Hardware Implementation of Montgomery's Modular Multiplication Algorithm
IEEE Transactions on Computers
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Distinguishing Exponent Digits by Observing Modular Subtractions
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Montgomery Exponentiation with no Final Subtractions: Improved Results
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Sliding Windows Succumbs to Big Mac Attack
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
MIST: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Montgomery in Practice: How to Do It More Efficiently in Hardware
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Hardware architectures for public key cryptography
Integration, the VLSI Journal
Low-Weight Polynomial Form Integers for Efficient Modular Multiplication
IEEE Transactions on Computers
Scalable hardware implementing high-radix Montgomery multiplication algorithm
Journal of Systems Architecture: the EUROMICRO Journal
Breaking the liardet-smart randomized exponentiation algorithm
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Simple backdoors for RSA key generation
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Longer randomly blinded RSA keys may be weaker than shorter ones
WISA'07 Proceedings of the 8th international conference on Information security applications
On the optimization of side-channel attacks by advanced stochastic methods
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Exact analysis of montgomery multiplication
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Software implementation of modular exponentiation, using advanced vector instructions architectures
WAIFI'12 Proceedings of the 4th international conference on Arithmetic of Finite Fields
Timing attack against protected RSA-CRT implementation used in PolarSSL
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
| Hi-index | 0.00 |
An optimal upper bound for the number of iterations and precise bounds for the output are established for the version of Montgomery Modular Multiplication from which conditional statements have been eliminated. The removal of such statements is done to avoid timing attacks on embedded cryptosystems but it can mean greater execution time. Unfortunately, this inefficiency is close to its maximal for standard RSA key lengths such as 512 or 1024 bits. Certain such keys are then potentially subject to attack using differential power analysis. These keys are identified, but they are rare and the danger is minimal. The improved bounds, however, lead to consequent savings in hardware.