The CSAIL2019 time-lock puzzle is an unsolved cryptographic challenge introduced by Ron Rivest in 2019, replacing the solved LCS35 puzzle. Solving these types of puzzles requires large amounts of intrinsically sequential computations, with each iteration performing a very large (3072-bit for CSAIL2019) modular multiplication operation. The complexity of each iteration is several times greater than known FPGA implementations, and the number of iterations has been increased by about 1000x compared to LCS35. Because of the high complexity of this new puzzle, a number of intermediate, or milestone versions of the puzzle have been specified. In this article, we present several FPGA architectures for the CSAIL2019 solver, which we implement on a medium-sized Intel Agilex device. We develop a new multi-cycle modular multiplication method, which is flexible and can fit on a wide variety of sizes of current FPGAs. We introduce a class of multi-cycle squarer-based architectures that allow for better resource and area trade-offs. We also demonstrate a new approach for improving the fitting and timing closure of large, chip-filling arithmetic designs. We used the solver to compute the first 22 out of the 28 milestone solutions of the puzzle, which are the first reported results for this problem.

CSAIL2019 时间锁定难题是 Ron Rivest 在 2019 年提出的一项未解决的密码挑战，取代了已解决的 LCS35 难题。解决这些类型的难题需要大量本质上顺序的计算，每次迭代都会执行非常大的（CSAIL2019 为 3072 位）模乘运算。每次迭代的复杂度比已知的 FPGA 实现大几倍，并且迭代次数与 LCS35 相比增加了约 1000 倍。由于这个新谜题的高度复杂性，已经指定了该谜题的许多中间版本或里程碑版本。在本文中，我们介绍了 CSAIL2019 求解器的几种 FPGA 架构，我们在中型 Intel Agilex 设备上实现了该架构。我们开发了一种新的多周期模乘方法，该方法非常灵活，可以适应当前 FPGA 的各种尺寸。我们引入了一类基于多周期平方器的架构，可以更好地权衡资源和面积。我们还展示了一种改进大型芯片填充算术设计的拟合和时序收敛的新方法。我们使用求解器计算了该难题 28 个里程碑解决方案中的前 22 个，这是该问题的第一个报告结果。