.sub.0 is the least significant bit (LSB) of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is the bit value of the number B, and a.sub.0 is the LSB of the number A, to obtain a bit value q.sub.i (where `i` denotes an integer in the range of 0 to n-1); a q.sub.iM calculation logic circuit multiplying the modulus M by the bit value q.sub.i to obtain each bit of q.sub.iM; and a t-s compressor, wherein t>3 and s>1, performing `n` additions on the carry C, the sum S, the b.sub.iA, and the q.sub.iM to obtain interim values for each bit of the sum S and the carry C in a carry save adder structure and summing the interim values to obtain final results of the sum S and the carry C in a carry propagation adder structure, in response to a carry propagation adder signal.

17. A system embodying a Montgomery modular multiplier of a public-key cryptographic system, the system comprising: an A-register storing a bit value a.sub.i (where `i` denotes an integer in the range of 0 to n-1) of an n-bit number A; a B-register storing a bit value b.sub.i of an n-bit number B; an M-register storing a bit value m.sub.i of an n-bit modulus M; a b.sub.iA calculation logic circuit multiplying the number A by the bit value b.sub.i to obtain b.sub.iA; a q.sub.i calculation logic circuit solving a Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)", where s.sub.0 is the least significant bit (LSB) of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is the bit value of the number B, and a.sub.0 is the LSB of the number A, to obtain a bit value q.sub.i; a q.sub.iM calculation logic circuit multiplying the modulus M by the bit value q.sub.i to obtain q.sub.iM; a compressor performing `n` additions on the carry C, the sum S, the b.sub.iA, and the q.sub.iM to obtain interim values and summing the interim values to obtain a result using a carry propagation adder in response to a carry propagation adder signal; an S-register in which a bit value s.sub.i of the sum S is updated and stored; and a C-register in which a bit value c.sub.i of the carry C is updated and stored; wherein given that the number A is smaller than the modulus M, the number B is smaller than the modulus M, the modulus M is odd, and R.sup.-1 is an inverse number of R modular-multiplied for "mod M", the system calculates a value congruent to "ABR.sub.-1" (mod M).

18. The system of claim 17, wherein the value congruent to "ABR.sup.-1" (mod M) is used in the public-key cryptographic system.

19. The system of claim 17, wherein the value congruent to "ABR.sup.-1" (mod M) is used in the system as a cryptographic key.
Description


BACKGROUND OF THE INVENTION

This application claims priority from Korean Patent Application No. 10-2002-87243, filed on Dec. 30, 2002, the entire contents of which are hereby incorporated by reference.

1. Field of the Invention

The present invention relates to a public-key cryptographic system, and more particularly, to a Montgomery modular multiplier.

2. Description of the Related Art

Cryptographic systems are used in communications achieved through smart cards, IC cards, and the like and have developed from secret-key cryptographic systems to public-key cryptographic systems. In a secret-key cryptographic system, two users must share an identical secret key in order to communicate with each other. Hence, key management and digital signing, which are based on a secret-key cryptographic system, are difficult. On the other hand, in a public-key cryptographic system, a secret key is secured by each user and any user who knows the public key of another party can communicate with that party, facilitating a process of convenient secret communications.

Examples of a public-key cryptographic system include Ron Rivest, Adi Schamir, and Len Adleman (RSA), Diffie-Hellman, a Digital Signature Algorithm (DSA), an Elliptic Curve Cryptosystem (ECC), and the like. Since a public-key cryptographic system performs modular multiplication to achieve a modular exponentiation operation, the system must adopt a modular multiplier.

