隨著網路的發展，每天有非常大量的資訊透過網路進行傳輸，因此網路安全也越來越受重視。我們可以在傳送與接收資料時，對資料進行加解密以確保資料在傳輸過程中的安全性以及隱密性，因此如何確保資料的安全顯示出密碼系統的重要性。
RSA加解密系統是目前世界上廣泛使用的公開金鑰密碼系統之一，根據其建立在質數與因式分解的數學理論，使RSA加解密系統具有非常高的安全性。為了確保RSA加解密系統的安全性，其金鑰長度通常大於1024位元，使用軟體來執行非常難達到即時加解密的需求，因此我們將以硬體架構來實現，以提升運算時的速度，並且設計具有可調整式位元的功能。
RSA加解密運算中主要的運算為模指數運算，模指數運算可以使用連續的模數乘法來實現。我們採用的模數乘法為蒙哥馬利模數演算法，其原理為使用加法以及移位來達到複雜的模數乘法。根據使用者的不同需求，蒙哥馬利演算法可以使用進位節省加法器、高基數、字組式等方法進行改善。
本論文根據以上演算法結合之高基數字組式的蒙哥馬利演算法進行主要運算，並使用模數指數演算法設計出可以快速執行RSA整體運算的硬體架構。我們以低成本為主要設計考量以減少實作上需要的硬體面積，並且結合中國餘數定理探討進行解密時能達到的加速效能。

With the development of the Internet, there are much information transmitted through the Internet every day, so the network security is more and more important. We can encrypt the data to ensure the security and the privacy in the transmission process while we sending and receiving data. So, how to ensure the security of the data shows the importance of the cryptosystem.
RSA encryption and decryption system is one of public key cryptosystem which is widely used in the world. According to its mathematical theory, which is based on prime number and factorization, RSA encryption and decryption system has very high security. In order to ensure the security of RSA encryption and decryption system, the key length is usually greater than 1024 bits. Software implementation is very difficult to achieve real-time encryption and decryption requirement. Therefore, we will implement it using hardware architecture to enhance the speed of operation, and the design is scalable.
The main operation of RSA encryption and decryption operations is the modular exponential operation, which can be achieved by using continuous modulus multiplications. The modular multiplication used is the Montgomery modular algorithm, the principle is using of addition and shift to achieve the complex modular multiplication. According to the different requirements of users, Montgomery algorithm can use the carry-save-adder, high-radix, word-based methods to improve its performance.
Based on the above algorithm, we use the high-radix word-based Montgomery modular algorithm to calculate the main operations, and we use the modular exponential algorithm to design the hardware architecture that can quickly perform the whole RSA operation. We regard low-cost as the main consideration of our design, and the Chinese remainder theorem is adopted to explore the acceleration effort of decryption.

誌謝 ii
論文提要 iii
摘要 iv
Abstract v
目錄 vii
圖目錄 ix
表目錄 x
第一章 序論 1
1.1 研究動機 1
1.2 論文大綱 3
第二章 研究背景 4
2.1 RSA公開金鑰密碼系統 4
2.2 蒙哥馬利演算法 6
2.3 模數指數演算法 9
2.3.1 H-模數指數演算法 10
2.3.2 L-模數指數演算法 11
2.4 進位節省蒙哥馬利演算法 12
2.5 字組式蒙哥馬利演算法 14
2.6 高基數蒙哥馬利演算法 17
2.7 中國餘數定理簡介 18
第三章 RSA加解密演算法 19
3.1 高基數字組式之蒙哥馬利演算法 19
3.2 RSA加解密流程 23
3.3 N_Bar演算法 25
3.4 CS1演算法及CS2演算法 28
3.5 中國餘數定理應用於RSA解密 32
第四章 提出的模指數架構與設計 36
4.1 整體架構概要 36
4.2 內部模組 37
4.2.1 記憶體 37
4.2.2 乘法器 43
4.3 整體運算流程 47
第五章 實驗結果 49
5.1 實驗步驟與方法 49
5.2 實驗數據 51
第六章 結論與未來研究方向 59
6.1結論 59
6.2未來研究方向 59
參考文獻 60

