DOCSLIB.ORG

Basic Concept in Number Theory and Finite Fields

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Basic Concept in Number Theory and Finite Fields BasicBasic ConceptsConcepts inin NumberNumber TheoryTheory andand FiniteFinite FieldsFields Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 [email protected] Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/ Washington University in St. Louis CSE571S ©2014 Raj Jain 4-1 OverviewOverview 1. The Euclidean Algorithm for GCD 2. Modular Arithmetic 3. Groups, Rings, and Fields 4. Galois Fields GF(p) 5. Polynomial Arithmetic These slides are partly based on Lawrie Brown’s slides supplied with William Stalling’s book “Cryptography and Network Security: Principles and Practice,” 6th Ed, 2013. Washington University in St. Louis CSE571S ©2014 Raj Jain 4-2 Euclid'sEuclid's AlgorithmAlgorithm Goal: To find greatest common divisor Example: gcd(10,25)=5 using long division 10) 25 (2 20 -- 5)10 (2 10 -- 00 Test: What is GCD of 12 and 105? Washington University in St. Louis CSE571S ©2014 Raj Jain 4-3 Euclid'sEuclid's Algorithm:Algorithm: TabularTabular MethodMethod 1. Write the first 2 rows. Set i = 2. 2. Divide ri-1 by ri, write quotient qi+1 on the next row 3. Fill out the remaining entries in the new bottom row: a. Multiply ri by qi+1 and subtract from ri-1 b. Multiply ui by qi+1 and subtract from ui-1 c. Multiply v by q and subtract from previous v r = u x + v y i i+1 i-1 i i i ui = u i-2 -q i ui-1 vi = v i-2 -qi vi-1 Finally, If r i = 0, gcd(x,y) = ri-1 -1 If gcd( x, y)= 1, ui x + vi y = 1 x mod y = ui ui is the inverse of x in “mod y” arithmetic. Washington University in St. Louis CSE571S ©2014 Raj Jain 4-4 EuclidEuclid’’ss AlgorithmAlgorithm TabularTabular MethodMethod (Cont)(Cont) Example 2: Fill in the blanks Washington University in St. Louis CSE571S ©2014 Raj Jain 4-5 HomeworkHomework 4A4A Find the multiplicative inverse of 5678 mod 8765 Do it on your own. Do not submit. Answer: 2527 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-6 ModularModular ArithmeticArithmetic xy mod m = (x mod m) (y mod m) mod m (x+y) mod m = ((x mod m)+ (y mod m)) mod m (x-y) mod m = ((x mod m)- (y mod m)) mod m x4 mod m = (x2 mod m)(x2 mod m) mod m xij mod m = (xi mod m)j mod m 125 mod 187 = 125 (225+285) mod 187 = (225 mod 187) + (285 mod 187) = 38+98 = 136 1252 mod 187 = 15625 mod 187 = 104 4 2 2 125 mod 187 = (125 mod 187) mod 187 = 104 2 mod 187 = 10816 mod 187 = 157 1256 mod 187 = 1254+2 mod 187 = (157104) mod 187 = 59 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-7 ModularModular ArithmeticArithmetic OperationsOperations Z = Set of all integers = {…, -2, -1, 0, 1, 2, …} Zn = Set of all non-negative integers less than n = {0, 1, 2, …, n-1} Z2 = {0, 1} Z8 = { 0, 1, 2, 3, 4, 5, 6, 7} 8 Addition, Subtraction, Multiplication, and division can all be defined in Z n For Example: (5+7) mod 8 = 4 (4- 5) mod 8 = 7 (5 7) mod 8 = 3 (3/7) mod 8 = 5 (5*5) mod 8 = 1 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-8 ModularModular ArithmeticArithmetic PropertiesProperties Washington University in St. Louis CSE571S ©2014 Raj Jain 4-9 HomeworkHomework 4B4B Determine 125107 mod 187 Do it on your own. Do not submit. Answer: 5 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-10 GroupGroup Group: A set of elements that is closed with respect to some operation. Closed The result of the operation is also in the set The operation obeys: Obeys associative law:(a.b).c = a.