implementation of rsa 2048 on gpus
play

Implementation of RSA 2048 on GPUs Marcelo E. Kaihara EPFL LACAL - PowerPoint PPT Presentation

Jun 11, 2023 •372 likes •710 views

Implementation of RSA 2048 on GPUs Marcelo E. Kaihara EPFL LACAL Nov. 4, 2010 Motivation NIST Recommendations for Key Management (SP 800-57) NIST DRAFT recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes (SP

  1. Implementation of RSA 2048 on GPUs Marcelo E. Kaihara EPFL – LACAL Nov. 4, 2010

  2. Motivation NIST Recommendations for Key Management (SP 800-57) NIST DRAFT recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes (SP 800-131) RSA 1024 Deprecated from January 1, 2011 RSA 2048 8x Computational Effort 2 2

  3. Object Use GPUs as cryptographic accelerators to offload work from the CPU. Low latency Parallel implementation Generic implementation OpenCL Server application Speed 3 3

  4. RSA 2048 Decryption Decryption d m  p  q e  d  1 mod  (m) z  c mod m dP  e  1 mod (p - 1) Precomputed values dQ  e  1 mod (q - 1) ( p , q, dP, dQ, qInv)  1 dInv  q mod p Chinese Remainder Theorem dP z 1  c mod p Mod Exp 1024 moduli dQ z 2  c mod q (32 limbs of 32-bits) s  32 32 B  2 h  qInv  ( z 1  z ) mod p 2 z  z  h  q 2 4 4

  5. Montgomery Multiplication General overview Ordinary Representation Montgomery Representation ~ u u ~ v v ~  ~ u  v u v     ~ z z Sequential multiplications performed in Montgomery representation 5

  6. Montgomery Multiplication R  B s  m , gcd(R, m)  1 Montgomery radix Ordinary Representation Montgomery Representation  (   ,  ) ( , * )  ~ u u  u  R mod m Isomorphic ~ ~ ~ ~ u  v  ( u  v ) mod m  1 u * v  u  v  R mod m ~ v v  v  R mod m

  7. Montgomery Multiplication Definition: m : large odd integer ~ ~ , gcd(m, B)  1 u , v  Z / m Z ~ ~ ~ ~ u * v  u  v  R  1 mod m s ( usually R  B ) R  m

  8. Sequential Computation on CPU ~ ~ ~ ~  1 u * v  u  v  R mod m m Algorithm ~ u ~ v ~  * z 0; ~ for (i  0; i  s - 1; i   ) z { ~ ~ ~ ~ z  z  u  v ; i ~  1 q  (  z  m ) mod B; M 0 0 ~ ~ ~ ~  1 ( z  (  z  m mod B)  m) mod B  z  ( z  q M  m ) div B; 0 0 } ~ ~  1  ( z  (  z  m  m mod B)) mod B ~ ~ ~ 0 0 if z  m then z  z - m; ~ ~  ( z  z ) mod B  0 0

  9. Sequential Computation on CPU ~ ~ ~ ~  1 u * v  u  v  R mod m m Algorithm ~ u ~ v ~  * z 0; ~ for (i  0; i  s - 1; i   ) z { ~ ~ ~ ~ z  z  u  v ; i ~  1 i  0 q  (  z  m ) mod B; M 0 0 ~ z  m  ( B  1 ) ~ ~ z  ( z  q M  m ) div B; } m  ( B  1 )  m  ( B  1 ) ~ z  ~ ~ ~ if z  m then z  z - m; B 2  m  ( B  1 )   2 m B

  10. Sequential Computation on CPU ~ ~ ~ ~  1 u * v  u  v  R mod m m Algorithm ~ u ~ v ~  * z 0; ~ for (i  0; i  s - 1; i   ) z { ~ ~ ~ ~ z  z  u  v ; i ~  1 q  (  z  m ) mod B; M 0 0 ~ ~ z  ( z  q M  m ) div B; } ~ ~ ~ if z  m then z  z - m;

  11. Sequential Computation on CPU ~ ~ ~ ~  1 u * v  u  v  R mod m m Algorithm ~ u ~ v ~  * z 0; ~ for (i  0; i  s - 1; i   ) z { ~ ~ ~ ~ i  1 z  z  u  v ; i ~ 0  z  2  m ~  1 q  (  z  m ) mod B; M 0 0 ~ ~ ~ z  2  m  m  ( B  1 ) z  ( z  q M  m ) div B; } 2  m  m  ( B  1 )  m  ( B  1 ) ~ z  ~ ~ ~ if z  m then z  z - m; B m  ( 2  B  1  B  1 )   2  m B