[1] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signature and public-key cryptosystems,”Communications of the ACM, vol. 21, pp. 120-126, Feb. 1978.
[2] P. L. Montgomery, “Modular multiplication without trial division,” Mathematics Computation, vol. 44, pp. 519–521, Apr. 1985.
[3] C.D. Walter, “Montgomery exponentiation needs no final subtractions,” Electronics Letters, vol.35, no.21, pp.1831-1832, Oct. 1999.
[4] M.-D. Shieh, J.-H. Chen, H.-H. Wu, and W.-C. Lin, “A new modular exponentiation architecture for efficient design of RSA cryptosystem,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 16, no. 9, pp. 1151–1161, Sep. 2008.
[5] K. Manochehri, and S. Pourmozafari, “Modified radix-2 Montgomery modular multiplication to make it faster and simpler,” in Proc. IEEE Int. Conf. on Information Technology, April 2005, vol. 1, pp. 598–602.
[6] Y.-Y. Zhang, Z. Li, L. Yang, and S.-W. Zhang, “An efficient CSA architecture for Montgomery modular multiplication,” Microprocessors Microsyst., vol. 31, no. 7, pp. 456–459, Nov. 2007.
[7] C. McIvor, M. McLoone, and J. V. McCanny, “Modified Montgomery modular multiplication and RSA exponentiation techniques,” IEE Proc. Computers and Digital Techniques, vol. 151, no. 6, pp. 402-408, Nov. 2004.
[8] 張凱程, “適用於RSA加解密系統之高效能低功率可調式模數乘法器,” 國立中山大學, 碩士論文, July 2010.
[9] A. F. Tenca and C. K. Koc, “A scalable architecture for modular multiplication based on Montgomery’s algorithm,” IEEE Tans. Computers, vol. 52, no. 9, pp. 1215-1221, Sept. 2003.
[10] M. D. Shieh and W. C. Lin. “Word-Based Montgomery Modular Multiplication Algorithm for Low-Latency Scalable Architectures,” IEEE Trans. Computers, vol. 59, no. 8, pp. 1145-1151, Aug. 2010.
[11] H. Orup, “Simplifying quotient determination in high-radix modular multiplication,” Proc. 12th IEEE Symp. Comput. Arithmetic, pp. 193–199. July1995.
[12] P. Kornerup, “High-Radix Modular Multiplication for Cryptosystems,” Proc. IEEE Symp. Computer Arithmetic, pp. 277-283, Jun 1993.
[13] R. V. Kamala and M. B. Srinivas, “High-Throughput Montgomery Modular Multiplication,” IFIP International Conference on Very Large Scale Integration, pp. 58-62, Oct. 2006.
[14] 陳冠華, “低成本可調式高基數字組式蒙哥馬利模數乘法器設計,” 國立中山大學, 碩士論文, July 2017.
[15] S.-R. Kuang, J.-P. Wang, and C.-Y. Guo, “Modified Booth Multipliers with a Regular Partial Product Array,” IEEE Transactions on Circuits and Systems Part II: Express Briefs, Vol. 56, No. 5, pp. 404-408, May 2009.
[16] S. H. Wang, W. C. Lin, J. H. Ye, and M. D. Shieh, “Fast Scalable Radix-4 Montgomery Modular Multiplier,” IEEE International Symposium Circuits and Systems, pp. 3049-3052, May 2012.
[17] O. Arazi and H. Qi, “On Calculating Multiplicative Inverses Modulo 2m,” IEEE Transactions on Computers, vol. 57, no. 10, pp. 1435-1438, October 2008.
 
[18] J. Grosschadl, The Chinese remainder theorem and its application in a high-speed RSA crypto chip, in:Proceedings of the 16th Annual Computer Security Application Conference, IEEE Computer Society Press, New Orleans, Louisiana, USA, 2000, pp. 384–393.
[19] TSMC 0.90-μm (CL090G) Process 1.2-Volt SAGE-XTM Standard Cell Library Databook, Artisan Components, Sunnyvale, CA, Jan. 2004.
[20] 楊中皇, “網路安全：理論與實務 第二版”學貫行銷股份有限公司, 2008
[21] 許桓偉, “適用於RSA 加解密系統之高效能低功率模數乘法器,” 國立中山大學, 碩士論文, 2011.
[22] 許弘譯, “適用於RSA 密碼系統的高效能基數-4 蒙哥馬利模數乘法器,” 國立中山大學, 碩士論文, 2011.
[23] 陳佳妏, “低耗能多重字組模數乘法器之設計,” 國立中山大學, 碩士論文, July 2012.
[24] 邱昶騰, “高效能高基數蒙哥馬利模數乘法器,” 國立中山大學, 碩士論文, July 2013.
[25] 蔡嘉和, “高效能基數四之字組式蒙哥馬利模數乘法器,” 國立中山大學, 碩士論文, July 2014.
[26] 呂仁堯 , “高效能高基數之字組式蒙哥馬利模數乘法器,“ 國立中山大學, 碩士論文, 2014.
[27] 陳俊吉, “高基數字組式蒙哥馬利乘法器之通用化設計方法, ” 國立中山大學, 碩士論文, 2015.
[28] 陳彥儒, “基於混合式基數字組式蒙哥馬利模數乘法演算法之RSA密碼演算法硬體架構, ” 國立中山大學, 碩士論文, 2016. 
[29] A. Miyamoto , N. Homma , T. Aoki , A. Satoh, Systematic Design of RSA Processors Based on High-Radix Montgomery Multipliers, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.19 n.7, p.1136-1146, July 2011.
[30] G. Sutter, J. P. Deschamps, J. Imaña, "Modular multiplication and exponentiation architectures for fast RSA cryptosystem based on digit serial computation", IEEE Trans. Ind. Electron., vol. 58, no. 7, pp. 3101-3109, Jul. 2011.
[31] J. Grosschädl, The Chinese remainder theorem and its application in a high-speed RSA crypto chip, in: Proceedings of the 16th Annual Computer Security Application Conference, IEEE Computer Society Press, New Orleans, Louisiana, USA, 2000, pp. 384–393.
[32] C.-H. Wu, J.-H. Hong, C-W. Wu, "RSA cryptosystem design based on the chinese remainder theorem", In Design Automation Conference 2001. Proceedings of the ASP-DAC 2001. Asia and South Pacific, pp. 391-395, 2001.