(b.c) Has identity e: e.a = a.e = a -1 -1 Has inverses a : a.a = e Abelian Group: The operation is commutative a.b = b.a Example: Z8, + modular addition, identity =0 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-11 CyclicCyclic GroupGroup ExponentiationExponentiation:: RepeatedRepeated applicationapplication ofof operatoroperator 3 example:example: aa == a.a.aa.a.a CyclicCyclic GroupGroup:: EveryEvery elementelement isis aa powerpower ofof somesome fixedfixed element,element, i.e.,i.e., bb == aak forfor somesome aa andand everyevery bb inin groupgroup aa isis saidsaid toto bebe aa generatorgenerator ofof thethe group group Example:Example: {0,1,{0,1, 2,2, 4,4, 8} 8} withwith modmod 1212 multiplication,multiplication, thethe generatorgenerator isis 2.2. 220=1,=1, 221=2,=2, 222=4,=4, 223=8,=8, 224=4,=4, 225=8=8 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-12 RingRing Ring: 1. A group with two operations: addition and multiplication 2. The group is abelian with respect to addition: a+b=b+a 3. Multiplication and additions are both associative: a+(b+c)=(a+b)+c a.(b.c)=(a.b).c 1. Multiplication distributes over addition a.(b+c)=a.b+a.c (a+b).c = a.c + b.c Commutative Ring: Multiplication is commutative, i.e., a.b = b.a Integral Domain: Multiplication operation has an identity and no zero divisors Ref: http://en.wikipedia.org/wiki/Ring_%28mathematics%29 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-13 HomeworkHomework 4C4C Consider the set S = {a, b, c} with addition and multiplication defined by the following tables: + abc abc × a abc a abc b bac b bbb c cca c cbc Is S a ring? Justify your answer. Washington University in St. Louis CSE571S ©2014 Raj Jain 4-14 FieldField FieldField:: AnAn integralintegral domaindomain inin whichwhich eacheach elementelement hashas a multiplicative inverse. a multiplicative inverse. Washington University in St. Louis CSE571S ©2014 Raj Jain 4-15 FiniteFinite FieldsFields oror GaloisGalois FieldsFields Finite Field: A field with finite number of elements Also known as Galois Field The number of elements is always a power of a prime number. n Hence, denoted as GF(p ) GF(p) is the set of integers {0,1, … , p-1} with arithmetic operations modulo prime p Can do addition, subtraction, multiplication, and division without leaving the field GF(p) GF(2) = Mod 2 arithmetic GF(8) = Mod 8 arithmetic There is no GF(6) since 6 is not a power of a prime. Washington University in St. Louis CSE571S ©2014 Raj Jain 4-16 GF(7)GF(7) MultiplicationMultiplication ExampleExample × 0 1 2 3 4 5 6 0 0 0 0 0 0 0 0 1 0 1 2 3 4 5 6 2 0 2 4 6 1 3 5 3 0 3 6 2 5 1 4 4 0 4 1 5 2 6 3 5 0 5 3 1 6 4 2 6 0 6 5 4 3 2 1 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-17 PolynomialPolynomial ArithmeticArithmetic n n-1 i ff((xx)) == aanxx ++ aan-1xx ++ …… ++ aa1xx ++ aa0 == ∑∑ aaixx 1. OrdinaryOrdinary polynomialpolynomial arithmetic:arithmetic: Add,Add, subtract,subtract, multiply,multiply, dividedivide polynomials,polynomials, FindFind remainders,remainders, quotient.quotient. SomeSome polynomialspolynomials havehave nono factorsfactors andand areare prime.prime. 2. PolynomialPolynomial arithmeticarithmetic withwith modmod pp coefficientscoefficients 3. PolynomialPolynomial arithmeticarithmetic withwith modmod pp coefficientscoefficients andand modmod m(xm(x)) operationsoperations Washington University in St. Louis CSE571S ©2014 Raj Jain 4-18 Polynomial Arithmetic with Mod 2 Coefficients All coefficients are 0 or 1, e.g., 3 2 2 let f(x) = x + x and g(x) = x + x + 1 f(x) + g(x) = x3 + x + 1 f(x) g(x) = x5 + x 2 Polynomial Division: f(x) = q(x) g(x) + r(x) can interpret r(x) as being a remainder r(x ) = f(x) mod