## Finite field polynomial multiplication in the frequency domain with application to elliptic curve cryptography (2006)

### Cached

### Download Links

- [ece.wpi.edu]
- [www.crypto.wpi.edu]
- [www.geocities.com]
- DBLP

### Other Repositories/Bibliography

Venue: | In Proceedings of the 21th International Symposium on Computer and Information Sciences (ISCIS 2006), volume 4263 of Lecture Notes in Computer Science (LNCS |

Citations: | 5 - 3 self |

### BibTeX

@INPROCEEDINGS{Baktır06finitefield,

author = {Selçuk Baktır and Berk Sunar},

title = {Finite field polynomial multiplication in the frequency domain with application to elliptic curve cryptography},

booktitle = {In Proceedings of the 21th International Symposium on Computer and Information Sciences (ISCIS 2006), volume 4263 of Lecture Notes in Computer Science (LNCS},

year = {2006},

pages = {991--1001},

publisher = {Springer}

}

### OpenURL

### Abstract

Abstract. We introduce an efficient method for computing Montgomery products of polynomials in the frequency domain. The discrete Fourier transform (DFT) based method originally proposed for integer multiplication provides an extremely efficient method with the best asymptotic complexity, i.e. O(m log m log log m), for multiplication of m-bit integers or (m − 1) st degree polynomials. However, the original DFT method bears significant overhead due to the conversions between the time and the frequency domains which makes it impractical for short operands as used in many applications. In this work, we introduce DFT modular multiplication which performs the entire modular multiplication (including the reduction step) in the frequency domain, and thus eliminates costly back and forth conversions. We show that, especially in computationally constrained platforms, multiplication of finite field elements may be achieved more efficiently in the frequency domain than in the time domain for operand sizes relevant to elliptic curve cryptography (ECC). To the best of our knowledge, this is the first work that proposes the use of frequency domain arithmetic for ECC and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1

### Citations

3152 | A Method for Obtaining Digital Signatures and Public-Key Cryptosystems
- Rivest, Shamir, et al.
- 1978
(Show Context)
Citation Context ...omains where multiplication has only linear complexity but reduction is difficult have been proposed with applications in cryptography [2],[3]. In [2], the authors propose a full implementation of RSA=-=[20]-=- in the Residue Number System (RNS) which does not require any conversions either from radix to RNS beforehand or from RNS to radix afterwards. In their implementation they use an RNS version of the M... |

732 |
An algorithm for the machine calculation of complex Fourier series
- Cooley, Tukey
- 1965
(Show Context)
Citation Context ... to its recursive nature. The known fastest multiplication algorithm, introduced by Schönhage and Strassen [16], performs multiplication in the frequency domain using the fast Fourier transform (FFT) =-=[6]-=- with complexity O(m log m log log m) for multiplication of m-bit integers or m-coefficient polynomials [7]. Unfortunately, the FFT based algorithm becomes efficient and useful in practice only for ve... |

459 |
Algebraic coding theory
- Berlekamp
- 1968
(Show Context)
Citation Context ...n arithmetic for ECC and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1 Introduction Finite fields have many applications in coding theory =-=[2, 1]-=-, cryptography [11, 4, 13], and digital signal processing [3]. Hence efficient implementation of finite field arithmetic operations is crucial. Multiplication of finite field elements is commonly impl... |

449 |
Modular multiplication without trial division
- Montgomery
- 1985
(Show Context)
Citation Context ...f finite field additions, subtractions, multiplications, squarings and inversions on the input point coordinates [5]. The Montgomery residue representation has proven to be useful in this computation =-=[12]-=-, [10], [9]. In using this method, first the operands are converted to their respective Montgomery residue representations, then utilizing Montgomery arithmetic the desired computation is implemented,... |

440 |
Theory and Practice of Error Control Codes
- Blahut
- 1983
(Show Context)
Citation Context ...n arithmetic for ECC and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1 Introduction Finite fields have many applications in coding theory =-=[2, 1]-=-, cryptography [11, 4, 13], and digital signal processing [3]. Hence efficient implementation of finite field arithmetic operations is crucial. Multiplication of finite field elements is commonly impl... |

180 |
Multiplication of multidigit numbers on automata
- Karatsuba, Ofman
- 1963
(Show Context)
Citation Context ...ethod has quadratic complexity, i.e. O(m 2 ), given in terms of the number of coefficient multiplications and additions. This complexity may be improved to O(m log 2 3 ) using the Karatsuba algorithm =-=[8]-=-. However, despite the significant improvement gained by the Karatsuba algorithm, the complexity issstill not optimal. Furthermore, the implementation of the Karatsuba algorithm is more burdensome due... |

173 |
Elliptic curves in cryptography
- Blake, Seroussi, et al.
- 1999
(Show Context)
Citation Context ...in elliptic curve cryptography a scalar point product is computed by applying a chain of finite field additions, subtractions, multiplications, squarings and inversions on the input point coordinates =-=[5]-=-. The Montgomery residue representation has proven to be useful in this computation [12], [10], [9]. In using this method, first the operands are converted to their respective Montgomery residue repre... |

116 |
Finite Fields for Computer Scientists and Engineers
- McEliece
- 1987
(Show Context)
Citation Context ...and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1 Introduction Finite fields have many applications in coding theory [2, 1], cryptography =-=[11, 4, 13]-=-, and digital signal processing [3]. Hence efficient implementation of finite field arithmetic operations is crucial. Multiplication of finite field elements is commonly implemented in terms of modula... |