  12. Fermi architecture Specifications: 3 billon transistors 16 Streaming Multiprocessors (SM) 6 x 64-bit memory partitions Up to total 6GB GDDR5 with ECC GigaThread global scheduler Shared L2 Cache (768KB) Source: NVIDIA’s next Generation CUDA TM Compute Architecture: Fermi 12 12

  13. Fermi architecture Streaming Multiprocessor 32 CUDA Cores (16 x 32 = 512) Dual warp scheduler 16 LD/ST Units 4 Special Function Units (SFU) 64KB of configurable Shared Memory and L1 Cache (48KB/16KB) CUDA Core Pipelined ALU and FPU ALU supports 32-bit int FPU single precision (512 FMA ops / clock) Source: NVIDIA’s next Generation CUDA TM Compute Architecture: Fermi 1K 32-bit registers per core 13 13

  14. Representation of Integers Parallel version Sequential version x x x 31 31 31  x x x x  0  31 2 1   x x x x 0 x x 31 x 2 1 2 2 2  x x x x x x x 31 0 2 1 1 1 1 x x x 0 0 0 • Low Latency • High Latency • Cryptography • Cryptanalysis 14 14

  15. Representation of Integers To avoid barriers (mem fence) try to fit entire operand within a block of 32 threads (Warps) Data coherence is maintained within a warp. Each thread operates in one limb in radix B=2 32 Possible representations: Avizienis representation (signed-digit) Residue Number System Carry-save  c c c c 31 2 1 0  x x x x 31 0 2 1 15 15

  16. Montgomery Multiplication ~ ~ ~ ~  1 u * v  u  v  R mod m  M m m m m 31 2 1 0 Algorithm  a a A a a 31 0 2 1 ~ ~ A :  u ; B :  v ; M :  m;  b b B b b 31 0 2 1 T  : 0; for (i  0; i  s - 1; i   )  H(a b ) H(a b ) H(a b ) H(a b ) 31 0 2 0 1 0 0 0 {  L(a b ) L(a b ) L(a b ) L(a b ) T :  T  b A; 31 0 1 0 1 0 0 0 i -1 q :  t  (  m ) mod B; M 0 0 T :  ( T  q M  M ) div B; }  c c c c if T  M then Z :  T - M; 30 0 31 1 else Z :  T; T  t t t t t t t t 31 0 0 30 2 1 31 1 16

  17. Montgomery Multiplication ~ ~ ~ ~  1 u * v  u  v  R mod m  M m m m m 31 2 1 0 Algorithm  a a A a a 31 0 2 1 ~ ~ A :  u ; B :  v ; M :  m;  b b B b b 31 0 2 1 T  : 0; for (i  0; i  s - 1; i   )  H(a b ) H(a b ) H(a b ) H(a b ) 31 0 2 0 1 0 0 0 {  L(a b ) L(a b ) L(a b ) L(a b ) T :  T  b A; 31 0 1 0 1 0 0 0 i -1 q :  t  (  m ) mod B; M 0 0     T :  ( T  q M  M ) div B;     }  c c c c if T  M then Z :  T - M; 30 0 31 1 else Z :  T; T  q t t t t t t t t 31 0 0 M 30 2 1 31 1 17

  18. Montgomery Multiplication ~ ~ ~ ~  1 u * v  u  v  R mod m  M m m m m 31 2 1 0 Algorithm  a a A a a 31 0 2 1 ~ ~ A :  u ; B :  v ; M :  m;  b b B b b 31 0 2 1 T  : 0; for (i  0; i  s - 1; i   )  H(a b ) H(a b ) H(a b ) H(a b ) 31 0 2 0 1 0 0 0 { T :  T  b A; i -1 q :  t  (  m ) mod B;  H(m q ) H(m q ) H(m q ) H(m q ) M 0 0 31 M 2 M 0 M 1 M T :  ( T  q M  M ) div B;  L(m q ) L(m q ) L(m q ) L(m q ) 31 M 0 M 2 M 1 M }  c c c c if T  M then Z :  T - M; 30 0 31 1 else Z :  T; T  q t t t t 31 0 M 2 1 18