g(x) if no remainder, say g(x) divides f(x) if g (x) has no divisors other than itself & 1 say it is irreducible (or prime) polynomial Arithmetic modulo an irreducible polynomial forms a finite field Can use Euclid’s algorithm to find gcd and inverses. Washington University in St. Louis CSE571S ©2014 Raj Jain 4-19 ExampleExample GF(2GF(23)) Washington University in St. Louis CSE571S ©2014 Raj Jain 4-20 ComputationalComputational ExampleExample inin GF(2GF(2n)) Since coefficients are 0 or 1, any polynomial can be represented as a bit string 3 2 2 In GF(2 ), (x +1) is 1012 & (x +x+1) is 1112 Addition: 2 2 (x +1) + (x +x+1) = x 101 XOR 111 = 0102 Multiplication: 2 2 2 (x+1).(x +1) = x.(x +1) + 1.(x +1) 3 2 3 2 = x +x+x +1 = x +x +x+1 011.101 = (101)<<1 XOR (101)<<0 = <<n Shift left n 1010 XOR 101 = 1111 1010 XOR 101 = 11112 Polynomial modulo reduction (get q(x) & r(x)) is 3 2 3 3 2 2 (x +x +x+1 ) mod (x +x+1) = 1.(x +x+1) + (x ) = x 1111 mod 1011 = 1111 XOR 1011 = 0100 2 Washington University in St. Louis CSE571S ©2014 Raj Jain 4-21 HomeworkHomework 4D4D Determine the gcd of the following pairs of polynomials over GF(11) 5x3+2x2-5x-2 and 5x5+2x4+6x2+9x Washington University in St. Louis CSE571S ©2014 Raj Jain 4-22 UsingUsing aa GeneratorGenerator AA generatorgenerator gg isis anan elementelement whosewhose powerspowers generategenerate allall nonnon--zerozero elementselements inin FF havehave 0,0, gg0,, gg1,, ……,, ggq-2 CanCan createcreate generatorgenerator fromfrom rootroot ofof thethe irreducibleirreducible polynomialpolynomial thenthen addingadding exponentsexponents ofof generatorgenerator Washington University in St. Louis CSE571S ©2014 Raj Jain 4-23 SummarySummary 1. Euclid’s tabular method allows finding gcd and inverses 2.
Load more

Recommended publications
  • What Can (And Can't) We Do with Sparse Polynomials?
    What Can (and Can’t) we Do with Sparse Polynomials? Daniel S. Roche United States Naval Academy Annapolis, Maryland, U.S.A. [email protected] ABSTRACT This sparse representation matches the one used by default for Simply put, a sparse polynomial is one whose zero coefficients are multivariate polynomials in modern computer algebra systems and not explicitly stored. Such objects are ubiquitous in exact computing, libraries such as Magma [83], Maple [73], Mathematica, Sage [84], and so naturally we would like to have efficient algorithms to handle and Singular [81]. them. However, with this compact storage comes new algorithmic challenges, as fast algorithms for dense polynomials may no longer 1.1 Sparse polynomial algorithm complexity be efficient. In this tutorial we examine the state of the art forsparse Sparse polynomials in the distributed representation are also called polynomial algorithms in three areas: arithmetic, interpolation, and lacunary or supersparse [55] in the literature to emphasize that, in factorization. The aim is to highlight recent progress both in theory this representation, the degree of a polynomial could be exponen- and in practice, as well as opportunities for future work. tially larger than its bit-length. This exposes the essential difficulty of computing with sparse polynomials, in that efficient algorithms KEYWORDS for dense polynomials may cost exponential-time in the sparse setting. sparse polynomial, interpolation, arithmetic, factorization Specifically, when analyzing algorithms for dense polynomials, the most important measure is the degree bound D 2 N such that ACM Reference Format: Daniel S. Roche. 2018. What Can (and Can’t) we Do with Sparse Polyno- deg f < D.