110 |
Fast Algorithms for Digital Signal Processing
- Blahut
- 1987
(Show Context)
Citation Context ...ds: Finite field multiplication, DFT, elliptic curve cryptography. 1 Introduction Finite fields have many applications in coding theory [2, 1], cryptography [11, 4, 13], and digital signal processing =-=[3]-=-. Hence efficient implementation of finite field arithmetic operations is crucial. Multiplication of finite field elements is commonly implemented in terms of modular multiplication of polynomials rea... |

85 | Analyzing and comparing Montgomery multiplication algorithms
- Koç, Acar, et al.
- 1996
(Show Context)
Citation Context ...te field additions, subtractions, multiplications, squarings and inversions on the input point coordinates [5]. The Montgomery residue representation has proven to be useful in this computation [12], =-=[10]-=-, [9]. In using this method, first the operands are converted to their respective Montgomery residue representations, then utilizing Montgomery arithmetic the desired computation is implemented, and f... |

84 |
Schnelle Multiplikation großer Zahlen
- SCHÖNHAGE, STRASSEN
- 1971
(Show Context)
Citation Context ...ot optimal. Furthermore, the implementation of the Karatsuba algorithm is more burdensome due to its recursive nature. The known fastest multiplication algorithm, introduced by Schönhage and Strassen =-=[16]-=-, performs multiplication in the frequency domain using the fast Fourier transform (FFT) [6] with complexity O(m log m log log m) for multiplication of m-bit integers or m-coefficient polynomials [7].... |

68 |
Finite fields, volume 20 of Encyclopedia of Mathematics and its Applications
- Lidl, Niederreiter
- 1997
(Show Context)
Citation Context ...e Fields and Polynomial Representation A field with finite number of elements is called a finite field or Galois field, denoted by Fq or GF (q), where q stands for the number of elements in the field =-=[14]-=-. The number of elements in a finite field is always a prime or a prime power, i.e., q = p or q = p m ,where the prime number p is called the characteristic of the finite field. When q is a prime, i.e... |

60 |
Efficient VLSI Architectures for Bit-Parallel Computation in Galois Fields
- Paar
- 1994
(Show Context)
Citation Context ...and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1 Introduction Finite fields have many applications in coding theory [2, 1], cryptography =-=[11, 4, 13]-=-, and digital signal processing [3]. Hence efficient implementation of finite field arithmetic operations is crucial. Multiplication of finite field elements is commonly implemented in terms of modula... |

43 |
The fast Fourier transform in a finite field
- Pollard
- 1971
(Show Context)
Citation Context ...r the very last ones. 2 Background Number Theoretic Transform (NTT) Number theoretic transform over a ring, also known as the discrete Fourier transform over a finite field, was introduced by Pollard =-=[14]-=-. For a finite field GF (q) and a generic sequence (a) of length d whose entries are from GF (q), the forward NTT of (a) over GF (q), denoted by (A), can be computed as �d−1 Aj = air ij , 0 ≤ j ≤ d − ... |

19 | Generalizations of the Karatsuba Algorithm for Efficient Implementations
- Weimerskirch, Paar
(Show Context)
Citation Context ...e Karatsuba algorithm is only an approximate one for the case when m is a power of two. For the best complexities of the Karatsuba algorithm for different extension degrees, the reader is referred to =-=[17]-=-. 8sClearly, the complexity of DFT modular multiplication (Algorithm 2) is an improvement upon the direct DFT approach (Algorithm 1). Moreover, since DFT modular multiplication requires significantly ... |

18 |
Applications of Finite Fields
- Blake, Gao, et al.
- 1999
(Show Context)
Citation Context ...and shows that it can be efficient. Key Words: Finite field multiplication, DFT, elliptic curve cryptography. 1 Introduction Finite fields have many applications in coding theory [2, 1], cryptography =-=[11, 4, 13]-=-, and digital signal processing [3]. Hence efficient implementation of finite field arithmetic operations is crucial. Multiplication of finite field elements is commonly implemented in terms of modula... |

16 |
Discrete convolutions via Mersenne transform
- Rader
- 1972
(Show Context)
Citation Context ... element r can be utilized for the same purpose in an NTT. A number theoretic transform of special interest is Mersenne transform, which is an NTT with arithmetic modulo a Mersenne number Mn = 2n − 1 =-=[15]-=-. Hence, if q is a Mersenne prime, then the NTT over GF (q) is a Mersenne transform. Mersenne transform allows for very efficient forward and inverse DFT operations for r = ±2k , where k is an integer... |

15 |
L.: A full RNS implementation of RSA
- Bajard, Imbert
(Show Context)
Citation Context ...gnificant overhead. Similar approaches on doing arithmetic over domains where multiplication has only linear complexity but reduction is difficult have been proposed with applications in cryptography =-=[2]-=-,[3]. In [2], the authors propose a full implementation of RSA[20] in the Residue Number System (RNS) which does not require any conversions either from radix to RNS beforehand or from RNS to radix af... |

11 |
Prime Numbers: A
- Crandall, Pomerance
(Show Context)
Citation Context ...[16], performs multiplication in the frequency domain using the fast Fourier transform (FFT) [6] with complexity O(m log m log log m) for multiplication of m-bit integers or m-coefficient polynomials =-=[7]-=-. Unfortunately, the FFT based algorithm becomes efficient and useful in practice only for very large operands, e.g. larger than 1000 bits in size, due to the overhead associated with the forward and ... |

4 |
Efficient multiplication in GF (p k ) for elliptic curve cryptography
- Bajard, Imbert, et al.
- 2003
(Show Context)
Citation Context ...icant overhead. Similar approaches on doing arithmetic over domains where multiplication has only linear complexity but reduction is difficult have been proposed with applications in cryptography [2],=-=[3]-=-. In [2], the authors propose a full implementation of RSA[20] in the Residue Number System (RNS) which does not require any conversions either from radix to RNS beforehand or from RNS to radix afterw... |