This paper reports a constant-time CPU and GPU software implementation of the RSA exponentiation by using algorithms that offer a first-line defense against timing and cache attacks. In the case of GPU platforms the modular arithmetic layer was implemented using the Residue Number System (RNS) representation. We also present a CPU implementation of an RNS-based arithmetic that takes advantage of the parallelism provided by the Advanced Vector Extensions 2 (AVX2) instructions. Moreover, we carefully analyze the performance of two popular RNS modular reduction algorithms when implemented on many-and multi-core platforms. In the case of CPU platforms we also report that a combination of the schoolbook and Karatsuba algorithms for integer multiplication along with Montgomery reduction, yields our fastest modular multiplication procedure. In comparison with previous literature, our software library achieves faster timings for the computation of the RSA exponentiation using 1024-, 2048-and 3072-bit private keys.
The supersingular isogeny Diffie-Hellman key exchange protocol (SIDH) was introduced by Jao and De Feo in 2011. SIDH operates on supersingular elliptic curves defined over F p 2 , where p is a large prime number of the form p ¼ 4 e A 3 e B − 1 and e A and e B are positive integers such that 4 e A ≈ 3 e B . A variant of the SIDH protocol, dubbed extended SIDH (eSIDH), is presented. The eSIDH makes use of primes of the formHere ℓ B and ℓ C are two small prime numbers; f is a cofactor; and e A , e B , and e C are positive integers such that 4 e A ≈ ℓ e B B ℓ e C C . It is shown that for many relevant instantiations of the SIDH protocol, this new family of primes enjoys faster field arithmetic than the one associated with traditional SIDH primes. Furthermore, its richer opportunities for parallelism yield a noticeable speed-up factor when implemented on multicore platforms. A supersingular isogeny key encapsulation (SIKE) instantiation using the prime eSIDH-p765 yields an acceleration factor of 1.06, 1.15 and 1.14 over a SIKE instantiation with the prime SIKE-p757 when implemented on k = {1, 2, 3}-core processors. To the authors' knowledge, this work reports the first multicore implementation of SIDH and SIKE.This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and reproduction in any medium, provided the original work is properly cited.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.