A Black Hen Lays White Eggs: Bipartite Multiplier out of Montgomery One for On-Line RSA Verification

The eighth Smart Card Research and Advanced Application Conference (CARDIS2008) took place in Egham, Survey, UK, over four days from September 8th to 11th, 2008. The scope of this high-level conference covers information security related to smart cards. This year, there were only 21 papers, which were accepted out of 51 submissions in a competitive review process.

Hitachi, Ltd. Systems Development Laboratory introduced a presentation entitled "A Black Hen Lays White Eggs: Bipartite Multiplier Out of Montgomery One for On-Line RSA Verification" concerning techniques to double the bit length of cryptographic primitive computations. Thanks to our technique, 2048-bit RSA can be performed over 40% faster than with other techniques on a current 1024-bit RSA crypto-coprocessor.

RSA invented in1978 has been the de-facto standard cryptosystem over the world, and is critical for user/device authentications and secure channels: 1024-bit RSA is commonly used nowadays. On the one hand, NIST, an American institute which has a great influence on the cryptographic community, recommends 2048-bit RSA from 2010 in view of security. On the other hand, lightweight devices such as mobile phones and smart cards are generally equipped with a special hardware called crypto-coprocessor designed for the mainstream 1024-bit RSA (Fig. 1).

In CARDIS2008, we introduce a new technique to compute 2048-bit RSA using 1024-bit coprocessors but removing the heavy precomputation. Unlike the other previous techniques, our technique realizes a virtual 2048-bit coprocessor implementing the latest bipartite multiplication algorithm based on a 1024-bit Montgomery multiplier. Thanks to our technique, light-weight devices such as smart cards can execute 2048-bit RSA required by an authentication over 40% faster than with other techniques (Fig. 4).

(By Masayuki Yoshino, Systems Development Laboratory)