A Montgomery modular multiplication algorithm, known as the most effective modular multiplication algorithm, can be expressed in pseudo code, as in Algorithm 1 below:

TABLE-US-00001 [Algorithm 1] Stimulus: A = (a.sub.n-1 a.sub.n-2 ... a.sub.1 a.sub.0).sub.2, and A < M B = (b.sub.n-1 b.sub.n-2 ... b.sub.1 b.sub.0).sub.2, and B < M M = (m.sub.n-1 m.sub.n-2 ... m.sub.1 m.sub.0).sub.2, and M is odd. Response: S = (S.sub.n S.sub.n-1 S.sub.n-2 ... S.sub.1 S.sub.0).sub.2 .ident. ABR.sup.-1 (mod M) Method: S: = 0 For i: = 0 to n-1 do qi: = s.sub.0 XOR (b.sub.i AND a.sub.0) S: = (S + b.sub.iA + q.sub.iM)/2 endfor

That is, in Algorithm 1, a final S (sum) (in Algorithm 1, carry is expressed as S.sub.n) that is calculated in a "for" loop is congruent to ABR.sup.-1 (mod M). Here, "R.sup.-1" is an inverse number of R modular-multiplied for "mod M". When R is equal to 2.sup.n, "(R*R.sup.-1) mod M" is equal to 1.

The Montgomery modular multiplication algorithm performs only multiplications on given numbers A, B, and M, without using divisions, and is faster than other algorithms. Hence, the Montgomery modular multiplication algorithm is widely used in implementing public-key cryptographic systems, which require a modular exponentiation operation.

Conventional Montgomery modular multipliers based on a Montgomery modular multiplication algorithm are classified as a parallel multiplier, which uses a carry propagation adder as a basic accumulator, or a serial multiplier, which uses a 3-2 (3-input to 2-output) compressor (i.e., a carry save adder made up of full adders) as a basic accumulator.

A carry propagation adder requires a carry-propagation delay time on a clock-by-clock basis to propagate a carry upon every addition of multiple bits. Since the carry propagation adder cannot increase the carry-propagation delay time without limit, multiplication of numbers represented by 32 bits or more is difficult. In other words, the carry propagation adder has a larger power-delay product than in a carry save adder. The multiplication of a 32-bit number by a 32-bit number must be repeated in order to perform a multiplication of numbers represented by 32 bits or more.

Since a serial multiplier that uses a carry save adder uses a 3-2 compressor (i.e., full adders), there are no problems of a propagation delay time, but the serial multiplier with the carry save adder is not easily implemented in hardware. The 3-2 compressor removes the propagation delay time by performing all additions on each bit at as many clock pulses as the number of bits. In other words, in a Montgomery modular multiplication algorithm such as Algorithm 1, the four words carry, S, b.sub.iA, and q.sub.iM must be summed. However, the 3-2 compressor can only receive 3 words, and accordingly, a problem arises in that the two main input words b.sub.iA and q.sub.iM need to be summed in advance. Also, when the 3-2 compressor performs addition, it must receive carry, S, and one of the four words (namely, carry, S, b.sub.iA, and q.sub.iM) and accordingly, requires a 4:1 multiplexer to select one of the four words.

SUMMARY OF THE INVENTION

Embodiments of the present invention provide a Montgomery modular multiplier that removes and/or reduces propagation delay time using a carry save adder (CSA) structure, in which all additions required for each bit are performed on four words (e.g., carry, S, b.sub.iA, and q.sub.iM), and additions in a carry propagation adder (CPA) structure are performed at an output stage, thereby achieving a fast operation speed and a small power-delay product.

Embodiments of the present invention also provide a Montgomery modular multiplication method in which a propagation delay time is removed and/or reduced using a carry save adder (CSA) structure, which performs all additions required for each bit on four words (e.g., carry, S, b.sub.iA, and q.sub.iM), and performs additions in a carry propagation adder (CPA) structure at an output stage, thereby achieving fast operation speed and a small power-delay product.

Another exemplary embodiment of the present invention, provides a Montgomery modular multiplier which calculates a value congruent to "ABR.sup.-1" (mod M), where A and B are input n-bit numbers, R.sup.-1 is an inverse number of R modular-multiplied for "mod M", and M is a modulus. The Montgomery modular multiplier includes an A-register, a B-register, an M-register, a b.sub.iA calculation logic circuit, a q.sub.i calculation logic circuit, a q.sub.iM calculation logic circuit, a 4-2 compressor, an S-register, and a C-register.

