Results 1  10
of
40
The Relationship Between Breaking the DiffieHellman Protocol and Computing Discrete Logarithms
, 1998
"... Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that re ..."
Abstract

Cited by 38 (3 self)
 Add to MetaCart
Both uniform and nonuniform results concerning the security of the DiffieHellman keyexchange protocol are proved. First, it is shown that in a cyclic group G of order jGj = Q p e i i , where all the multiple prime factors of jGj are polynomial in log jGj, there exists an algorithm that reduces the computation of discrete logarithms in G to breaking the DiffieHellman protocol in G and has complexity p maxf(p i )g \Delta (log jGj) O(1) , where (p) stands for the minimum of the set of largest prime factors of all the numbers d in the interval [p \Gamma 2 p p+1; p+2 p p+ 1]. Under the unproven but plausible assumption that (p) is polynomial in log p, this reduction implies that the DiffieHellman problem and the discrete logarithm problem are polynomialtime equivalent in G. Second, it is proved that the DiffieHellman problem and the discrete logarithm problem are equivalent in a uniform sense for groups whose orders belong to certain classes: there exists a p...
ªLowComplexity Bitparallel Canonical and Normal Basis Multipliers for a Class of Finite Fields,º
 IEEE Trans. Computers
, 1998
"... Abstract—We present a new lowcomplexity bitparallel canonical basis multiplier for the field GF(2 m) generated by an allonepolynomial. The proposed canonical basis multiplier requires m 2 1 XOR gates and m 2 AND gates. We also extend this canonical basis multiplier to obtain a new bitparallel n ..."
Abstract

Cited by 37 (8 self)
 Add to MetaCart
Abstract—We present a new lowcomplexity bitparallel canonical basis multiplier for the field GF(2 m) generated by an allonepolynomial. The proposed canonical basis multiplier requires m 2 1 XOR gates and m 2 AND gates. We also extend this canonical basis multiplier to obtain a new bitparallel normal basis multiplier. Index Terms—Finite fields, multiplication, normal basis, canonical basis, allonepolynomial. 1
Mastrovito Multiplier for All Trinomials
 IEEE Trans. Computers
, 1999
"... An e cient algorithm for the multiplication in GF (2m)was introduced by Mastrovito. The space complexity of the Mastrovito multiplier for the irreducible trinomial x m + x +1was given as m 2, 1 XOR and m 2 AND gates. In this paper, we describe an architecture based on a new formulation of the multip ..."
Abstract

Cited by 36 (3 self)
 Add to MetaCart
An e cient algorithm for the multiplication in GF (2m)was introduced by Mastrovito. The space complexity of the Mastrovito multiplier for the irreducible trinomial x m + x +1was given as m 2, 1 XOR and m 2 AND gates. In this paper, we describe an architecture based on a new formulation of the multiplication matrix, and show that the Mastrovito multiplier for the generating trinomial x m + x n +1, where m 6 = 2n, also requires m 2, 1 XOR and m 2 AND gates. However, m 2, m=2 XOR gates are su cient when the generating trinomial is of the form x m + x m=2 +1 for an even m. We also calculate the time complexity of the proposed Mastrovito multiplier, and give design examples for the irreducible trinomials x 7 + x 4 + 1 and x 6 + x 3 +1.
The DiffieHellman Protocol
 DESIGNS, CODES, AND CRYPTOGRAPHY
, 1999
"... The 1976 seminal paper of Diffie and Hellman is a landmark in the history of cryptography. They introduced the fundamental concepts of a trapdoor oneway function, a publickey cryptosystem, and a digital signature scheme. Moreover, they presented a protocol, the socalled DiffieHellman protoco ..."
Abstract

Cited by 26 (0 self)
 Add to MetaCart
The 1976 seminal paper of Diffie and Hellman is a landmark in the history of cryptography. They introduced the fundamental concepts of a trapdoor oneway function, a publickey cryptosystem, and a digital signature scheme. Moreover, they presented a protocol, the socalled DiffieHellman protocol, allowing two parties who share no secret information initially, to generate a mutual secret key. This paper summarizes the present knowledge on the security of this protocol.
Mastrovito multiplier for general irreducible polynomials
 IEEE Transactions on Computers
, 2000
"... We present a new formulation of the Mastrovito multiplication matrix for the field GF(2 m) generated by an arbitrary irreducible polynomial. We study in detail several specific types of irreducible polynomials, e.g., trinomials, allonepolynomials, and equallyspacedpolynomials, and obtain the tim ..."
Abstract