  19. Montgomery Multiplication ~ ~ ~ ~  1 u * v  u  v  R mod m  M m m m m 31 2 1 0 Algorithm  a a A a a 31 0 2 1 ~ ~ A :  u ; B :  v ; M :  m;  b b B b b 31 0 2 1 T  : 0; for (i  0; i  s - 1; i   )  H(a b ) H(a b ) H(a b ) H(a b ) 31 0 2 0 1 0 0 0 { T :  T  b A; i -1 q :  t  (  m ) mod B;  H(m q ) H(m q ) H(m q ) H(m q ) M 0 0 31 M 2 M 0 M 1 M T :  ( T  q M  M ) div B;  L(m q ) L(m q ) L(m q ) L(m q ) 31 M 0 M 2 M 1 M }           c c c c if T  M then Z :  T - M; 30 0 31 1 else Z :  T; T  q t t t t 31 0 M 2 1 19

  20. Montgomery Multiplication ~ ~ ~ ~  1 u * v  u  v  R mod m  M m m m m 31 2 1 0 Algorithm  a a A a a 31 0 2 1 ~ ~ A :  u ; B :  v ; M :  m;  b b B b b 31 0 2 1 T  : 0; for (i  0; i  s - 1; i   )  H(a b ) H(a b ) H(a b ) H(a b ) 31 0 2 0 1 0 0 0 { T :  T  b A; i -1 q :  t  (  m ) mod B;  H(m q ) H(m q ) H(m q ) H(m q ) M 0 0 31 M 2 M 0 M 1 M T :  ( T  q M  M ) div B;        }   c c c c if T  M then Z :  T - M; 30 0 31 1 else Z :  T; T  q t t t t 31 0 M 2 1 20

Recommend

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*,

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*,

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*, Stewart A. Levin, and Robert G. Clapp Geophysics Department, Stanford University March 28, 2018 Huy Le Multi-parameter Waveform Inversion with GPUs

532 views • 24 slides
Making Change in 2048 David Eppstein 9th International Conference on Fun With Algorithms (FUN

Making Change in 2048 David Eppstein 9th International Conference on Fun With Algorithms (FUN

Making Change in 2048 David Eppstein 9th International Conference on Fun With Algorithms (FUN 2018) La Maddalena, Italy, June 2018 2048 game 16 squares that can be filled by power-of-two tiles Each turn: slide all squares in one of four

487 views • 14 slides
High-Performance FV Somewhat Homomorphic Encryption on GPUs: An Implementation using CUDA Ahmad

High-Performance FV Somewhat Homomorphic Encryption on GPUs: An Implementation using CUDA Ahmad

High-Performance FV Somewhat Homomorphic Encryption on GPUs: An Implementation using CUDA Ahmad Al Badawi ahmad@u.nus.edu National University of Singapore (NUS) Sept 10 th 2018 CHES 2018 FHE The holy grail of Cryptography FHE

1.05k views • 20 slides
Why use GPUs for graph processing? FOSDEM 2020 2 GPUs and Graphs Graphs GPUs Found

Why use GPUs for graph processing? FOSDEM 2020 2 GPUs and Graphs Graphs GPUs Found

Gunrock High-Performance Graph Analytics for the GPU Muhammad Osama University of California, Davis Why use GPUs for graph processing? FOSDEM 2020 2 GPUs and Graphs Graphs GPUs Found everywhere Found everywhere Road &

560 views • 23 slides
The security impact AES-128, RSA-2048, etc. of a new cryptographic library are widely accepted

The security impact AES-128, RSA-2048, etc. of a new cryptographic library are widely accepted

The security impact AES-128, RSA-2048, etc. of a new cryptographic library are widely accepted standards. D. J. Bernstein, U. Illinois Chicago Obviously infeasible to break & T. U. Eindhoven by best attacks in literature. Tanja Lange, T.

1.65k views • 142 slides
Scott Le Grand Some Things Never Change (GPUs vs the World) How Best to Exploit GPUs

Scott Le Grand Some Things Never Change (GPUs vs the World) How Best to Exploit GPUs

Scott Le Grand Some Things Never Change (GPUs vs the World) How Best to Exploit GPUs Molecular Dynamics or Matrix Factorization? Determinism and Numerical Stability Dynamic Range for both MD and NNs Latest AMBER PME Numbers

1.18k views • 90 slides
NaCl: a new crypto library AES-128, RSA-2048, etc. are widely accepted standards. D. J.

NaCl: a new crypto library AES-128, RSA-2048, etc. are widely accepted standards. D. J.