The A-register stores a bit value a.sub.i (where i is an integer ranging from 0 to n-1) of the number A, which is smaller than the modulus M.

The B-register stores a bit value b.sub.i (where i is an integer ranging from 0 to n-1) of the number B, which is smaller than the modulus M.

The M-register stores a bit value m.sub.i (where i is an integer ranging from 0 to n-1) of the modulus M, which is an odd number.

The b.sub.iA calculation logic circuit multiplies the number A by a bit value b.sub.i to obtain each bit of b.sub.iA.

The q.sub.i calculation logic circuit solves a Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)", where s.sub.0 is the least significant bit (LSB) of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is the bit value of the number B, and a.sub.0 is the LSB of the number A, to obtain a bit value q.sub.i (where i denotes an integer in the range of 0 to n*1).

The q.sub.iM calculation logic circuit multiplies the modulus M by the bit value q.sub.i to obtain each bit of q.sub.iM.

In an exemplary embodiment of the present invention the 4-2 compressor first performs n additions on the carry C, the sum S, the b.sub.iA, and the q.sub.iM to obtain interim values for each bit of the sum S and the carry C in a carry save adder structure and then sums the interim values to obtain final results of the S and C in a carry propagation adder structure, in response to a carry propagation adder signal.

The S-register updates a bit value s.sub.i (where i is an integer ranging from 0 to n-1) of the sum S and stores the updated bit value.

The C-register updates a bit value s.sub.i (where i is an integer ranging from 0 to n-1) of the carry C and stores the updated bit value.

In an exemplary embodiment of the present invention the 4-2 compressor includes a first full adder unit, a MUX unit, and a second full adder unit. The first full adder unit sums a bit value b.sub.ia.sub.i of the b.sub.iA, a bit value s.sub.i+1 of the sum S, and the bit value c.sub.i of the carry C to obtain a carry cA.sub.i and a sum sA.sub.i.

In an exemplary embodiment of the present invention the MUX unit selectively outputs either a bit value q.sub.iM.sub.i of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i or the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and the bit value c.sub.i-1 of the C, in response to the carry propagation adder signal.

The second full adder unit performs n additions on the bit value q.sub.im.sub.i of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i to calculate interim bit values s.sub.i and c.sub.i of the sum S and the carry C, when the carry propagation adder signal is in an inactive state, and then sums the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and the bit value c.sub.i-1 of the carry C to obtain final results of the sum S and carry C, when the carry propagation adder signal is in an active state.

In an exemplary embodiment of the present invention the carry save adder structure is a 4-input 2-output structure, in which the first and second full adder units operate when the carry propagation adder signal is in an inactive state.

In an exemplary embodiment of the present invention the carry propagation adder structure is a 3-input 2-output structure, in which only the second full adder unit operates when the carry propagation adder signal is in an active state.

The LSB of the carry cA.sub.i-1, and the LSB of the carry c.sub.i-1 are in a first logic state.

The MSB of the sum s.sub.i+1 is equal to the carry cA.sub.n-1 at a clock pulse before the carry propagation adder signal is activated.

