DOCSLIB.ORG

On Fast Algorithm and Vlsi Design of Finite Computational Structures

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
On Fast Algorithm and Vlsi Design of Finite Computational Structures ON FAST ALGORITHM AND VLSI DESIGN OF FINITE COMPUTATIONAL STRUCTURES By ROM- S HEN KAO A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY UNIVERSITY OF FLORIDA 1991 Dedicated to my parents ACKNOWLEDGMENTS In the years leading to this dissertation, I have had the great pleasure of working for and with an adviser who provided an environment conducive to learning. I would like to take this opportunity to thank my advisor, Dr. Fred J. Taylor. I would also like to thank Dr. Y. C. Chow, Dr. H. Lam, Dr. M. Law, and Dr. J. Principe for serving on my supervisory committee. Special thanks to my fellow students, who have offered useful advice. Thanks go to Ah- mad Ansari, Glenn Dean, Jun Li, Jon Mellott, Jeremy Smith, Eric Strom, Glenn Zelniker, and especially, John Ruckstuhl, for his courtesy and professional work on setting up the SUN systems. I would also like to thank those I have come to know at the University of Florida. They make my years at the university a unique and memorable experience. This work would not be possible without the encouragement and support from my wife, Jeannie. Finally, I would like to thank my parents for teaching me the philosophy of life and the value of education, and most of all for their love, patience, and support. - in - TABLE OF CONTENTS ACKNOWLEDGMENTS iii LIST OF TABLES vii LIST OF FIGURES viii KEY TO SYMBOLS AND ABBREVIATIONS xiii ABSTRACT xv CHAPTERS 1 INTRODUCTION 1 1.1 Overview 1 1.2 Problem Statement and Objectives 2 1.3 Dissertation Organization 5 2 FINITE COMPUTATIONAL STRUCTURES 8 2.1 Introduction 8 2.2 Algebraic Foundations 8 2.3 Modular Arithmetic and Number Theory 10 2.3.1 Chinese Remainder Theorem (CRT) for Integers 17 2.3.2 Residue Number System Arithmetic (RNS) 17 2.4 Residue Polynomials 19 2.4.1 Properties of Polynomial 19 2.4.2 Convolutions and Polynomial RNS 21 2.5 Finite Fields Based on Polynomial Rings 25 m 2.5.1 Construction of the Finite Field GF( p ) 25 m 2.5.2 Properties of the Finite Field GF(p ) 29 m 2.5.3 Bases of GF( p ) over GF(p) 32 3 COMPUTATIONS IN FINITE FIELDS 35 3.1 Introduction 35 3.2 Index Calculus 35 3.3 The Table Lookup Method for Small Fields 36 - iv - 3.4 Discrete Logarithm and Exponentiation Problems 45 3.5 Primal Basis Multiplier 49 3.6 Dual Basis Multiplier 55 3.7 Normal Basis Multiplier 60 4 FINITE STRUCTURE TRANSFORMS 63 4.1 Introduction 63 4.2 Properties of Transforms and Some Prime Field Transforms 65 4.3 Complex Fields Transforms and Complex Arithmetic 69 4.3.1 Complex Number Theoretic Transform (CNNT) 70 4.3.2 Complex Residue Number System (CRNS) 71 4.3.3 Quadratic Residue Number System (QRNS) 71 4.3.4 Extended Algebraic Integer and Polynomial Residue Number System (PRNS) 73 4.4 Transforms and Computations in Extension Fields 80 4.4.1 Index Calculus Complex Residue Number System (ICCRNS) .... 