Remarks on Quantum Modular Exponentiation and Some Experimental Demonstrations of Shor's Algorithm

An efficient quantum modular exponentiation method is indispensible for Shor's factoring algorithm. But we find that all descriptions presented by Shor, Nielsen and Chuang, Markov and Saeedi, et al., are flawed. We also remark that some experimental demonstrations of Shor's algorithm are misleading, because they violate the necessary condition that the selected number $q=2^s$, where $s$ is the number of qubits used in the first register, must satisfy $n^2 \leq q < 2n^2$, where $n$ is the large number to be factored.Comment: 12 pages,5 figures. The original version has 6 pages. It did not point out the reason that some researchers took for granted that quantum modlar exponentiation is in polynomial time. In the new version, we indicate the reason and analyze some experimental demonstrations of Shor's algorithm. Besides, the author Zhenfu Cao is added to the version for his contribution. arXiv admin note: text overlap with arXiv:1409.735

A method for computing Lucas sequences

AbstractMost of public-key cryptosystems rely on one-way functions, which can be used to encrypt and sign messages. Their encryption and signature operations are based on the computation of exponentiation. Recently, some public-key cryptosystems are proposed and based on Lucas functions, and the Lucas sequences are performed as S = V(d)modN. In this paper, we will transform the concept of addition chains for computing the exponentiation evaluations to the Lucas chains for computing the Lucas sequences. Theoretically, the shorter Lucas chain for d is generated, the less computation time for evaluating the value V(d) is required. Therefore, we proposed a heuristic algorithm for evaluating a shorter Lucas chain and then use it to compute the Lucas sequence with less modular multiplications

Comparison of Scalable Montgomery Modular Multiplication Implementations Embedded in Reconfigurable Hardware

International audienceThis paper presents a comparison of possible approaches for an efficient implementation of Multiple-word radix-2 Montgomery Modular Multiplication (MM) on modern Field Programmable Gate Arrays (FPGAs). The hardware implementation of MM coprocessor is fully scalable what means that it can be reused in order to generate long-precision results independently on the word length of the originally proposed coprocessor. The first of analyzed implementations uses a data path based on traditionally used redundant carry-save adders, the second one exploits, in scalable designs not yet applied, standard carry-propagate adders with fast carry chain logic. As a control unit and a platform for purely software implementation an embedded soft-core processor Altera NIOS is employed. All implementations use large embedded memory blocks available in recent FPGAs. Speed and logic requirements comparisons are performed on the optimized software and combined hardware-software designs in Altera FPGAs. The issues of targeting a design specifically for a FPGA are considered taking into account the underlying architecture imposed by the target FPGA technology. It is shown that the coprocessors based on carry-save adders and carry-propagate adders provide comparable results in constrained FPGA implementations but in case of carry-propagate logic, the solution requires less embedded memory and provides some additional implementation advantages presented in the paper

Efficient Unified Arithmetic for Hardware Cryptography

The basic arithmetic operations (i.e. addition, multiplication, and inversion) in finite fields, GF(q), where q = pk and p is a prime integer, have several applications in cryptography, such as RSA algorithm, Diffie-Hellman key exchange algorithm [1], the US federal Digital Signature Standard [2], elliptic curve cryptography [3, 4], and also recently identity based cryptography [5, 6]. Most popular finite fields that are heavily used in cryptographic applications due to elliptic curve based schemes are prime fields GF(p) and binary extension fields GF(2n). Recently, identity based cryptography based on pairing operations defined over elliptic curve points has stimulated a significant level of interest in the arithmetic of ternary extension fields, GF(3^n)

A versatile Montgomery multiplier architecture with characteristic three support

We present a novel unified core design which is extended to realize Montgomery multiplication in the fields GF(2n), GF(3m), and GF(p). Our unified design supports RSA and elliptic curve schemes, as well as the identity-based encryption which requires a pairing computation on an elliptic curve. The architecture is pipelined and is highly scalable. The unified core utilizes the redundant signed digit representation to reduce the critical path delay. While the carry-save representation used in classical unified architectures is only good for addition and multiplication operations, the redundant signed digit representation also facilitates efficient computation of comparison and subtraction operations besides addition and multiplication. Thus, there is no need for a transformation between the redundant and the non-redundant representations of field elements, which would be required in the classical unified architectures to realize the subtraction and comparison operations. We also quantify the benefits of the unified architectures in terms of area and critical path delay. We provide detailed implementation results. The metric shows that the new unified architecture provides an improvement over a hypothetical non-unified architecture of at least 24.88%, while the improvement over a classical unified architecture is at least 32.07%

Software and hardware implementation of the RSA public key cipher

Cryptographic systems and their use in communications are presented. The advantages obtained by the use of a public key cipher and the importance of this in a commercial environment are stressed. Two two main public key ciphers are considered. The RSA public key cipher is introduced and various methods for implementing this cipher on a standard, nondedicated, 8 bit microprocessor are investigated. The performance of the different algorithms are evaluated and compared. Various ways of increasing the performance are considered. The limitations imposed by the performance on the practical use of the cipher are discussed. The importance of the key to the security of the cipher is assessed. Different forms of attack are mentioned and a procedure for generating keys, which minimise the probability of a sucessful attack is presented. This procedure is implemented on a minicomputer. Use of the method on personal computers or microprocessors is examined. Methods for performing multiplication in hardware, with particular emphasis on the use of these methods in modular multiplication, are detailed. An algorithm for performing part of the encryption function in hardware and the hardware necessary for it is described. Different methods for implementing the hardware are discussed and one is choosen. A description of the hardware unit is given. The design and development of an application specific integrated circuit (ASIC) to perform key elements of the encryption function is described. The various stages of the design process are detailed. The results expected from this device and its integration into the overall encryption scheme are presented