Another exemplary embodiment of the present invention, provides a method of performing a Montgomery modular multiplication in a Montgomery modular multiplier, which includes registers for storing bit values a.sub.i, b.sub.i, m.sub.i, c.sub.i, and s.sub.i (where i denotes an integer in the range of 0 to n*1) of a word A, a word B, a modulus M, a carry C, and a sum S, respectively, and calculates a value congruent to "ABR.sup.-1" (mod M), where A and B are input n-bit numbers, R.sup.-1 is an inverse number of R modular-multiplied for "mod M", and M is a modulus. In the method, the number A, the number B, and the modulus M are received. The number A is multiplied by a bit value b.sub.i to obtain each bit of b.sub.iA. A Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)", where s.sub.0 is the least significant bit (LSB) of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is the bit value of the number B, and a.sub.0 is the LSB of the number A, is obtained to obtain a bit value q.sub.i (where i denotes an integer in the range of 0 to n*1). The number M is multiplied by the bit value q.sub.i to obtain each bit of q.sub.iM. Then, n additions are performed on the carry C, the sum S, the b.sub.iA, and the q.sub.iM to obtain interim values for each bit of the sum S and the carry C in a carry save adder structure, in response to a carry propagation adder signal. The interim values are summed to obtain the final results of the sum S and carry C in a carry propagation adder structure, in response to the carry propagation adder signal.

In an exemplary embodiment the number A is smaller than the modulus M.

In an exemplary embodiment the number B is smaller than the modulus M.

In an exemplary embodiment the modulus M is an odd number.

In an exemplary embodiment the interim and final values of the sum S and the interim and final values of the carry C are calculated by: summing a bit value b.sub.iA.sub.i of the b.sub.iA, a bit value s.sub.i+1 of the sum S, and the bit value c.sub.i of the carry C to obtain a carry cA.sub.i and a sum sA.sub.i; selectively outputting either a bit value q.sub.iM.sub.i of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i or the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and a bit value c.sub.i-1 of the carry C, in response to the carry propagation adder signal; performing n additions on the bit value q.sub.im.sub.i of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i to calculate interim bit values s.sub.i and c.sub.i of the sum S and the carry C, when the carry propagation adder signal is in an inactive state; and summing the bit value s.sub.i+1 of the sum S, the bit value c.sub.i of the carry C, and the bit value c.sub.i-1 of the carry C to obtain final results of the sum S and carry C, when the carry propagation adder signal is in an active state.

In an exemplary embodiment the carry save adder structure is a 4-input 2-output structure, in which the interim values of the sum S and the carry C are obtained from the b.sub.iA and q.sub.iM when the carry propagation adder signal is in an inactive state. However the carry save adder can have a plurality of inputs and output structures.

The carry propagation adder structure is a 3-input 2-output structure, in which the final values of the sum S and the carry C are obtained from the interim values of the sum S and the carry C when the carry propagation adder signal is in an active state. However the carry propagation adder can have a plurality of inputs and output structures.

The LSB of the carry cA.sub.i-1 and the LSB of the carry c.sub.i-1 are in a first logic state.

The MSB value of the sum s.sub.i+1 is equal to the bit value cA.sub.n-1 at a clock before the carry propagation adder signal is activated.

BRIEF DESCRIPTION OF THE DRAWINGS

The features of embodiments of the present invention will become more apparent from the detailed description and accompanying drawings, wherein:

FIG. 1 is a block diagram of a Montgomery modular multiplier according to an embodiment of the present invention;

FIG. 2 is a block diagram of the 4-2 compressor of FIG. 1 and its peripheral circuits in greater detail in an exemplary embodiment of the present invention;

FIG. 3 is a flowchart for illustrating the operation of the Montgomery modular multiplier according to an embodiment of the present invention in an exemplary embodiment of the present invention;

FIG. 4 is a block diagram for explaining the operation of a carry save adder in the Montgomery modular multiplier according to an embodiment of the present invention in an exemplary embodiment of the present invention; and

FIG. 5 is a block diagram for explaining the operation of a carry propagation adder in the Montgomery modular multiplier according to an exemplary embodiment of the present invention.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS OF THE INVENTION

The following description of the exemplary embodiment(s) is merely exemplary in nature and is in no way intended to limit the invention, its application, or uses.

Embodiments of the present invention will now be described more fully with reference to the accompanying drawings, in which exemplary embodiments of the invention are shown. The embodiments of the present invention are provided in order to more completely explain the present invention to anyone skilled in the art.

