An attack on an RSA encryption algorithm based on simple power analysis (SPA) is thwarted by scrambling the sliding window sequence that results from performing sliding window processing on a power exponent. The sliding window sequence is scrambled with a random code that is utilized to determine an adjustment tendency and an adjustment length.

Systems and methods for efficient fixed-base multi-precision exponentiation are disclosed herein. An example method includes applying a multi-precision exponentiation algorithm to a base number, the multi-precision exponentiation algorithm comprises a pre-generated lookup table used to perform calculations on the base number, the pre-generated lookup table comprising pre-calculated exponentiated values of the base number.

A hardware implementations of Montgomery modular multiplication are described. The number of components as well as the number of cycles may be reduced by using a lookup table and multiplexer for selecting terms to be added during calculations. Also a loop unrolling technique may be used improve performance. A chain of pipeline adder modules and a chain of delay and shift modules may be used to pipeline calculations of multiple sets of operands.

A processor of an aspect includes a plurality of registers, and a decode unit to decode an instruction. The instruction is to indicate at least one storage location that is to store a first integer, a second integer, and a modulus. An execution unit is coupled with the decode unit, and coupled with the plurality of registers. The execution unit, in response to the instruction, is to store a Montgomery multiplication product corresponding to the first integer, the second integer, and the modulus, in a destination storage location. Other processors, methods, systems, and instructions are disclosed.

A system for decoding a transmission include a client device configured to receives a superposition via one or more communication links. The superposition may correspond to a transmission encoded into a plurality of fragments. The system may determine a coefficient for each fragment contained in the superposition and initialize a decoding process. The decoding process may facilitate determining a value of each fragment based on the identified coefficient of each fragment in the superposition. Advantageously, the system, through use of a the one or more communication links, may be configured to decode the transmission to derive information transmitted from a data source quickly and reliably.

Disclosed is an accelerator which includes a first to a K-th stage performing an NTT (Number Theoretic Transform) operation of first input data including a polynomial of a homomorphic ciphertext, the first to K-th stages being connected in series, and a first assist circuit generating a first to a K-th enable signal based on a degree of the polynomial of the first input data. Each of the first to K-th stages performs a butterfly operation of the first input data or corresponding output data of a previous stage in response to that the corresponding enable signal among the first to K-th enable signals indicates a first logical value, and bypasses the first input data or the corresponding output data of the previous stage in response to that the corresponding enable signal among the first to K-th enable signals indicates a second logical value.

Embodiments of the present disclosure provide a data processing method and apparatus, wherein the data processing method includes: determining a first matrix and a second matrix, and splitting the second matrix into a first preset quantity of matrix blocks; invoking a Montgomery modular multiplication and addition instruction to perform an operation on an element included in the first matrix and an element included in a j.sup.th matrix block to obtain a matrix block operation result corresponding to the j.sup.th matrix block, and covering the element in the j.sup.th matrix block with the matrix block operation result corresponding to the j.sup.th matrix block; and increasing j by 1, continuing to perform the above-described step of obtaining the matrix block operation result until j is equal to the first preset quantity so as to obtain a target matrix from the matrix multiplication operation performed on the first matrix and the second matrix. In this way, a high-performance matrix multiplication algorithm based on Montgomery modular multiplication and addition is provided, which reduces operational complexity, effectively uses the advantages of batch processing of the Montgomery modular multiplication and addition instruction, and improves the operation efficiency of a processor performing a matrix multiplication operation.

A low latency relinearization process can be performed in an FPGA cluster for accelerating homomorphic encryption. The low-latency process performs an early calculation of matrix rows to make the summation result available earlier in the relinearization to reduce waiting of subsequent operations.

A system for decoding a transmission include a client device configured to receives a superposition via one or more communication links. The superposition may correspond to a transmission encoded into a plurality of fragments. The system may determine a coefficient for each fragment contained in the superposition and initialize a decoding process. The decoding process may facilitate determining a value of each fragment based on the identified coefficient of each fragment in the superposition. Advantageously, the system, through use of a the one or more communication links, may be configured to decode the transmission to derive information transmitted from a data source quickly and reliably.

Aspects of the present disclosure describe a method and a system to support execution of the method to perform a cryptographic operation involving identifying an N-word number, X=XN?1 . . . X.sub.1X.sub.o, to be squared, performing a first loop comprising M first loop iterations, wherein M is a largest integer not exceeding (N+1)/2, each of the M first loop iterations comprising a second loop that comprises a plurality of second loop iterations, wherein an iteration m of the second loop that is within an iteration j of the first loop comprises computing a product X.sub.a*X.sub.b of a word X.sub.a and a word X.sub.b, wherein a+b=2j+m, j?0 and m?0, and wherein all second loops have an equal number of second loop iterations.