80 4.4.2 Finite Extension Field Transforms 83 5 FAST DISCRETE FOURIER TRANSFORMS OVER FINITE FIELDS 93 5.1 Introduction 93 5.2 Fast Prime-Factor Finite Field Transform 93 5.2.1 The Application of Normal Basis and Conjugacy Properties 99 5.2.2 A Normal Basis Architecture for the Finite Field Transform 100 5.2.3 System Performance Analysis and Discussions 103 5.3 The Basis-Change Algorithm for Fast Finite Field Transforms 105 5.3.1 The Conjugate Sets in a Fast Finite Field Transform 106 5.3.2 The Basis-Change Algorithm 107 5.3.3 System Development 109 5.3.4 System Complexity Evaluation and Example Ill 6 THE PIPELINE POLYNOMIAL RNS PROCESSOR 7.1 WITH FERMAT NUMBER TRANSFORM 115 6.1 Introduction 115 6.1.1 Reasons to Use Fermat Prime Number As M 116 6.1.2 Algebraic Congruence to a Fermat Prime 117 6 . 1.3 The Multiplier-Free Fast FFT-Type Isomorphic Mappings 119 6.2 A Pipeline Third-order Polynomial RNS Processor 122 6.3 System Implementation of the Third-order Polynomial RNS Processor . 128 6.3.1 A Nine-bit PRNS Processor Development on the HP-DCS 130 6.3.2 A Five-bit PRNS Processor Development on the Magic CAD Tool 148 7 CONCLUSION AND FUTURE RESEARCH 167 Conclusion 167 - v - 7.2 Future Research 173 APPENDICES A ALGEBRAIC FOUNDATIONS: DEFINITIONS AND THEOREMS 176 A. 1 GROUPS 176 A. 2 RINGS AND FIELDS 177 A. 3 THEOREMS 180 B CIRCUIT DESIGNS: HP-DCS AND MAGIC CAD TOOLS 182 B. l The HP-DCS Schematics of the Nine-Bit Third-Order PRNS Processor . 182 B.2 The HP-DVI Timing Diagrams of the Nine-Bit Third-Order PRNS Processor 188 B.3 The Magic Design of the Five-Bit Third-Order PRNS Processor 199 B.4 CIF and Postscript Files of a Two-Input NAND Gate 212 B.4.1 CIF: A Geometry Language 212 B.4. 2 PostScript: A Geometry Language 215 BIBLIOGRAPHY 218 BIOGRAPHICAL SKETCH 223 - vi - a LIST OF TABLES Table 2. 1 The Elements and Their Order of the Multiplicative Group of the Ring Z15 14 Table 2.2 The Possible and Actual Order of the Elements in the Multiplicative Group of the Ring Z15 15 Table 2.3 The Elements and Their Order of the Field Z 17 16 2.4 Table Elements ft = + aia~ + a\ + ao of Fiia ) Generated by f\{x) ... 28 Table 2.5 Elements = + ci\ ft (liar + a + ao of F2 (a ) Generated by fi(x) . 29 Table 3. 1 Illustration of Indices for N = 9 36 4 3.2 Table The Zech’s Logarithms in GF(2 ) 39 4 Table 4.3 Field Elements of GF(2 ) Represented Under Primal, Primitive Normal, and Normal Bases 92 Table 5. 1 The Complexity Comparison Between Conventional and Normal Basis Approaches 103 Table 6.1 The Timing Information of the Simulation of the PRNS Processor 147 - Vll - LIST OF FIGURES Figure 2.1 Example of Abelian Finite Groups 9 Figure 3.1 A Finite Field Arithmetic Unit Based On the All-Table Approach .... 37 Figure 3.2 A Discrete Logarithm/Exponentiation Multiplier 38 Figure 3.3 A Logarithmic Finite Field Arithmetic Unit 41 Figure 3.4 The Building Block of the Finite Field Multipliers, a) Storage element such as register and accumulator, b) Multiple input Modulop adder. c) Modulo p multiplier for mul- tiplying a data with gi . d) Modulo p adder 49 Figure 3.5 A Generic Primal Basis aa -Multiplier 50 Figure 3.6 A Primal Basis Accumulated aa^-Multiplier 52 Figure 3.7 