A Secure Algorithm for Inversion Modulo 2k
Department of Microelectronics and Electronic Systems, Universitat Autònoma de Barcelona, 08193 Barcelona, Spain
Applus Laboratories, Bellaterra, 08193 Barcelona, Spain
Current address: Applus Laboratories, Carrer de la Font del Carme, Bellaterra, 08193 Barcelona, Spain.
Author to whom correspondence should be addressed.
Received: 21 August 2018 / Revised: 10 September 2018 / Accepted: 12 September 2018 / Published: 13 September 2018
Modular inversions are widely employed in public key crypto-systems, and it is known that they imply a bottleneck due to the expensive computation. Recently, a new algorithm for inversions modulo
was proposed, which may speed up the calculation of a modulus dependent quantity used in the Montgomery multiplication. The original algorithm lacks security countermeasures; thus, a straightforward implementation may expose the input. This is an issue if that input is a secret. In the RSA-CRT signature using Montgomery multiplication, the moduli are secrets (primes p
). Therefore, the moduli dependent quantities related to p
must be securely computed. This paper presents a security analysis of the novel method considering that it might be used to compute secrets. We demonstrate that a Side Channel Analysis leads to disclose the data being manipulated. In consequence, a secure variant for inversions modulo
is proposed, through the application of two known countermeasures. In terms of performance, the secure variant is still comparable with the original one.
This is an open access article distributed under the Creative Commons Attribution License
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
Share & Cite This Article
MDPI and ACS Style
De la Fe, S.; Ferrer, C. A Secure Algorithm for Inversion Modulo 2k. Cryptography 2018, 2, 23.
De la Fe S, Ferrer C. A Secure Algorithm for Inversion Modulo 2k. Cryptography. 2018; 2(3):23.
De la Fe, Sadiel; Ferrer, Carles. 2018. "A Secure Algorithm for Inversion Modulo 2k." Cryptography 2, no. 3: 23.
Show more citation formats
Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
[Return to top]
Multiple requests from the same IP address are counted as one view.