URL https://opencores.org/ocsvn/mod_sim_exp/mod_sim_exp/trunk

# Subversion Repositoriesmod_sim_exp

## [/] [mod_sim_exp/] [trunk/] [doc/] [src/] [introduction.tex] - Blame information for rev 47

Line No. Rev Author Line
1 47 JonasDC
\chapter{Introduction}
2
The Modular Simultaneous Exponentiation core is a flexible hardware design to support modular simultaneous exponentiations
3
in embedded systems. It is able to compute a double exponentiation as given by~(\ref{eq:mse})
4
\begin{align}\label{eq:mse}
5
g_{0}^{e_0} \cdot g_{1}^{e_1} \bmod m
6
\end{align}
7
where:
8
\begin{align}
9
g_{0} &= \left(g_{0_{n-1}}, \cdots, g_{0_{1}}, g_{0_{0}}\right)_{2}\hspace{1.5cm} \text{with } n \text{ being the number of bits of the base operands}\nonumber \\
10
g_{1} &= \left(g_{1_{n-1}}, \cdots, g_{1_{1}}, g_{1_{0}}\right)_{2}\nonumber \\
11
m &=\left(m_{n-1}, \cdots, m_{1}, m_{0}\right)_{2}\nonumber \\
12
e_{0} &=\left(e_{0_{t-1}}, \cdots, e_{0_{1}}, e_{0_{0}}\right)_{2}\hspace{1.5cm} \text{with } t \text{ being the number of bits of the exponents}\nonumber \\
13
e_{1} &=\left(e_{1_{t-1}}, \cdots, e_{1_{1}}, e_{1_{0}}\right)_{2}\nonumber
14
\end{align}
15
This operation is commonly used in anonymous credential and authentication cryptosystems like DSA \footnote{FIPS-186-3, the third and current revision to the official DSA specification:\\\hspace*{1cm}\url{http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf}}, Idemix \footnote{IBM Idemix project website: \url{https://www.zurich.ibm.com/security/idemix/}}, etc.. For this reason the core is designed with the use of large base operands in mind ($n$=512, 1024, 1536 bit and more..). The hardware is optimized for these
16
simultaneous exponentiations, but also supports single base exponentiations and single Montgomery multiplications.
17
Flexibility is offered to the user by providing the possibility to split the multiplier pipeline into 2 smaller parts, so that in total
18
3 different base operand lengths can be supported. The length of the exponents can be chosen freely\footnote{The controlling software is responsible for loading in the desired number of exponent bits into the core's exponent FIFO}