A Primal Basis Nested ab Multiplier 54 Figure 3.8 A Generic Dual Basis aa -Multiplier 56 Figure 3.9 A Dual Basis Accumulated ao^-Multiplier 57 Figure 3.10 A Dual Basis Summed -Multiplier 59 Figure 3.11 A Dual Basis Nested ab Multiplier 60 m Figure 3.12 A Cyclic Shift Register for Power Forming in GF(p ) 61 Figure 3.13 A Normal Basis Multiplier 62 - viii - 1 Figure 4.1 The Representation of Complex Number t in Z[co 1 76 Figure 4.2 The Pictorial Representation of the Mh- order Single Modulus PRNS System Figure 4.3 The Cyclic Shift Property of Normal Basis Representation of V 91 Figure 5.1 The VLSI Butterfly Module of a Cyclotomic CB . Coset of Length / . 100 Figure 5.2 The s Stages Fast Galois Field Transform System 101 Figure 5.3 The 255-point Good-Thomas FFT Pipeline Stages 102 Figure 5.4 The Conjugate Set Evaluation Circuit 108 Figure 5.5 An Example of the Scaling Shifter 110 Figure 5.6 An Example of the Vector Combiner 110 Figure 5.7 The Primal Basis Generator 1 1 Figure 5.8 The Normal Basis Generator 112 Figure 6.1 The Isomorphic Forward Transform f4 124 Figure 6.2 The Isomorphic Inverse Transform 125 Figure 6.3 The Isomorphic Mapping Scalar Modules 127 Figure 6.4 The 1 Isomorphic Inverse Transform F4 128 Figure 6.5 System Block of the 9-bit Third-order PRNS Arithmetic Unit with FFT-Type Fast Isomorphic Mappings 129 Figure 6.6 Top Level Schematic of the PRNS System 131 Figure 6.7 The Hierarchical Design of the Third-Order PRNS Processor 132 - ix - Figure 6.8 The Boolean Equation of the Module - negmodp 134 Figure 6.9 The Multiwindow Demonstration of FTI Device Selection 135 Figure 6.10 The Modulo M Adder 136 Figure 6. 11 The MDL.vj Unit Implemented Using a Table Lookup Method 137 Figure 6.12 The Boolean Equation of the Module - summodp 138 Figure 6.13 The Boolean Equation of the Module - sumovck 139 Figure 6.14 A Nine-bit Modular Adder 140 Figure 6.15 The Modulo M Multiplier 141 Figure 6. 16 The Scalar Module RSQ 143 Figure 6.17 The Isomorphic Forward Mapping Module 144 Figure 6.18 The Isomorphic Inverse Mapping Module 145 Figure 6.19 The Logic and Timing Simulation Result of the Third-Order PRNS Processor 146 Figure 6.20 Floorplan of the Five-bit Modular Multiplier 149 Figure 6.21 A Hierarchical Design of the Five-Bit Modular Multiplier 150 Figure 6.22 Basic CMOS Cells 151 Figure 6.23 A Two-Input CMOS NAND Gate Magic Layout 152 Figure 6.24 An AND-OR Programmable Logic Array 153 Figure 6.25 A Pseudo-nMOS Programmable Logic Array Design 154 Figure 6.26 Typical Input Protection Circuit 155 Figure 6.27 The PLA Transistor-Level Layout of the Negator Cell - palneg 156 - x - Figure 6.28 A CMOS Magic Layout of the Five-bit Modular Multiplier 158 Figure 6.29 The Embedded Test Circuitry of the Five-bit Modular Multiplier 159 Figure 6.30 The Timing Diagram of the Operation of the Modular Multiplier 160 Figure 6.31 Floorplan of the Five-Bit Polynomial RNS Processor 162 Figure 6.32 A Hierarchical Design of the Five-Bit Polynomial RNS Processor 163 Figure 6.33 A Split-then-Add Scaler Module 164 Figure 6.34 A Transistor Layout of the Scaler Module scalerRSQ 165 Figure B.