Referring to FIG. 1, a Montgomery modular multiplier according to an embodiment of the present invention calculates a value congruent to "ABR.sup.-1" (mod M). Here, A and B are input n-bit numbers, and R.sup.-1 is the inverse number of R modular-multiplied for "mod M." To accomplish this, the Montgomery modular multiplier includes an A-register 110, a B-register 120, an M-register 130, a b.sub.iA calculation logic circuit 140, a q.sub.i calculation logic circuit 150, a q.sub.iM calculation logic circuit 160, a 4-2 compressor 170, an S-register 180, and a C-register 190.

The A-register 110 stores the bit value a.sub.i (where i denotes an integer in the range of 0 to n*1) of the number A, which is smaller than the modulus M. The number A denotes a word representing an input n-bit number, and a.sub.i is the value of each of the bits a.sub.0 to a.sub.n-1 that constitute the number A.

The B-register 120 stores the bit value b.sub.i (where i denotes an integer in the range of 0 to n*1) of the number B, which is smaller than the modulus M. The number B denotes a word representing an input n-bit number, and b.sub.i is the value of each of the bits b.sub.0 to b.sub.n-1 that constitute the number B.

The M-register 130 stores the bit value m.sub.i (where i denotes an integer in the range of 0 to n*1) of the modulus M, which is an odd number. The modulus M denotes a word representing an input n-bit number, and m.sub.i is the value of each of the bits m.sub.0 to m.sub.n-1 that constitute the modulus M.

The b.sub.iA calculation logic circuit 140 calculates each bit of b.sub.iA by multiplying the number A by the bit value b.sub.i. Consequently, the values of the n bits b.sub.ia.sub.0 to b.sub.ia.sub.n-1 are output. At this time, since i varies from 0 to n*1 in the "for" loop included in Algorithm 1, the value b.sub.i is obtained from the position of the least significant bit (LSB) of the B-register 120, which is right shifted by one bit every time an algorithm in the "for" loop is performed, as shown in FIG. 1.

The q.sub.i calculation logic circuit 150 calculates the value q.sub.i (where i denotes an integer in the range of 0 to n*1) used in the "for" loop of Algorithm 1 by solving the Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)". Here, s.sub.0 is the LSB of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is a bit value of the number B, and a.sub.0 is the LSB of the number A. At this time, since i varies from 0 to n*1 in the "for" loop included in Algorithm 1, a value b.sub.i is obtained from the position of the LSB of the B-register 120, which is right shifted by one bit every time an algorithm in the "for" loop is performed, as shown in FIG. 1.

The q.sub.iM calculation logic circuit 160 calculates each bit of q.sub.iM by multiplying the modulus M by the bit value q.sub.i. Consequently, the values of the n bits q.sub.im.sub.0 to q.sub.im.sub.n-1 are output. At this time, since i varies from 0 to n*1 in the "for" loop included in Algorithm 1, i increases by one every time an algorithm in the "for" loop is performed, as shown in FIG. 1. Consequently, the values of the n bits q.sub.0 to q.sub.n-1 are output.

In an exemplary embodiment of the present invention, in response to a carry propagation adder signal ONCPA, the 4-2 compressor 170 performs n additions on the C, the S, the b.sub.iA, and the q.sub.iM to obtain interim calculated values for each bit of the S and the C, in a carry save adder structure. Then, the 4-2 compressor 170 sums the interim calculated values to obtain the final results of the S and C, in a carry propagation adder structure. When the carry propagation adder signal ONCPA is in an inactive state, that is, is in a first logic state ("0"), first and second full adders operate at the same time in the carry save adder structure, thus forming a 4-input 2-output structure. When the carry propagation adder signal ONCPA is in an active state, that is, is in a second logic state ("1"), only the second full adders operate in the carry propagation adder structure, thus forming a 3-input 2-output structure.

The S-register 180 updates and stores the bit value s.sub.i of the S (where i denotes an integer in the range of 0 to n*1). In other words, S denotes a word representing an n-bit number that is output as a sum, and s.sub.i denotes the value of each of the bits s.sub.0 to s.sub.n-1 that constitute the word S. The word S is updated every time an addition is performed in the carry save adder or carry propagation adder included in the 4-2 compressor 170.