    [Show full text]
  • A New Algorithm to Search for Irreducible Polynomials Using Q Decimal Equivalents of Polynomials Over Galois Field GF(P )
    A New Algorithm to Search for Irreducible Polynomials Using q Decimal Equivalents of Polynomials over Galois Field GF(p ) 1 2 Sankhanil Dey and Ranjan Ghosh Institute of Radio Physics and Electronics University of Calcutta, 92 A. P. C. Road, Kolkata – 700 009 1 2 [email protected], [email protected] Abstract. In this paper a new algorithm to find the decimal equivalents of all monic irreducible polynomials (IPs) over Galois Field GF(pq) has been introduced. This algorithm is effective to find the decimal equivalents of monic IPs over Galois Field with a large value of prime modulus and also with a large extension of the prime modulus. The algorithm introduced in this paper is much more time effective with less complexity. It is able to find monic irreducible polynomials for a large value of prime modulus and also with large extension of the prime modulus in few seconds. Introduction. From the last few decades, efficient implementation of cryptographic algorithms has been in the focal point of major research efforts in cryptography. Cryptography is one of the most dominant application areas of the finite field arithmetic [1]. Almost all symmetric-key cryptographic algorithms, including recent algorithms such as elliptic curve and pairing-based cryptography depends heavily on finite field arithmetic. Majority of cryptographic algorithms utilize arithmetic in finite mathematical structures such as finite multiplicative groups, rings, polynomials and finite fields [2]. The use of basic arithmetic operations (i.e. addition, multiplication, and inversion) over finite fields, GF(pq), where p is prime modulus and q is extension of the prime modulii, are dominant in many cryptographic algorithms such as RSA algorithm [3], Diffie-Hellman key exchange algorithm [4], the US federal Digital Signature Standard [5], elliptic curve cryptography [6][7], and also recently pairing-based cryptography [8][9].
    [Show full text]
  • Taking Place Value Seriously: Arithmetic, Estimation, and Algebra
    Taking Place Value Seriously: Arithmetic, Estimation, and Algebra by Roger Howe, Yale University and Susanna S. Epp, DePaul University Introduction and Summary Arithmetic, first of nonnegative integers, then of decimal and common fractions, and later of rational expres- sions and functions, is a central theme in school mathematics. This article attempts to point out ways to make the study of arithmetic more unified and more conceptual through a systematic emphasis on place-value structure in the base 10 number system. The article contains five sections. Section one reviews the basic principles of base 10 notation and points out the sophisticated structure underlying its amazing efficiency. Careful definitions are given for the basic constituents out of which numbers written in base 10 notation are formed: digit, power of 10 ,andsingle-place number. The idea of order of magnitude is also discussed, to prepare the way for considering relative sizes of numbers. Section two discusses how base 10 notation enables efficient algorithms for addition, subtraction, mul- tiplication and division of nonnegative integers. The crucial point is that the main outlines of all these procedures are determined by the form of numbers written in base 10 notation together with the Rules of Arithmetic 1. Division plays an especially important role in the discussion because both of the two main ways to interpret numbers written in base 10 notation are connected with division. One way is to think of the base 10 expansion as the result of successive divisions-with-remainder by 10; the other way involves suc- cessive approximation by single-place numbers and provides the basis for the usual long-division algorithm.
    [Show full text]
  • 3 Finite Field Arithmetic
    18.783 Elliptic Curves Spring 2021 Lecture #3 02/24/2021 3 Finite field arithmetic In order to perform explicit computations with elliptic curves over finite fields, we first need to understand how to compute in finite fields. In many of the applications we will consider, the finite fields involved will be quite large, so it is important to understand the computational complexity of finite field operations. This is a huge topic, one to which an entire course could be devoted, but we will spend just one or two lectures on this topic, with the goal of understanding the most commonly used algorithms and analyzing their asymptotic complexity. This will force us to omit many details, but references to the relevant literature will be provided for those who want to learn more. Our first step is to fix an explicit representation of finite field elements. This might seem like a technical detail, but it is actually quite crucial; questions of computational complexity are meaningless otherwise. Example 3.1. By Theorem 3.12 below, the multiplicative group of a finite field Fq is cyclic. One way to represent the nonzero elements of a finite field is as explicit powers of a fixed generator, in which case it is enough to know the exponent, an integer in [0; q − 1]. With this representation multiplication and division are easy, solving the discrete logarithm problem is trivial, but addition is costly (not even polynomial time). We will instead choose a representation that makes addition (and subtraction) very easy, multiplication slightly harder but still easy, division slightly harder than multiplication but still easy (all these operations take quasi-linear time).