Load more

Recommended publications
  • Algorithms in Algebraic Number Theory
    BULLETIN (New Series) OF THE AMERICAN MATHEMATICALSOCIETY Volume 26, Number 2, April 1992 ALGORITHMS IN ALGEBRAIC NUMBER THEORY H. W. LENSTRA, JR. Abstract. In this paper we discuss the basic problems of algorithmic algebraic number theory. The emphasis is on aspects that are of interest from a purely mathematical point of view, and practical issues are largely disregarded. We describe what has been done and, more importantly, what remains to be done in the area. We hope to show that the study of algorithms not only increases our understanding of algebraic number fields but also stimulates our curiosity about them. The discussion is concentrated of three topics: the determination of Galois groups, the determination of the ring of integers of an algebraic number field, and the computation of the group of units and the class group of that ring of integers. 1. Introduction The main interest of algorithms in algebraic number theory is that they pro- vide number theorists with a means of satisfying their professional curiosity. The praise of numerical experimentation in number theoretic research is as widely sung as purely numerological investigations are indulged in, and for both activities good algorithms are indispensable. What makes an algorithm good unfortunately defies definition—too many extra-mathematical factors af- fect its practical performance, such as the skill of the person responsible for its execution and the characteristics of the machine that may be used. The present paper addresses itself not to the researcher who is looking for a collection of well-tested computational methods for use on his recently acquired personal computer.
    [Show full text]
  • On Security of XTR Public Key Cryptosystems Against Side Channel Attacks ?
    On security of XTR public key cryptosystems against Side Channel Attacks ? Dong-Guk Han1??, Jongin Lim1? ? ?, and Kouichi Sakurai2 1 Center for Information and Security Technologies(CIST), Korea University, Seoul, KOREA fchrista,[email protected] 2 Department of Computer Science and Communication Engineering 6-10-1, Hakozaki, Higashi-ku, Fukuoka, 812-8581, Japan, [email protected] Abstract. The XTR public key system was introduced at Crypto 2000. Application of XTR in cryptographic protocols leads to substantial sav- ings both in communication and computational overhead without com- promising security. It is regarded that XTR is suitable for a variety of environments, including low-end smart cards, and XTR is the excellent alternative to either RSA or ECC. In [LV00a,SL01], authors remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as timing attacks and Di®erential Power Analysis (DPA). In this paper, however, we in- vestigate the security of side channel attack (SCA) on XTR. This paper shows that XTR-SE is immune against simple power analysis (SPA) un- der assumption that the order of the computation of XTR-SE is carefully considered. However we show that XTR-SE is vulnerable to Data-bit DPA (DDPA)[Cor99], Address-bit DPA (ADPA)[IIT02], and doubling attack [FV03]. Moreover, we propose two countermeasures that prevent from DDPA and a countermeasure against ADPA. One of the counter- measures using randomization of the base element proposed to defeat DDPA, i.e., randomization of the base element using ¯eld isomorphism, could be used to break doubling attack.