The C-register 190 updates and stores the bit value c.sub.i of the C (where i denotes an integer in the range of 0 to n*1). In other words, C denotes a word representing an n-bit number that is output as a carry, and c.sub.i denotes the value of each of the bits c.sub.0 to C.sub.n-1 that constitute the word C. The word C is updated every time an addition is performed in the carry save adder or carry propagation adder included in the 4-2 compressor 170.

FIG. 2 is a block diagram of the 4-2 compressor 170 of FIG. 1 and its peripheral circuits in greater detail. Referring to FIG. 2, the 4-2 compressor 170 includes first and second full adder units 171 and 175 and a MUX unit 173, which form an adder with a 4-input 2-output structure.

Each of the first full adders of the first full adder unit 171 sums its corresponding bit value of the b.sub.iA, the bit value s.sub.i+1 of the S, and the bit value c.sub.i of the C to obtain a carry cA.sub.i and a sum sA.sub.i. The corresponding bit value of the b.sub.iA is b.sub.ia.sub.i.

Each of the multiplexers in MUX unit 173 selectively output either its corresponding bit value of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i or the bit value s.sub.i+1 of the S, the bit value c.sub.i of the C, and the bit value c.sub.i-1 of the C, in response to the carry propagation adder signal ONCPA. The corresponding bit value of the q.sub.iM is q.sub.im.sub.i.

When the carry propagation adder signal ONCPA is in an inactive state, that is, in a first logic state "0", each of the second full adders of the second full adder unit 175 performs n additions on the bit value q.sub.im.sub.i of the q.sub.iM, the carry cA.sub.i-1, and the sum sA.sub.i to calculate interim bit values s.sub.i and c.sub.i of the S and the C. When the carry propagation adder signal ONCPA is in an active state, that is, is in a second logic state "1", each of the second full adders of the second full adder unit 175 sums the bit value s.sub.i+1 of the S, the bit value c.sub.i of the C, and the bit value c.sub.i-1 of the C to obtain the final results of the S and C.

The carry cA.sub.i-1 denotes the carry of a bit that is one bit lower in position than the bit of the carry cA.sub.i, which is output from the first full adder unit 171. The bit value s.sub.i+1 of the S denotes the sum of a bit that is one bit higher in position than the interim bit value s.sub.i, which output from the second full adder unit 175. The bit value c.sub.i-1 of the C denotes the carry of a bit that is one bit lower in position than the bit value c.sub.i, which is output from the second full adder unit 175.

As shown in FIG. 2, the LSBs of the carry cA.sub.i-1 and the carry c.sub.i-1 are in the first logic state, and the most significant bit (MSB) of the sum s.sub.i+1 is equal to the bit value cA.sub.n-1 at a clock pulse before the carry propagation adder signal ONCPA is activated. The bit value cA.sub.n-1 is the MSB of the carry cA.sub.i that is output from the first full adder unit 171.

The operation of the Montgomery modular multiplier according to an embodiment of the present invention of FIGS. 1 and 2 will now be described in detail with reference to FIG. 3.

The Montgomery modular multiplier according to an embodiment of the present invention includes registers, which store bit values a.sub.i, b.sub.i, m.sub.i, c.sub.i, and s.sub.i (where i denotes an integer in the range of 0 to n*1) of a word A, a word B, a modulus M, a carry C, and a sum S, respectively, and calculates a value congruent to "ABR.sup.-1" (mod M). Here, A and B are input n-bit numbers, and R.sup.-1 is an inverse number of R modular-multiplied for "mod A".

In the operation of the Montgomery modular multiplier, first, the numbers A and B and the modulus M are received in step S311 . In step S313, registers which store a parameter i and the sum S are reset to be 0 and initialized. The numbers A and B are smaller than the modulus M, and M is an odd number.