    [Show full text]
  • Implementation Techniques for Fast Polynomial Arithmetic in a High-Level Programming Environment
    Implementation Techniques For Fast Polynomial Arithmetic In A High-level Programming Environment Akpodigha Filatei Xin Li Marc Moreno Maza ORCCA, University of Western ORCCA, University of Western ORCCA, University of Western Ontario (UWO) Ontario (UWO) Ontario (UWO) London, Ontario, Canada London, Ontario, Canada London, Ontario, Canada afi[email protected] [email protected] [email protected] Eric´ Schost LIX, Ecole´ polytechnique 91128 Palaiseau, France [email protected] ABSTRACT multiplication is “better than the classical method approxi- Though there is increased activity in the implementation of mately when n + m ≥ 600”, where n and m are the degrees asymptotically fast polynomial arithmetic, little is reported of the input polynomials. In [22] p. 501, quoting [3], Knuth on the details of such effort. In this paper, we discuss how we writes “He (R. P. Brent) estimated that Strassen’s scheme achieve high performance in implementing some well-studied would not begin to excel over Winograd’s until n ≈ 250 and fast algorithms for polynomial arithmetic in two high-level such enormous matrices rarely occur in practice unless they programming environments, AXIOM and Aldor. are very sparse, when other techniques apply.” Two approaches are investigated. With Aldor we rely The implementation of asymptotically fast arithmetic was only on high-level generic code, whereas with AXIOM we not the primary concern of the early computer algebra sys- endeavor to mix high-level, middle-level and low-level spe- tems, which had many other challenges to face. For in- stance, one of the main motivations for the development of cialized code. We show that our implementations are satis- AXIOM factory compared with other known computer algebra sys- the computer algebra system [19] was the design tems or libraries such as Magma v2.11-2 and NTL v5.4.
    [Show full text]
  • Cryptography and Network Security Chapter 4
    Cryptography and Network Chapter 4 –Basic Concepts in Number Security Theory and Finite Fields Chapter 4 The next morning at daybreak, Star flew indoors, seemingly keen for a lesson. I said, "Tap eight." She did a brilliant exhibition, first tapping it in 4, 4, then giving me a hasty glance and doing it in 2, 2, 2, 2, before coming for her nut. It is astonishing that Star learned to count up to 8 with no difficulty, and of her own accord discovered that each number could be given with various different divisions, this leaving no doubt that she was Fifth Edition consciously thinking each number. In fact, she did mental arithmetic, although unable, like humans, to name the numbers. But she learned to by William Stallings recognize their spoken names almost immediately and was able to remember the sounds of the names. Star is unique as a wild bird, who of her own free will pursued the science of numbers with keen interest and astonishing intelligence. Lecture slides by Lawrie Brown — Living with Birds, Len Howard Introduction Divisors • will now introduce finite fields • say a non‐zero number b divides a if for some m • of increasing importance in cryptography have a=mb (a,b,m all integers) – AES, Elliptic Curve, IDEA, Public Key • that is b divides into a with no remainder • concern operations on “numbers” • denote this b|a – where what constitutes a “number” and the type • and say that b is a divisor of a of operations varies considerably • eg. all of 1,2,3,4,6,8,12,24 divide 24 • start with basic number theory concepts • eg.
    [Show full text]
  • Finite Fields (PART 3): Polynomial Arithmetic
    Lecture 6: Finite Fields (PART 3) PART 3: Polynomial Arithmetic Theoretical Underpinnings of Modern Cryptography Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) February 4, 2021 12:02 Noon ©2021 Avinash Kak, Purdue University Goals: To review polynomial arithmetic Polynomial arithmetic when the coefficients are drawn from a finite field The concept of an irreducible polynomial Polynomials over the GF (2) finite field CONTENTS Section Title Page 6.1 Polynomial Arithmetic 3 6.2 Arithmetic Operations on Polynomials 5 6.3 Dividing One Polynomial by Another Using Long 7 Division 6.4 Arithmetic Operations on Polynomial Whose 9 Coefficients Belong to a Finite Field 6.5 Dividing Polynomials Defined over a Finite Field 11 6.6 Let’s Now Consider Polynomials Defined 13 over GF (2) 6.7 Arithmetic Operations on Polynomials 15 over GF (2) 6.8 So What Sort of Questions Does Polynomial 17 Arithmetic Address? 6.9 Polynomials over a Finite Field Constitute a Ring 18 6.10 When is Polynomial Division Permitted? 20 6.11 Irreducible Polynomials, Prime Polynomials 22 6.12 Homework Problems 23 2 Computer and Network Security by Avi Kak Lecture 6 Back to TOC 6.1 POLYNOMIAL ARITHMETIC Why study polynomial arithmetic? For the very simple reason that we can represent a bit pattern by a polynomial in, say, the variable x. Each power of x in the polynomial can stand for a bit position in a bit pattern. For example, we can represent the bit pattern 111 by the polynomial x2 + x +1. On the other hand, the bit pattern 101 would be represented by the polynomial x2 + 1 and the pattern 011 by the polynomial x +1.