    [Show full text]
  • Fast Normal Basis Multiplication Using General Purpose Processors
    IEEE TRANSACTIONS ON COMPUTERS, VOL. 52, NO. 11, NOVEMBER 2003 1379 Fast Normal Basis Multiplication Using General Purpose Processors Arash Reyhani-Masoleh, Member, IEEE, and M. Anwar Hasan, Senior Member, IEEE Abstract—For cryptographic applications, normal bases have received considerable attention, especially for hardware implementation. In this article, we consider fast software algorithms for normal basis multiplication over the extended binary field GFð2mÞ. We present a vector-level algorithm which essentially eliminates the bit-wise inner products needed in the conventional approach to the normal basis multiplication. We then present another algorithm which significantly reduces the dynamic instruction counts. Both algorithms utilize the full width of the data-path of the general purpose processor on which the software is to be executed. We also consider composite fields and present an algorithm which can provide further speed-ups and an added flexibility toward hardware-software codesign of processors for very large finite fields. Index Terms—Finite field multiplication, normal basis, software algorithms, ECDSA, composite fields. æ 1INTRODUCTION m HE extended binary finite field GFð2 Þ of degree m is to a number of practical considerations. Most importantly, Tused in important cryptographic operations, such as normal basis multiplication algorithms require inner pro- key exchange, signing, and verification. For today’s security ducts or matrix multiplications over the ground field GF(2). applications, the minimum values of m are considered to be Such computations are not directly supported by most of l60 in the elliptic curve cryptography and 1,024 in the today’s general purpose processors. These computations standard discrete log-based cryptography.
    [Show full text]
  • Topics in Normal Bases of Finite Fields N. A. Carella
    Topics in Normal Bases of Finite Fields N. A. Carella Copyright 2001. All rights reserved. Table of Contents Chapter 1 Bases of Finite Fields 1.1 Introduction……………………………………………………………………………….2 1.2 Definitions and Elementary Concepts………………………………………………….....3 1.3 The Discriminants of Bases……………………………………………………………….7 1.4 Distribution of Bases…………………………………………………………………….10 1.5 Dual Bases……………………………………………………………………………….11 1.6 Distribution of Dual Bases…………….………………………………………………...16 1.7 Polynomials Bases……………………………………………………………………….17 Chapter 2 Structured Matrices 2.1 Basic Concepts…………………………………………………………………………..22 2.2 Circulant Matrices……….………………………………………………………………24 2.3 Triangular Matrices……………………………………………………………………...31 2.4 Hadamard Matrices……………………………………………………………………33 2.5 Multiplication Tables…………………………………………………………………….35 Chapter 3 Normal Bases 3.1 Basic Concepts………………………………………….……………………………….40 3.2 Existence of Normal Bases………………………………..……………………………..41 3.3 Iterative Construction of Normal Bases………………….……………………………...42 3.4 Additive Order and Decomposition Theorem…………….……………………………..44 3.5 Normal Tests……………………………………………….……………………………46 3.6 Polynomial Representations………………………………….………………………….48 3.7 Dual Normal Bases……………………………………………..………………………..51 3.8. Distribution Of Normal Bases…………………………………..………………………53 3.9 Distribution Of Self-Dual Normal Bases…………………………………………...…54 3.10. Formulae For Normal Elements/Polynomials………………….…………………..…57 3.11 Completely Normal Bases and Testing Methods……………………………………59 3.12 Infinite Sequences of Normal Elements/Polynomials………………………………...62
    [Show full text]
  • A Normal Integral Basis Theorem
    JOURNAL OF ALGEBRA 39, 131-137 (1976) A Normal Integral Basis Theorem A. FR&ILICH Department of Mathematics, Kings College, The Strand, London WC2, England Communicated by the Editors Received November 26. 1974 TO OLGA TAUSSKY IN GRATITUDE FOR HER FRIENDSHIP, ENCOURAGEMENT, AND INSPIRATION THROUGHOUT MY MATHEMATICAL LIFE 1. STATEMENT OF RESULT Let 1 be an odd prime, q a divisor of I- 1, and T an integer prime to 1 and of order q mod 1. Write in the sequelsZ(Z, q) for the group with generatorsu and w and defining relations & zz 1 = & 3 oJuorl = ur. Let N be a normal algebraic number field (always of finite degree) with Galois group Gal(N/Q) = r over the field Q of rational numbers and oN its ring of algebraic integers. A basis of oN over Z, the ring of integers, of form {a~}, with a fixed in Do and y running through r, will in accordancewith classicalterminology be called a normal integral busis of N. A well-known necessarycondition for this to happen is that N/Q be tamely ramified (cf. [12]). This, however, is not sufficient. The first examplesto the contrary were found by Martinet (cf. [ll]) for the quaternion group of order 8, and (cf. [l, 21) subsequently it was shown that there are infinitely many such examples for the quaternion groups of order 8 and of order 41*, E = -1 (mod 4). Here we prove THEOREM. Any normal tamely ramified numberjeld N with Galois group Gal(N/Q) = Q(Z, q) has a normal integral basis.
