The Montgomery Inverse and Its Applications

@article{Kaliski1995TheMI,
  title={The Montgomery Inverse and Its Applications},
  author={Burton S. Kaliski},
  journal={IEEE Trans. Computers},
  year={1995},
  volume={44},
  pages={1064-1065}
}
  • B. Kaliski
  • Published 1 August 1995
  • Mathematics
  • IEEE Trans. Computers
The Montgomery inverse of b module a is b/sup -1/2/sup n/ mod a, where n is the number of bits in a. The right-shifting binary algorithm for modular inversion is shown naturally to compute the new inverse in fewer operations than the ordinary modular inverse. The new inverse facilitates recent work by Koc on modular exponentiation and has other applications in cryptography. > 
View via Publisher
doi.ieeecomputersociety.org
186 Citations
Highly Influential Citations
16
Background Citations
34
Methods Citations
78
Results Citations
1

Figures from this paper

186 Citations

New Algorithm for Classical Modular Inverse

The left-shift binary algorithm is shown to naturally calculate the classical modular inverse in fewer operations than the algorithm derived from the Montgomery inverse.

The Montgomery Modular Inverse-Revisited

A new definition of the Montgomery inverse is given, and efficient algorithms for computing the classical modular inverse, the Kaliski-Montgomery inverse, and the new Montgomery inverse are introduced.

Modified Montgomery Modular Inversion with Reduced Number of Multiplications

In this paper, a modified algorithm to compute Montgomery modular Inverse that requires less number of Montgomery modular multiplications compared to the best known methods in literature is proposed.

Efficient unified Montgomery inversion with multibit shifting

The authors demonstrate that affine co-ordinate implementation provides a comparable speed to that of projective co-ordinates with careful hardware realisation of existing algorithms for calculating inverses in both fields without utilising special moduli or irreducible polynomials.

Applications of the Montgomery exponent

  • S. GueronO. Zuk
  • Computer Science, Mathematics
    International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II
  • 2005
This work suggests a new modular exponentiation algorithm that uses one Montgomery multiplication less than the number required with the standard method, and illustrates the potential advantage in performance and code size when known cryptographic applications are modified in a way that MEXP replaces the standard modular exponentation.

Arithmetic Unit for Computations in GF(p) with the Left-Shifting Multiplicative Inverse Algorithm

The hardware architecture of an arithmetic unit intended for computing basic operations over a Galois field GF(p) is presented, and the promising left-shifting algorithm that is based on the extended Euclidean algorithm is used.

Modular Reduction without Pre-computation for Special Moduli

It is proved that there is no way to remove the pre-computation step in the Barret reduction by way of a contradiction of the derived moduli requirement, and this trick can be applied to currently existing cryptographic systems.

Hardware implementation of a novel inversion algorithm

  • M. NaseerE. Savaş
  • Computer Science, Mathematics
    2003 46th Midwest Symposium on Circuits and Systems
  • 2003
A hardware implementation of inversion algorithms for both binary extension and prime fields is presented, varying slightly from the Montgomery inverse algorithm.

New hardware algorithms and designs for montgomery modular inverse computation in galois fields gf(p) and gf(2n)

This work investigates the GF( p) inversion and presents several phases in the design of efficient hardware implementations to compute the Montgomery modular inverse, and proposes a scalable and unified architecture for a Montgomery inverse hardware that operates in both GF(p) and GF(2n) fields.

Another Look at Inversions over Binary Fields

New algorithms for one of the most common operations in public key cryptosystems: the inversion over binary Galois fields are offered, which are provably more economical-in terms of the average number of multiplications-than the popular Itoh-Tsujii algorithm.
...

References

SHOWING 1-10 OF 13 REFERENCES

High-radix and bit recoding techniques for modular exponentiation

  • Ç. Koç
  • Computer Science
    Int. J. Comput. Math.
  • 1991
It is shown that the high-radix methods with optimal choice of the radix provide significant reductions in the number of multiplications required for modular exponentiation, and bit recoding techniques similar to those used in binary multiplication algorithms can be used to further reduce the total number ofmultiplications.

Modular multiplication without trial division

A method for multiplying two integers modulo N while avoiding division by N, a representation of residue classes so as to speed modular multiplication without affecting the modular addition and subtraction algorithms.

A redundant binary Euclidean GCD algorithm

An efficient implementation of the Euclidean GCD (greatest common divisor) algorithm employing the redundant binary number system is described, which is competitive with floating point division in terms of the number of shift and add/subtract operations.

Optimized implementation of RSA cryptosystem

Fast implementations of RSA cryptography

The authors detail and analyze the critical techniques that may be combined in the design of fast hardware for RSA cryptography: chinese remainders, star chains, Hensel's odd division, carry-save representation, quotient pipelining, and asynchronous carry completion adders.

A Cryptographic Library for the Motorola DSP56000

A cryptographic library for the Motorola DSP56000 that provides hardware speed yet software flexibility, and an algorithm for modular multiplication that interleaves multiplication with Montgomery modular reduction to give a very fast implementation of RSA.

Fast decipherment algorithm for RSA public-key cryptosystem

A fast algorithm is presented for deciphering cryptograms involved in the public-key cryptosystem proposed by Rivest, Shamir and Adleman, based on the Chinese remainder theorem and on improved modular multiplication algorithms.

A public key cryptosystem and a signature scheme based on discrete logarithms

The invention pertains to a novel method of forming a flexible, tapered end on a thermoplastic molding strip that is flexible and virtually free of residual stress which may cause a strip to delaminate when applied to a desired substratum.

Systolic Modular Multiplication

A simple systolic array for achieving the effect of modular reduction, in linear time, is described. This circuit, in conjunction with Atrubin’s multiplier, performs modular multiplication in linear

The Art of Computer Programming

The arrangement of this invention provides a strong vibration free hold-down mechanism while avoiding a large pressure drop to the flow of coolant fluid.