Summary: The performance of public-key cryptosystems like the RSA encryption scheme or the Diffie-Hellman key agreement scheme is primarily determined by an efficient implementation of the modular arithmetic. This paper presents the basic concepts and design considerations of the RSA\(\gamma\) crypto chip, a high-speed hardware accelerator for long integer modular exponentiation. The major design goal with the RSA\(\gamma\) was the maximization of performance on several levels, including the implemented hardware algorithms, the multiplier architecture, and the VLSI circuit technique.
RSA\(\gamma\) uses a hardware-optimized variant of Barret’s modular reduction method to avoid the division in the modular multiplication. From an architectural viewpoint, a high degree of parallelism in the multiplier core is the most significant characteristic of the RSA\(\gamma\) crypto chip. The actual prototype contains a 1056*16 bit partial parallel multiplier which executes a 1024-bit modular multiplication in 227 clock cycles. Due to massive pipelining in the long integer unit, the RSA\(\gamma\) crypto chip reaches a decryption rate of 560 kbit/s for a 1024-bit exponent. The decryption rate increases to 2 Mbit/s if the Chinese Remainder Theorem is exploited.
For the entire collection see [Zbl 0953.00047].