    [Show full text]
  • An Algorithm for the Construction of a Normal Basis
    Journal of Number Theory 78, 3645 (1999) Article ID jnth.1999.2388, available online at http:ÂÂwww.idealibrary.com on An Algorithm for the Construction of a Normal Basis Kurt Girstmair Institut fur Mathematik, Universitat Innsbruck, Technikerstrasse 25Â7, A-6020 Innsbruck, Austria E-mail: Kurt.GirstmairÄuibk.ac.at Communicated by M. Pohst Received April 20, 1998 We present an algorithm for the construction of a normal basis of a Galois exten- sion of degree n in characteristic 0. The algorithm requires O(n4) multiplications in the ground field. It is based on representation theory but does not require the View metadata, citation and similar papers at core.ac.uk brought to you by CORE knowledge of representation theoretical data (like characters). 1999 Academic Press provided by Elsevier - Publisher Connector 1. INTRODUCTION Let L be a Galois extension of the field K with Galois group G= [s1 , ..., sn] (so n=[L : K]) and y # L. One says y generates a normal basis of L over K if (s1( y), ..., sn( y)) is a basis of the K-vector space L. We simply say, by abuse of notation, y is a normal basis of LÂK if this holds. Moreover, we assume char(K )=0 for the time being, since we are inter- ested in this case mainly. The literature contains quite a number of proofs for the existence of a normal basis y, some of them of a purely field theoretic nature (e.g., [4, 11]) and others using representation theory ([1, 3, 10]). But the question of how to actually find a normal basis seems to be less well investigated (except for the case of finite fields, which we have ruled out).
    [Show full text]
  • Primitive Normal Bases for Finite Fields
    mathematics of computation volume 48. number 177 january 1987. pages 217-231 Primitive Normal Bases for Finite Fields By H. W. Lenstra, Jr. and R. J. Schoof Dedicated to Daniel Shanks Abstract. It is proved that any finite extension of a finite field has a normal basis consisting of primitive roots. Introduction. Let q be a prime power, q > 1. We denote by Vq a finite field of q elements. It is well known that for every positive integer m there exists a normal basis of F ». over F?, i.e., a basis of the form (a,aq,aql,...,aq"'^) with a e F ™.It is also well known that the multiplicative group F*mof F^», is cyclic, i.e., that for some a G Fl we have ¥*,= {a": « e Z}. Such an element a is called a primitive root of F »,. Following Davenport [4] we call 2 m-1 a normal basis (a,aq,aq ,. ..,aq ) of F », over F a primitive normal basis if a is a primitive root of F »,. Carlitz [2], [3] proved in 1952 that for all sufficiently large qm there exists a primitive normal basis of F », over Fq. Davenport [4] proved in 1968 that a primitive normal basis exists for all m if q is prime. In the present paper this result is extended to the general case. Theorem. For every prime power q > 1 and every positive integer m there exists a primitive normal basis of F ». over F . Section 1 contains an exposition of certain results due to Ore [7] concerning the Galois module structure of finite fields.
