Hierarchical Approach in RNS Base Extension for Asymmetric Cryptography

Abstract: Base extension is a critical operation in RNS implementations of asymmetric cryptosystems. In this paper, we propose a new way to perform base extensions using a hierarchical approach for computing the Chinese remainder theorem. For well chosen parameters, it significantly reduces the computational cost and still ensures a high level of internal parallelism. We illustrate the interest of the proposed approach on the cost of typical arithmetic primitives used in asymmetric cryptography. We also demonstrate impr… Show more

“…A hierarchical base extension (HBE) approach has been introduced in [11] for ECC in FPGA implementations. The k moduli are seen as a matrix of r rows and c columns (i.e., k = r × c).…”

“…The BE is then performed over the r super-residues, leading to a reduction of the BE complexity. The correction step for α presented in [11] (derived from [16]) has been managed directly in the HBE algorithm but it requires pseudo-Mersenne moduli. Paper [11] only provides algorithms and results for c = 2.…”

“…Below, we propose a new BE algorithm with a reduced computation cost by adapting FBE from [12] with the hierarchical organization idea from [11] for a HE software context. The following notations are introduced to support the decomposition of RNS bases into matrices of moduli (instead of vectors):…”

“…A hierarchical BE algorithm has been proposed in [11] for elliptic curve cryptography (ECC) in hardware. This algorithm uses RNS bases with k = r × c moduli to reduce the BE complexity from O(k 2 ) operations to only O(r 2 × c).…”

Using Hierarchical Approach to Speed-up RNS Base Extensions in Homomorphic Encryption Context

“…A hierarchical base extension (HBE) approach has been introduced in [11] for ECC in FPGA implementations. The k moduli are seen as a matrix of r rows and c columns (i.e., k = r × c).…”

“…The BE is then performed over the r super-residues, leading to a reduction of the BE complexity. The correction step for α presented in [11] (derived from [16]) has been managed directly in the HBE algorithm but it requires pseudo-Mersenne moduli. Paper [11] only provides algorithms and results for c = 2.…”

“…Below, we propose a new BE algorithm with a reduced computation cost by adapting FBE from [12] with the hierarchical organization idea from [11] for a HE software context. The following notations are introduced to support the decomposition of RNS bases into matrices of moduli (instead of vectors):…”

“…A hierarchical BE algorithm has been proposed in [11] for elliptic curve cryptography (ECC) in hardware. This algorithm uses RNS bases with k = r × c moduli to reduce the BE complexity from O(k 2 ) operations to only O(r 2 × c).…”

Using Hierarchical Approach to Speed-up RNS Base Extensions in Homomorphic Encryption Context

“…In a domain such as cryptography, arithmetic operations are performed modulo large numbers that are often prime, the use of RNS becomes more complicate as modular reduction requires a conversion of RNS bases [20], [21], [22], [23]. This last point has generated a rich literature, in particular around the choice of bases for efficient implementations [15], [24], [25], [26].…”

Generating Very Large RNS Bases

Symmetric Cryptoalgorithms in the Residue Number System