    [Show full text]
  • Algorithms and Data Structures for Sparse Polynomial Arithmetic
    mathematics Article Algorithms and Data Structures for Sparse Polynomial Arithmetic Mohammadali Asadi, Alexander Brandt *, Robert H. C. Moir and Marc Moreno Maza Department of Computer Science, University of Western Ontario, London, ON N6A 5B7, Canada; [email protected] (M.A.); [email protected] (R.H.C.M.); [email protected] (M.M.M.) * Correspondence: [email protected] Received: 1 February 2019; Accepted: 12 May 2019; Published: 17 May 2019 Abstract: We provide a comprehensive presentation of algorithms, data structures, and implementation techniques for high-performance sparse multivariate polynomial arithmetic over the integers and rational numbers as implemented in the freely available Basic Polynomial Algebra Subprograms (BPAS) library. We report on an algorithm for sparse pseudo-division, based on the algorithms for division with remainder, multiplication, and addition, which are also examined herein. The pseudo-division and division with remainder operations are extended to multi-divisor pseudo-division and normal form algorithms, respectively, where the divisor set is assumed to form a triangular set. Our operations make use of two data structures for sparse distributed polynomials and sparse recursively viewed polynomials, with a keen focus on locality and memory usage for optimized performance on modern memory hierarchies. Experimentation shows that these new implementations compare favorably against competing implementations, performing between a factor of 3 better (for multiplication over the integers) to more than 4 orders of magnitude better (for pseudo-division with respect to a triangular set). Keywords: sparse polynomials; polynomial arithmetic; normal form; pseudo-division; pseudo-remainder; sparse data structures 1. Introduction Technological advances in computer hardware have allowed scientists to greatly expand the size and complexity of problems tackled by scientific computing.
    [Show full text]
  • Finite Fields (PART 4)
    Lecture 7: Finite Fields (PART 4) PART 4: Finite Fields of the Form GF (2n) Theoretical Underpinnings of Modern Cryptography Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) February 9, 2021 4:58pm ©2021 Avinash Kak, Purdue University Goals: n To review finite fields of the form GF (2 ) To show how arithmetic operations can be carried out by directly operating on the bit patterns for the elements of GF (2n) Perl and Python implementations for arithmetic in a Galois Field using my BitVector modules CONTENTS Section Title Page 7.1 Consider Again the Polynomials over GF (2) 3 7.2 Modular Polynomial Arithmetic 5 7.3 How Large is the Set of Polynomials When 8 Multiplications are Carried Out Modulo x2 + x +1 7.4 How Do We Know that GF (23) is a Finite Field? 10 7.5 GF (2n) a Finite Field for Every n 14 7.6 Representing the Individual Polynomials 15 in GF (2n) by Binary Code Words 7.7 Some Observations on Bit-Pattern Additions 18 in GF (2n) 7.8 Some Observations on Arithmetic Multiplication 20 in GF (2n) 7.9 Direct Bitwise Operations for Multiplication 22 in GF (28) 7.10 Summary of How a Multiplication is Carried 25 Out in GF (28) 7.11 Finding Multiplicative Inverses in GF (2n) 27 with Implementations in Perl and Python 7.12 Using a Generator to Represent the Elements 34 of GF (2n) 7.13 Homework Problems 38 2 Computer and Network Security by Avi Kak Lecture 7 Back to TOC 7.1 CONSIDER AGAIN THE POLYNOMIALS OVER GF (2) Recall from Lecture 6 that GF (2) is a finite field consisting of the set {0, 1}, with modulo 2 addition as the group operator and modulo 2 multiplication as the ring operator.