    [Show full text]
  • Normal Bases Over Finite Fields
    Normal Bases over Finite Fields by Shuhong Gao A thesis presented to the University of Waterloo in fulfilment of the thesis requirement for the degree of Doctor of Philosophy in Combinatorics and Optimization Waterloo, Ontario, Canada, 1993 c Shuhong Gao 1993 Abstract Interest in normal bases over finite fields stems both from mathematical theory and practical applications. There has been a lot of literature dealing with various properties of normal bases (for finite fields and for Galois extension of arbitrary fields). The advantage of using normal bases to represent finite fields was noted by Hensel in 1888. With the introduction of optimal normal bases, large finite fields, that can be used in secure and efficient implementation of several cryp- tosystems, have recently been realized in hardware. The present thesis studies various theoretical and practical aspects of normal bases in finite fields. We first give some characterizations of normal bases. Then by using linear algebra, we prove that Fqn has a basis over Fq such that any element in Fq represented in this basis generates a normal basis if and only if some groups of coordinates are not simultaneously zero. We show how n to construct an irreducible polynomial of degree 2 with linearly independent roots over Fq for any integer n and prime power q. We also construct explicitly an irreducible polynomial in Fp[x] of degree pn with linearly independent roots for any prime p and positive integer n. We give a new characterization of the minimal polynomial of αt for any integer t when the minimal polynomial 2n of α is given.
    [Show full text]
  • Normal Bases in Finite Fields and Efficient Compact Subgroup Trace Representation
    UNIVERSITÀ DEGLI STUDI ROMA TRE FACOLTÀ DI S.M.F.N. Graduation Thesis in Mathematics by Silvia Pastore Normal bases in finite fields and Efficient Compact Subgroup Trace Representation Supervisor Prof. Francesco Pappalardi The Candidate The Supervisor ACADEMIC YEAR 2006 - 2007 Classification: 94A60 11T71 11Y16 Key Words: XTR, Normal Basis, Optimal Normal Basis. A te che meritavi tanto, A te, Nico. 1 Contents Introduction . 3 1 Background 14 1.1 Algebraic structures . 14 1.2 Normal bases . 15 1.2.1 The multiplication matrix . 19 1.3 Construction of the optimal normal bases . 25 2 Arithmetic operations in 30 Fp2 3 XTR supergroup and XTR subgroup 35 3.1 Traces . 35 3.2 The polynomials F (c; X) ..................... 37 3.3 Properties of F (c; X) and its roots . 38 3.4 The computation of cn ...................... 43 4 XTR parameter and key selection 48 4.1 Selection of p and q ........................ 48 4.2 Selection of the subgroup . 50 5 Cryptographic applications 53 5.1 XTR - Diffie Hellman and XTR - ElGamal . 53 5.2 Discrete logarithm . 58 A Karatsuba Algorithm 64 A.1 Karatsuba's algorithm . 65 2 B Multi-exponentiation algorithm 68 References . 72 3 Introduction In the last twenty years, with the development of coding theory and appearance of several cryptosystems, the study of nite elds has generated much interest. This impetus behind this interest has been the need to produce efficient algorithms that can be implemented in the hardware or software used for applications such as data encryption and public key distribution. The necessity to produce efficient algorithms is translated into solving mathematical problems involving computations in nite elds.
    [Show full text]
  • The Normal Basis Theorem and the Primitive Element Theorem
    The nonvanishing polynomial lemma and applications Lemma 1. Let k be an infinite field. Let f(x1; x2; : : : ; xn) be a polynomial with coefficients in k. n If f has nonzero coefficients, then there exists (a1; a2; : : : ; an) 2 k such that f(a1; : : : ; an) 6= 0. Proof. Our proof is by induction on n. For the base case, n = 1, let f(x) have degree d. Since K is infinite, and f has no more than d roots, we see that there exists a 2 K with f(a) 6= 0. Now, suppose the result is known for polynomials in n − 1 variables. Write f(x1; : : : ; xn) = P i gi(x1; : : : ; xn−1)xn. At least one of the polynomials gi has nonzero coefficients; say it is gi. Inductively, choose (a1; : : : ; an−1) so that gi(a1; : : : ; an−1) is nonzero. So f(a1; a2; : : : ; an−1; x) is a nonzero polynomial in x. Using again that K is infinite, we can find an such that f(a1; : : : ; an−1; an) is nonzero. Here are some applications of this lemma: Lemma 2. Let K be an infinite field. Let V be a finite dimensional vector space over K. Let W1, W2,..., Wm be a finite list of vector subspaces of V , none of them the entire space V . Then there is vector ~v in V which is not in any Wi. Q Proof. For each Wi, choose a nonzero linear function λi : V ! K with Wi ⊆ Ker(λi). Then λi is a nonzero polynomial on V . Choose a point where this polynomial doesn't vanish.