Thereafter, in step S315 to S319, the q.sub.i calculation logic circuit 150 of the Montgomery modular multiplier obtains a value q.sub.i (where i denotes an integer in the range of 0 to n*1) used in the "or" loop of Algorithm 1, by solving the Boolean logic equation "s.sub.0 XOR c.sub.0 XOR (b.sub.i AND a.sub.0)". Here, s.sub.0 is the LSB of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is a bit value of the number B, and a.sub.0 is the LSB of the number A. Also, in steps S315 to S319, the b.sub.iA calculation logic circuit 140 multiplies the number A by the bit value b.sub.i to obtain each bit of b.sub.iA, and the q.sub.iM calculation logic circuit 160 calculates each bit of q.sub.iM by multiplying the modulus M by the bit value q.sub.i. Also, in steps S315 to S319, the 4-2 compressor 170 performs n additions on the C, the S, the b.sub.iA, and the q.sub.iM to obtain interim values for each bit of the S and the C, in a carry save adder structure, which is formed when the carry propagation adder signal ONCPA is in an inactive state, that is, is in a first logic state ("0").

FIG. 4 is a block diagram for explaining the operation of a carry save adder in the Montgomery modular multiplier according to an embodiment of the present invention. Referring to FIGS. 3 and 4, in steps S315 to S317, each first full adder of the first full adder unit 171 sums its corresponding bit value of the b.sub.iA, the bit value s.sub.i+1 of the S, and the bit value c.sub.i of the C to obtain a carry cA.sub.i and a sum sA.sub.i. Each second full adder of the second full adder unit 175 performs n additions on its corresponding bit value of the q.sub.iM, the sum sA.sub.i, and the carry cA.sub.i-1, which are selected by the MUX unit 173, thereby calculating the interim values s.sub.i and c.sub.i of the sum S and the carry C.

As shown in FIG. 2, the bit output of the carry C is input to a first full adder corresponding to the bit, the bit output of the sum S is input to a first full adder corresponding to a bit that is one bit lower in position than the output bit, and a 1/2 division operation included in the "for" loop of Algorithm 1 is performed, in step S315. The LSB of the carry cA.sub.i-1 is in the first logic state "0". In other words, when the carry propagation adder signal ONCPA is in an inactive state, the 4-2 compressor 170 produces the carry save adder structure, which is a 4-input 2-output structure, and calculates the interim values of the S and C using the b.sub.iA, and the q.sub.iM.

After the interim values of the S and C are calculated for each bit, the carry propagation adder signal ONCPA is activated and enters in the second logic state "1", in step S321. In steps S323 to S327, the 4-2 compressor 170 sums the calculated interim values of the S and C to obtain the final values of the S and C, in the carry propagation adder structure.

FIG. 5 is a block diagram for explaining the operation of the carry propagation adder in the Montgomery modular multiplier according to an embodiment of the present invention. Referring to FIGS. 3 and 5, in step S323, the second full adder unit 175 sums the bit value s.sub.i+1 of the S, the bit value c.sub.i of the C, and the bit value c.sub.i-1 of the C, which are selected by the MUX unit 173, to calculate the final results of the S and C. As shown in FIG. 2, the MSB of the sum s.sub.i+1 is equal to the bit value cA.sub.n-1 at a clock before the carry propagation adder signal ONCPA is activated. The LSB of the carry c.sub.i-1 is in the first logic state "0".

In step S325, the bit value s.sub.i+1 of the S, the bit value c.sub.i of the C, and the bit value c.sub.i-1 of the C are summed for a period of time, (a propagation delay time for one bit)*(n bits), in the carry propagation adder structure. The propagation delay time for one bit consists of the propagation delay time of the second full adder unit 175 and the delay time of each of the 2:1 Muxes of the MUX unit 173. In other words, when the carry propagation adder signal ONCPA is in an active state, a 3-input 2-output carry propagation adder structure is established, and the interim values of the S and C are summed in the 3-input 2-output structure to calculate the final values of the S and C.