Cited by 20 (0 self)
 Add to MetaCart
We present a new formulation of the Mastrovito multiplication matrix for the field GF(2 m) generated by an arbitrary irreducible polynomial. We study in detail several specific types of irreducible polynomials, e.g., trinomials, allonepolynomials, and equallyspacedpolynomials, and obtain the time and space complexity of these designs. Particular examples, illustrating the properties of the proposed architecture, are also given. The complexity results established in this paper match the best complexity results known to date. The most important new result is the space complexity of the Mastrovito multiplier for an equallyspacedpolynomial, which is found as (m 2 − ∆) XOR gates and m 2 AND gates, where ∆ is the spacing factor.
Parallel Multipliers Based on Special Irreducible Pentanomials
 IEEE Transactions on Computers
, 2003
"... The stateoftheart Galois field GF(2m)multipliers offer advantageous space and time complexities when the field is generated by some special irreducible polynomial. To date, the best complexity results have been obtained when the irreducible polynomial is either a trinomial or an equallyspace pol ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
The stateoftheart Galois field GF(2m)multipliers offer advantageous space and time complexities when the field is generated by some special irreducible polynomial. To date, the best complexity results have been obtained when the irreducible polynomial is either a trinomial or an equallyspace polynomial (ESP). Unfortunately, there exist only a few irreducible ESPs in the range of interest for most of the applications, e.g., errorcorrecting codes, computer algebra, and elliptic curve cryptography. Furthermore, it is not always possible to find an irreducible trinomial of degree m in this range. For those cases, where neither an irreducible trinomial or an irreducible ESP exists, the use of irreducible pentanomials has been suggested. Irreducible pentanomials are abundant, 2and there are several eligible candidates for a given m. Inthis paper, we promote the use of two special types of irreducible pentanomials. We propose new Mastrovito and dual basis multiplier architectures based on these special irreducible pentanomials, and give rigorous analyses of their space and time complexity. Index Terms: Finite fields arithmetic, parallel multipliers, pentanomials, multipliers for GF(2m). 1
Low Complexity Bit Parallel Architectures for Polynomial Basis Multiplication over GF(2 m
 IEEE Transactions on Computers
, 2004
"... Abstract—Representing the field elements with respect to the polynomial (or standard) basis, we consider bit parallel architectures for multiplication over the finite field GFð2 m Þ. In this effect, first we derive a new formulation for polynomial basis multiplication in terms of the reduction matri ..."
Abstract

Cited by 17 (2 self)
 Add to MetaCart
Abstract—Representing the field elements with respect to the polynomial (or standard) basis, we consider bit parallel architectures for multiplication over the finite field GFð2 m Þ. In this effect, first we derive a new formulation for polynomial basis multiplication in terms of the reduction matrix Q. The main advantage of this new formulation is that it can be used with any field defining irreducible polynomial. Using this formulation, we then develop a generalized architecture for the multiplier and analyze the time and gate complexities of the proposed multiplier as a function of degree m and the reduction matrix Q. To the best of our knowledge, this is the first time that these complexities are given in terms of Q. Unlike most other articles on bit parallel finite field multipliers, here we also consider the number of signals to be routed in hardware implementation and we show that, compared to the wellknown Mastrovito’s multiplier, the proposed architecture has fewer routed signals. In this article, the proposed generalized architecture is further optimized for three special types of polynomials, namely, equally spaced polynomials, trinomials, and pentanomials. We have obtained explicit formulas and complexities of the multipliers for these three special irreducible polynomials. This makes it very easy for a designer to implement the proposed multipliers using hardware description languages like VHDL and Verilog with minimum knowledge of finite field arithmetic. Index Terms—Finite or Galois field, Mastrovito multiplier, allone polynomial, polynomial basis, trinomial, pentanomial and equallyspaced polynomial. 1
C.: Itoh–Tsujii inversion in standard basis and its application in cryptography and codes
 Des. Codes Cryptogr
, 2002
"... Abstract. This contribution is concerned with a generalization of Itoh and Tsujii’s algorithm for inversion in extension fields GF (q m). Unlike the original algorithm, the method introduced here uses a standard (or polynomial) basis representation. The inversion method is generalized for standard b ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
Abstract. This contribution is concerned with a generalization of Itoh and Tsujii’s algorithm for inversion in extension fields GF (q m). Unlike the original algorithm, the method introduced here uses a standard (or polynomial) basis representation. The inversion method is generalized for standard basis representation and relevant complexity expressions are established, consisting of the number of extension field multiplications and exponentiations. As the main contribution, for three important classes of fields we show that the Frobenius map can be explored to perform the exponentiations required for the inversion algorithm efficiently. As an important consequence, Itoh and Tsujii’s inversion method shows almost the same practical complexity for standard basis as for normal basis representation for the field classes considered.
On Orders of Optimal Normal Basis Generators
 Math. Comp
, 1995
"... In this paper we give some computational results on the multiplicative orders of optimal normal basis generators in F2 n over F2 for n # 1200 whenever the complete factorization of 2  1 is known. Our results show that a subclass of optimal normal basis generators always have very high multiplic ..."
Abstract

Cited by 14 (6 self)
 Add to MetaCart
In this paper we give some computational results on the multiplicative orders of optimal normal basis generators in F2 n over F2 for n # 1200 whenever the complete factorization of 2  1 is known. Our results show that a subclass of optimal normal basis generators always have very high multiplicative orders and are very often primitive. For a given optimal normal basis generator # in F2 n and an arbitrary integer e, we show that # can be computed in O(n v(e)) bit operations, where v(e) is the number of 1's in the binary representation of e.
Fast Normal Basis Multiplication Using General Purpose Processors
 IEEE Transaction on Computers
, 2001
"... Abstract For cryptographic applications, normal bases have received considerable attention, especially for hardware implementation. In this document, we consider fast software algorithms for normal basis multiplication over the extended binary o/eld GF(2m). We present a vectorlevel algorithm which ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
Abstract For cryptographic applications, normal bases have received considerable attention, especially for hardware implementation. In this document, we consider fast software algorithms for normal basis multiplication over the extended binary o/eld GF(2m). We present a vectorlevel algorithm which essentially eliminates the bitwise inner products needed in the conventional approach to the normal basis multiplication. We then present another algorithm which signio/cantly reduces the dynamic instruction counts. Both algorithms utilize the full width of the datapath of the general purpose processor on which the software is to be executed. We also consider composite o/elds and present an algorithm which can provide further speedups and an added AEexibility toward hardwaresoftware codesign of processors for very large o/nite o/elds.