    [Show full text]
  • ALGEBRAIC NUMBER THEORY Romyar Sharifi
    ALGEBRAIC NUMBER THEORY Romyar Sharifi Contents Introduction 7 Part 1. Algebraic number theory 9 Chapter 1. Abstract algebra 11 1.1. Tensor products of fields 11 1.2. Integral extensions 13 1.3. Norm and trace 18 1.4. Discriminants 22 1.5. Normal bases 29 Chapter 2. Dedekind domains 33 2.1. Fractional ideals 33 2.2. Dedekind domains 34 2.3. Discrete valuation rings 39 2.4. Orders 43 2.5. Ramification of primes 47 2.6. Decomposition groups 52 Chapter 3. Applications 57 3.1. Cyclotomic fields 57 3.2. Quadratic reciprocity 61 3.3. Fermat’s last theorem 63 Chapter 4. Geometry of numbers 67 4.1. Lattices 67 4.2. Real and complex embeddings 70 4.3. Finiteness of the class group 71 4.4. Dirichlet’s unit theorem 74 Chapter 5. Valuations and completions 79 5.1. Global fields 79 5.2. Valuations 80 3 4 CONTENTS 5.3. Completions 88 5.4. Extension of valuations 97 5.5. Local fields 101 Chapter 6. Local-global theory 105 6.1. Semi-local theory 105 6.2. Ramification revisited 110 6.3. Differents and discriminants 113 Part 2. Cohomology 121 Chapter 7. Group cohomology 123 7.1. Group rings 123 7.2. Group cohomology via cochains 124 7.3. Group cohomology via projective resolutions 129 7.4. Homology of groups 132 7.5. Induced modules 134 7.6. Tate cohomology 136 7.7. Dimension shifting 141 7.8. Comparing cohomology groups 142 7.9. Cup products 152 7.10. Tate cohomology of cyclic groups 159 7.11.
    [Show full text]
  • Lectures on Algebraic Number Theory
    Lectures On Algebraic Number Theory Dipendra Prasad Notes by Anupam 1 Number Fields We begin by recalling that a complex number is called an algebraic number if it satisfies a polynomial with rational coefficients or equivalently with integer coefficients. A complex number is called an algebraic integer if it satisfies a polynomial with integral coefficients having leading coefficient as 1. Let Q be the set of all algebraic numbers inside C. It is well known that Q is a subfield of C. Any finite extension of Q is called an Algebraic Number Field. Some of the most studied examples of number fields are: 1. Q, the field of rational numbers. √ 2. Quadratic extensions Q( d); where d ∈ Z is a non-square integer. 2πi 3. Cyclotomic fields Q(ζn), ζn = e n . 1 ∗ 4. Kummer extensions K(a n ) where a ∈ K and K is a number field. Definition. A Dedekind domain is an integral domain R such that 1. Every ideal is finitely generated; 2. Every nonzero prime ideal is a maximal ideal; 1 3. The ring R is integrally closed (in its field of fractions). Let K be a number field. Let us denote the set of algebraic integers inside K by OK . Theorem 1.1. 1. If K is a number field then OK , the set of algebraic integers inside K, forms a subring of K. This subring OK is a finitely generated Z module of the same rank as degQK. 2. The ring OK is a Dedekind domain. In particular, every ideal in OK can be written uniquely as a product of prime ideals.
    [Show full text]