Modular multiplication of long integers is a key component of elliptic curve cryptography and homomorphic encryption. The multiplication complexity can be reduced by applying the Karatsuba algorithm that decomposes the operands into shorter segments. Nevertheless, for long numbers, it takes many clock cycles in previous designs to calculate the final result by adding the segment products and then carrying out modular reduction. This paper considers Solinas prime moduli and proposes to integrate modular reduction into the segment products computed in the Karatsuba multiplication process. Accordingly, the intermediate results become much shorter and they can be added simultaneously using a Wallace-tree-based multi-input adder with small area overhead. Moduli of different formats are investigated in this paper. In addition, various optimization schemes are proposed to further reduce the latency and area requirement. Complexity analysis shows that, for 2, 3 and 4 decomposed multiplication with an example modulus, our design on average achieves 18.5% reduction on the latency with 5.5% increase in the area compared to the design that carries out modular reduction after final result of the multiplication is computed.

长整数的模乘法是椭圆曲线密码学和同态加密的关键组成部分。可以通过应用将操作数分解为较短段的 Karatsuba 算法来降低乘法复杂度。然而，对于长数，以前的设计需要很多时钟周期才能计算出最终的结果，方法是把段积相加，然后进行模约化。本文考虑 Solinas 素模，并建议将模约简集成到 Karatsuba 乘法过程中计算的段积中。因此，中间结果变得更短，并且可以使用基于华莱士树的多输入加法器同时添加它们，并且面积开销很小。本文研究了不同格式的模数。此外，提出了各种优化方案以进一步降低延迟和面积要求。复杂性分析表明，对于具有示例模数的 2、3 和 4 分解乘法，我们的设计与在最终结果后进行模减少的设计相比，平均延迟减少了 18.5%，面积增加了 5.5%。计算乘法。