    [Show full text]
  • Polynomial Inversion Over GF(2M) Based on Extended Euclidean Algorithm
    Polynomial Inversion Over GF(2m) Based on Extended Euclidean Algorithm FPGA Design and Implementation ELEC543 Project Report Summer 2015 VLSI Prepared by: Ibrahim Hazmi Supervised by: Dr. Fayez Gebali Contents Abstract 3 Project Overview 4 Objective 4 Introduction 4 Background on the extended Euclidean algorithm (EEA) 4 Project Description and Project Milestones 5 Design methodology and alternatives 7 The Design in Details 8 Binary Polynomial Divider (BPD) Design 8 The Extension Module Design 11 Top-Level Design: The Extended Euclidean Algorithm (EEA) 12 Simulation 14 Hardware Implementation 17 Conclusion 19 Appendix 20 Bibliography 22 2 !3 ELEC543_EEA_REPORT Abstract The objective of the project was to design a “Polynomial Inverter” over binary field based on the extended Euclidean algorithm (EEA). The main focus in the project was on the functionality of the design, which has been verified in ISE simulation and implemented successfully on Xilinx Spartan 3E FPGA. The project has been divided into three stages. First, designing the binary division algorithm (BDA), which was the main building block of the inversion circuit and the bottle nick of the design as well. The ultimate goal in this stage was to produce the remainder and the quotient in a minimum number of cycles. Computing the quotient was the most challenging part of the BDA design as the idea was to utilize degree difference of the polynomials in order to obtain the right number of required shifts each cycle. There were different attempts to design the BDA, starting with a spreadsheet, which works similarly to the manual procedure and was used as a reference.
    [Show full text]
  • EMPIRICAL OPTIMIZATION of DIVISOR ARITHMETIC on HYPERELLIPTIC CURVES OVER F2m
    Advances in Mathematics of Communications doi:10.3934/amc.2013.7.485 Volume 7, No. 4, 2013, 485–502 EMPIRICAL OPTIMIZATION OF DIVISOR ARITHMETIC ON HYPERELLIPTIC CURVES OVER F2m Laurent Imbert CNRS, LIRMM Université Montpellier 2 161 rue Ada F-34095 Montpellier, France Michael J. Jacobson, Jr. Department of Computer Science University of Calgary 2500 University Drive NW Calgary, Alberta T2N 1N4, Canada (Communicated by Andreas Stein) Abstract. A significant amount of effort has been devoted to improving divi- sor arithmetic on low-genus hyperelliptic curves via explicit versions of generic algorithms. Moderate and high genus curves also arise in cryptographic appli- cations, for example, via the Weil descent attack on the elliptic curve discrete logarithm problem, but for these curves, the generic algorithms are to date the most efficient available. Nagao [22] described how some of the techniques used in deriving efficient explicit formulas can be used to speed up divisor arith- metic using Cantor’s algorithm on curves of arbitrary genus. In this paper, we describe how Nagao’s methods, together with a sub-quadratic complexity partial extended Euclidean algorithm using the half-gcd algorithm can be ap- plied to improve arithmetic in the degree zero divisor class group. We present numerical results showing which combination of techniques is more efficient for hyperelliptic curves over F2n of various genera. 1. Introduction Hyperelliptic curves defined over finite fields were first proposed for cryptograph- ic use by Koblitz [19] in 1989, with the special case of genus one curves (elliptic curves) having been proposed earlier by Koblitz and Miller independently [20, 18].
    [Show full text]
  • New Algorithms for Finding Irreducible Polynomials Over Finite Fields
    mathematics of computation volume 54, number 189 january 1990,pages 435-447 NEW ALGORITHMS FOR FINDING IRREDUCIBLE POLYNOMIALS OVER FINITE FIELDS VICTOR SHOUP Abstract. We present a new algorithm for finding an irreducible polynomial of specified degree over a finite field. Our algorithm is deterministic, and it runs in polynomial time for fields of small characteristic. We in fact prove the stronger result that the problem of finding irreducible polynomials of specified degree over a finite field is deterministic polynomial-time reducible to the problem of factoring polynomials over the prime field. 1. Introduction In this paper we present some new algorithms for finding irreducible polyno- mials over finite fields. Such polynomials are used to implement arithmetic in extension fields found in many applications, including coding theory (Berlekamp [5]), cryptography (Chor and Rivest [8]), multivariate polynomial factoring (von zur Gathen and Kaltofen [13]), and parallel polynomial arithmetic (Eberly [9]). Let p be a prime number, F the finite field G¥(p), and n a positive integer. Consider the deterministic complexity of finding an irreducible polynomial in F[X] of degree n. Since encoding a polynomial in F[X] of degree n requires about n \ogp bits, a polynomial-time algorithm for finding irreducible polyno- mials in F[X] of degree n should run in time bounded by a polynomial in n and logp . There is no known deterministic polynomial-time algorithm for this problem. However, in many applications p is small, and so an algorithm that ran in time polynomial in n and p would be of value. We present one here.
    [Show full text]