NaCl: a new crypto library AES-128, RSA-2048, etc. are widely accepted standards. D. J. Bernstein, U. Illinois Chicago & T. U. Eindhoven Obviously infeasible to break Tanja Lange, T. U. Eindhoven by best attacks in literature. Joint work

1.46k views • 133 slides
Unleashing the Power of GPUs over the Web Vishal Vaidyanathan Royal Caliber LLC GPUs are

Unleashing the Power of GPUs over the Web Vishal Vaidyanathan Royal Caliber LLC GPUs are

Unleashing the Power of GPUs over the Web Vishal Vaidyanathan Royal Caliber LLC GPUs are great... high compute throughput increasingly energy efficient high density but? http://onu.io

639 views • 16 slides
Clusters of GPUs Michael LeBeane mlebeane@utexas.edu Advisor : Lizy K. John Problem Statement

Clusters of GPUs Michael LeBeane mlebeane@utexas.edu Advisor : Lizy K. John Problem Statement

PhD Defense Optimizing Communication for Clusters of GPUs Michael LeBeane mlebeane@utexas.edu Advisor : Lizy K. John Problem Statement GPUs and Networks in the Wild GPUs are everywhere in HPC, Big Data, Machine Learning, and beyond

1.07k views • 61 slides
MD5 Chosen-Prefix Collisions on GPUs Marc Bevand m.bevand@gmail.com marc.bevand@rapid7.com

MD5 Chosen-Prefix Collisions on GPUs Marc Bevand m.bevand@gmail.com marc.bevand@rapid7.com

MD5 Chosen-Prefix Collisions on GPUs Marc Bevand m.bevand@gmail.com marc.bevand@rapid7.com Agenda MD5 on GPUs Dec 2008: rogue CA certificate on PS3 cluster MD5 birthday search Results & performance MD5 on GPUs MD5 is

448 views • 18 slides
(Toward) Radiative transfer on AMR with GPUs Dominique Aubert Universit de Strasbourg

(Toward) Radiative transfer on AMR with GPUs Dominique Aubert Universit de Strasbourg

(Toward) Radiative transfer on AMR with GPUs Dominique Aubert Universit de Strasbourg Austin, TX, 14.12.12 jeudi 13 dcembre 2012 A few words about GPUs Cache and control replaced by calculation units Large number of

500 views • 31 slides
Virtual Reality Features of NVIDIA GPUs Mark Kilgard, July 27, 2016 Mark Kilgard My Background

Virtual Reality Features of NVIDIA GPUs Mark Kilgard, July 27, 2016 Mark Kilgard My Background

Virtual Reality Features of NVIDIA GPUs Mark Kilgard, July 27, 2016 Mark Kilgard My Background Principal System Software Engineer OpenGL driver implementation & API evolution Other interests Programmable shading languages, original Cg

446 views • 42 slides
Deep Learning on GPUs March 2016 What is Deep Learning? GPUs and DL AGENDA DL in practice

Deep Learning on GPUs March 2016 What is Deep Learning? GPUs and DL AGENDA DL in practice

Deep Learning on GPUs March 2016 What is Deep Learning? GPUs and DL AGENDA DL in practice Scaling up DL 2 What is Deep Learning? 3 DEEP LEARNING EVERYWHERE INTERNET & CLOUD MEDICINE & BIOLOGY SECURITY & DEFENSE MEDIA &

1.45k views • 39 slides
Korrel Kanoy, Ph.D. Peace College kkanoy@peace.edu; 919-508-2048 Derek Mann, Ph.D. MHS

Korrel Kanoy, Ph.D. Peace College kkanoy@peace.edu; 919-508-2048 Derek Mann, Ph.D. MHS

Korrel Kanoy, Ph.D. Peace College kkanoy@peace.edu; 919-508-2048 Derek Mann, Ph.D. MHS derek.mann@mhs.com 416.613.2862 Retention and Graduation Key predictors of success What is Emotional Intelligence? How does emotional

952 views • 27 slides
Understanding The Security of Discrete GPUs Zhiting Zhu 1 , Sangman Kim 1 , Yuri Rozhanski 2 ,

Understanding The Security of Discrete GPUs Zhiting Zhu 1 , Sangman Kim 1 , Yuri Rozhanski 2 ,

Understanding The Security of Discrete GPUs Zhiting Zhu 1 , Sangman Kim 1 , Yuri Rozhanski 2 , Yige Hu 1 , Emmett Witchel 1 , Mark Silberstein 2 1.The University of Texas at Austin 2.Technion-Israel Institute of Technology Outline Can GPUs

869 views • 60 slides
Full Virtualization for GPUs Reconsidered Revisit -- Suzuki, Yusuke, et al. GPUvm: Why not

Full Virtualization for GPUs Reconsidered Revisit -- Suzuki, Yusuke, et al. GPUvm: Why not