As described above, the Montgomery modular multiplier according to an embodiment of the present invention includes registers, which store bit values a.sub.i, b.sub.i, m.sub.i, c.sub.i, and s.sub.i (where i denotes an integer in the range of 0 to n*1) of a word A, a word B, a modulus M, a carry C, and a sum S, respectively, and calculates a value congruent to "ABR.sup.-1" (mod M). Here, A and B are input n-bit numbers, and R.sup.-1 is an inverse number of R modular-multiplied for "mod A". The b.sub.iA calculation logic circuit 140 calculates each bit of b.sub.iA by multiplying the number A by the bit value b.sub.i. At this time, the q.sub.i calculation logic circuit 150 calculates a value q.sub.i (where i denotes an integer in the range of 0 to n*1) by solving a Boolean logic equation "s.sub.i XOR c.sub.0 XOR (b.sub.0 AND a.sub.0)". Here, s.sub.0 is the LSB of a sum S, c.sub.0 is the LSB of a carry C, b.sub.i is a bit value of the number B, and a.sub.0 is the LSB of the number A. The q.sub.iM calculation logic circuit 160 calculates each bit of q.sub.iM by multiplying the modulus M by the bit value q.sub.i. In response to the carry propagation adder signal ONCPA, the 4-2 compressor 170 performs n additions on the C, the S, the b.sub.iA, and the q.sub.iM to obtain interim calculated values for each bit of the S and the C, in a carry save adder structure. Then, the 4-2 compressor 170 sums the interim calculated values to obtain the final results of the S and C in a carry propagation adder structure. The final results of the S and C are output to the S- and C-registers 180 and 190, respectively.

As described above, the Montgomery modular multiplier according to an embodiment of the present invention removes propagation delay time by using a carry save adder (CSA) structure, in which all additions required for each bit are first performed on four words (e.g., C, S, b.sub.iA, and q.sub.iM), and then performs additions in a carry propagation adder (CPA) structure only at a final output stage. Hence, fast operation speed and a small power-delay product are achieved, thus improving the performance of a Montgomery modular multiplication algorithm.

Although embodiments of the present invention have been described with reference to various figures, the details of the figures should not be interpreted to limit the scope of the embodiments of the present invention. For example, FIG. 1 illustrates the use of a 4-2 compressor. The scope of the present invention is not limited to a 4-2 compressor, various embodiments can use a plurality of input and output compressors. Likewise the scope of the embodiments of the present invention are not limited to three registers, A, M, and B. Other registers may be incorporated in combination with a compressor having a plurality of inputs and outputs. Further, the radix of the examples of the various embodiments are not limited to a particular radix value.

While exemplary embodiments of the present invention have been particularly shown and described, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present invention as defined by the following claims.

*


Free Web Sudoku Puzzles.
Solve with your browser.
      1       2  
9       8        
3 4           5 6
    9 6 3        
2   5       1   7
        1 2 6    
4 1           7 2
        7       8
  9       5      
What is it?



Add Your Site · Terms Of Service · Privacy Policy


DISCLAIMER
Linkgrinder is a free service that searches the Internet and indexes all files found so that you may search quickly and easily for shared files. These files are created and made available individually by users whose identity we are not aware of and who we have no control over. In essence we function like a search engine tool; these files ARE NOT STORED OR SERVED BY OUR NETWORK. We are not responsible for any materials obtained by using our service. We do not monitor any of the contents of these files. These files may contain viruses, illegal materials, materials inappropriate for minors, offensive files and the like. BY USING OUR SERVICE, YOU ASSUME FULL RESPONSIBILITY FOR DOWNLOADING THESE MATERIALS AND WILL INDEMNIFY US FOR ANY DAMAGES THAT MAY BE INCURRED.

For More Specific Information VIEW OUR TERMS OF SERVICE.

Thank you and Enjoy!