Portal de Periódicos da CAPES

Efficient software implementations of modular exponentiation

2012; Springer Science+Business Media; Volume: 2; Issue: 1 Linguagem: Inglês

10.1007/s13389-012-0031-5

2190-8516

Shay Gueron,

Cryptographic Implementations and Security

The significant cost of RSA computations affects the efficiency and responsiveness of SSL/TLS servers, and therefore software implementations of RSA are an important target for optimization. To this end, we study here efficient software implementations of modular exponentiation, which are also protected against software side channel analyses. We target superior performance for the ubiquitous ×86_64 architectures, used in most server platforms. The paper proposes optimizations in several directions: the Montgomery multiplications primitives, the w-ary modular exponentiation flow, and reduced cost of side channel mitigation. For a comparison baseline, we use the current OpenSSL version, 1.0.0e. Our implementation—called "RSAZ"—is more than 1.6 times faster than OpenSSL for both 1,024 and 2,048-bit keys, on the previous generation 2010 Intel® Core™ processors and on the 2nd generation Intel® Core™ processors. The RSAZ code was contributed to OpenSSL as a patch, and improvements proposed in an earlier version of this paper have already been incorporated into the future OpenSSL version.