Full Virtualization for GPUs Reconsidered Revisit -- Suzuki, Yusuke, et al. GPUvm: Why not virtualizing GPUs at the hypervisor?. USENIX ATC 14. Hangchen Yu 1 , Christopher J. Rossbach 1,2 1 The University of Texas at Austin 2 VMware

880 views • 40 slides
Design and Evaluation of a 2048 Introduction Core Cluster System The CHiC Project Benchmarks

Design and Evaluation of a 2048 Introduction Core Cluster System The CHiC Project Benchmarks

CHiC 2007 Frank Mietke Design and Evaluation of a 2048 Introduction Core Cluster System The CHiC Project Benchmarks Summary Frank Mietke , Torsten Hfler, Torsten Mehlan and Wolfgang Rehm Computer Architecture Group Department of Computer

594 views • 20 slides
Efficiency of general Krylov methods on GPUs An experimental study H. Anzt, M. Kreutzer, M.

Efficiency of general Krylov methods on GPUs An experimental study H. Anzt, M. Kreutzer, M.

6 th AsHES workshop May 26 th , 2016, Chicago, USA Efficiency of general Krylov methods on GPUs An experimental study H. Anzt, M. Kreutzer, M. Koehler, G. Wellein, J. Dongarra Piotr Luszczek Solving large sparse linear systems on GPUs

390 views • 13 slides
PRACTICAL REAL-TIME VOXEL-BASED GLOBAL ILLUMINATION FOR CURRENT GPUS Alexey Panteleev NVIDIA

PRACTICAL REAL-TIME VOXEL-BASED GLOBAL ILLUMINATION FOR CURRENT GPUS Alexey Panteleev NVIDIA

PRACTICAL REAL-TIME VOXEL-BASED GLOBAL ILLUMINATION FOR CURRENT GPUS Alexey Panteleev NVIDIA OUTLINE Introduction: what is Global Illumination? Screenshots Overview of Voxel Cone Tracing Implementation details Voxel clipmaps

585 views • 54 slides
Analyzing Throughput of GPUs Analyzing Throughput of GPUs Exploiting Within-Die Core-to-Core

Analyzing Throughput of GPUs Analyzing Throughput of GPUs Exploiting Within-Die Core-to-Core

Analyzing Throughput of GPUs Analyzing Throughput of GPUs Exploiting Within-Die Core-to-Core Exploiting Within-Die Core-to-Core Frequency Variation Frequency Variation Jungseob Lee, Paritosh Ajgaonkar, Nam Sung Kim Apr 12, 2011 Department of

578 views • 20 slides
Bandwidth Bottlenecks Across the Memory Hierarchy in GPUs Saumay Dublish, Vijay Nagarajan, Nigel

Bandwidth Bottlenecks Across the Memory Hierarchy in GPUs Saumay Dublish, Vijay Nagarajan, Nigel

Evaluating and Mitigating Bandwidth Bottlenecks Across the Memory Hierarchy in GPUs Saumay Dublish, Vijay Nagarajan, Nigel Topham The University of Edinburgh ISPASS 2017 25 th April Santa Rosa, California Multithreading on GPUs Hardware

547 views • 44 slides
Efficient Video Decoding on GPUs Efficient Video Decoding on GPUs by Point Based Rendering by

Efficient Video Decoding on GPUs Efficient Video Decoding on GPUs by Point Based Rendering by

Efficient Video Decoding on GPUs Efficient Video Decoding on GPUs by Point Based Rendering by Point Based Rendering Bo Han, Bingfeng Zhou Peking University Outline Outline Motivation and Goal Previous work Review of video decoding

741 views • 30 slides
Bigger GPUs and Bigger Nodes Carl Pearson (pearson@illinois.edu) PhD Candidate, advised by

Bigger GPUs and Bigger Nodes Carl Pearson (pearson@illinois.edu) PhD Candidate, advised by

Bigger GPUs and Bigger Nodes Carl Pearson (pearson@illinois.edu) PhD Candidate, advised by Professor Wen-Mei Hwu 1 Outline Experiences from working with domain experts to develop GPU codes on Blue Waters Kepler and Volta GPUs HPC

364 views • 20 slides
How Walmart Improves Forecast Accuracy with NVIDIA GPUs March 19, 2019 Agenda Walmarts

How Walmart Improves Forecast Accuracy with NVIDIA GPUs March 19, 2019 Agenda Walmarts

How Walmart Improves Forecast Accuracy with NVIDIA GPUs March 19, 2019 Agenda Walmarts forecasting problem Initial (non-GPU) approach Algorithms Pipeline Integrating GPUs into every aspect of the solution History

612 views • 23 slides

More recommend