隨著資訊科技日新月異，網路已經成為現代生活中不可或缺的角色，人們將資料經過數位化後以0與1的形式在網路上傳輸，網路間則透過協定將資料由發送端傳遞並呈現給接收端。但是網路具有公開性，直接透過網路傳送的資料將暴露在極高的外洩風險中。如果重要資料在傳送前先透過資訊安全和保密技術進行加密的動作，即可達到網路傳送資料的安全與隱密性。

RSA加解密系統是概念簡單而且安全性極高的公開金鑰密碼系統，然而其編碼與解碼需要大量的指數運算和除法運算，並且為了加強編解碼資料的安全性，其運算資料位元數通常大於等於512，若使用軟體來進行加解密的運算，將無法滿足網路傳輸所需要的即時性。因此，提升RSA加解密系統的執行速度有其必要性，而目前也已經發展出許多改善RSA加解密效能的硬體架構以提昇大量資料的加解密速度。

本論文所提出的蒙哥馬利模數乘法器與RSA加解密系統之硬體架構，只須使用簡單的加法器、位移暫存器和多工器即可實現，再配合商數前看(Quotient Lookahead)與省略多餘運算(Superfluous Operation Elimination)的兩個概念，使得我們提出的硬體架構執行速度比傳統架構快19%左右，同時能夠節省整體的能量消耗。由於我們的RSA加解密系統兼顧高效能與低耗能的特性，使得它更適合使用於具有低功耗需求的可攜式電子產品中。

The communication technology is changing rapidly every day, and the internet has played a very important role in our lives. Through specific protocols, people transform the data into 0’s and 1’s as digital signals and transfer them from sender to receiver via the network. Unfortunately, data transfer through the internet is open to the public, and too much exposure of private data may be a serious risk. To avoid this situation, we can encrypt the data before transmission to guarantee data confidentiality and privacy.

The RSA encryption system is a simple and highly secure public key cryptosystem, but the encryption and decryption process requires a lot of exponentiation operations and division operations. In order to improve the reliability of the encrypted data, the operands are usually larger than 512 bits. If software is used to perform encryption and decryption, real time application will not be sufficed, since software lacks performance. For this reason, the RSA must be implemented in hardware. Since then, many methods of refining the effectiveness of the RSA encryption and decryption hardware have began to be developed.

This research proposes a new Modular Multiplier architecture similar to the original Montgomery Modular Multiplier and the RSA encryption system, which is composed by simple adders, shifting registers and multiplexers. What’s more, we’ve also proposed new concepts including the Quotient Lookahead and the Superfluous Operation Elimination to further enhance the performance. The test results show that our design can reduce the total cycle count by 19%, and also save the overall energy consumption. Due to the features of high performance and energy saving, the proposed design is suitable for portable devices which have low power requirements.

目錄
Chapter 1. 概論 1
1.1 研究動機 1
1.2 論文大綱 2
Chapter 2. 研究背景與相關研究 3
2.1 密碼系統簡介 3
2.2 私密金鑰密碼系統 4
2.3 公開金鑰密碼系統 6
2.4 RSA公開金鑰密碼系統 8
Chapter 3. 蒙哥馬利乘法模數演算法與指數模數運算 11
3.1 蒙哥馬利乘法模數演算法 12
3.1.1 Radix-2蒙哥馬利乘法模數演算法 12
3.1.2 5-to-2 CSA蒙哥馬利乘法模數演算法 14
3.1.3 4-to-2 CSA蒙哥馬利乘法模數演算法 16
3.2 指數模數演算法 19
3.2.1 H演算法 20
3.2.2 L演算法 21
3.3 提出的蒙哥馬利乘法模數演算法 22
3.3.1 商數前看(Quotient Lookahead) 23
3.3.2 省略多餘運算(Superfluous Operation Elimination) 27
3.3.3 提出的改良式乘法模數演算法 29
3.4 提出的指數模數演算法 31
3.5 硬體設計與實現 33
3.5.1 桶式加法移位暫存器(BRFA) 34
3.5.2 改良式乘法模數硬體架構 35
3.5.3 改良式指數模數硬體架構 38
3.5.4 可調式改良指數模數硬體架構 40
Chapter 4. 實驗數據 43
4.1 實驗步驟和使用的設計軟體 43
4.2 結果 45
4.2.1 蒙哥馬利模數乘法器 45
4.2.2 指數模數運算單元 49
Chapter 5. 結論與未來展望 53
5.1 結論 53
5.2 未來展望 53
參考文獻 54

[1] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signature and public-key cryptosystems,” Communications of the ACM, vol. 21, pp. 120–126, Feb. 1978.
[2] P. L. Montgomery, “Modular multiplication without trial division,” Mathmatics Computation, vol. 44, pp. 519–521, Apr. 1985.
[3] C. K. Koc, T. Acar, and B. S. Kaliski, Jr., “Analyzing and comparing Montgomery multiplication algorithms,” IEEE Micro. Chip, Systems, Software and Applications, pp. 26–33, June 1996.
[4] Y. S. Kim, W. S. Kang, and J. R. Choi, “Implementation of 1024-bit modular processor for RSA cryptosystem,” in Proc. IEEE Asia-Pacific Conf. on ASIC, Aug. 2000, pp. 187