METHOD FOR ARBITRARY-PRECISION DIVISION OR MODULAR REDUCTION

摘要

A method in a portable data carrier for executing a cryptographic operation on security-relevant data comprises a step of determining a remainder (r) of a dividend (a) modulo a divisor (b). In so doing, the remainder (r) is determined iteratively by means of a division device of the data carrier. In each iteration there is carried out a Montgomery multiplication with the divisor (b) as the modulus and an additive linkage of an output value of the Montgomery multiplication with a coefficient (ai) derived from the dividend (a) and associated with the respective iteration. The Montgomery multiplication is carried out here by means of a multiplication device of the data carrier, preferably a corresponding coprocessor. The Montgomery multiplication of a subsequent iteration receives a result of a preceding iteration as an input value.