Acta Applicandae Mathematica

, Volume 93, Issue 1–3, pp 3–32 | Cite as

Efficient Software-Implementation of Finite Fields with Applications to Cryptography

  • Jorge Guajardo
  • Sandeep S. Kumar
  • Christof Paar
  • Jan Pelzl
Article

Abstract

In this work, we present a survey of efficient techniques for software implementation of finite field arithmetic especially suitable for cryptographic applications. We discuss different algorithms for three types of finite fields and their special versions popularly used in cryptography: Binary fields, prime fields and extension fields. Implementation details of the algorithms for field addition/subtraction, field multiplication, field reduction and field inversion for each of these fields are discussed in detail. The efficiency of these different algorithms depends largely on the underlying micro-processor architecture. Therefore, a careful choice of the appropriate set of algorithms has to be made for a software implementation depending on the performance requirements and available resources.

Mathematics Subject Classifications

12-02 12E30 12E10 

Key words

field arithmetic cryptography efficient implementation binary field arithmetic prime field arithmetic extension field arithmetic optimal extension fields 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    American National Standards Institute, New York, USA. ANSI X9.62: Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA) (1999)Google Scholar
  2. 2.
    Bailey, D.V., Paar, C.: Optimal extension fields for fast arithmetic in public-key algorithms. In: Krawczyk, H. (ed.) Advances in Cryptology – CRYPTO ’98, volume 1462 of Lecture Notes in Computer Science, pp. 472–485. Springer, Berlin Heidelberg New York (August 1998)Google Scholar
  3. 3.
    Bailey, D.V., Paar, C.: Efficient arithmetic in finite field extensions with application in elliptic curve cryptography. J. Cryptology 14(3), 153–176 (2001)MATHMathSciNetGoogle Scholar
  4. 4.
    Barrett, P.: Implementing the rivest shamir and adleman public key encryption algorithm on a standard digital signal processor. In: Odlyzko, A.M. (ed.) Advances in Cryptology – CRYPTO ’86, volume 263 of LNCS, pp. 311–323. Springer, Berlin Heidelberg New York (August 1986)Google Scholar
  5. 5.
    Benaloh, J., Dai, W.: Fast modular reduction. Rump session of CRYPTO ’95Google Scholar
  6. 6.
    Bernstein, D.J.: Multidigit multiplication for mathematicians. Advances in Applied Mathematics (2001). Available at http://cr.yp.to/papers/m3.pdf (Accepted for publication but later withdrawn)
  7. 7.
    Blake, I.F., Seroussi, G., Smart, N.P.: Elliptic Curves in Cryptography, volume 265 of London Mathematical Society Lecture Note Series. Cambridge University Press, Cambridge, UK (1999)Google Scholar
  8. 8.
    Blakley, G.R.: A computer algorithm for the product AB modulo M. IEEE Trans. Comput. 32(5), 497–500 (May 1983)Google Scholar
  9. 9.
    Brickell, E.F.: A fast modular multiplication algorithm with applications to two key cryptography. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology – CRYPTO ’82, pp. 51–60. Plenum, New York, USA (1982)Google Scholar
  10. 10.
    Brown, M., Hankerson, D., López, J., Menezes, A.: Software implementation of the nist elliptic curves over prime fields. In: Naccache, D. (ed.) Topics in Cryptology – CT-RSA 2001, volume 2020 of LNCS, pp. 250–265. Springer, Berlin Heidelberg New York (2001)Google Scholar
  11. 11.
    Crandall, R.E.: Method and apparatus for public key exchange in a cryptographic system. U.S. Patent #5,159,632, US Patent and Trade Office (Oct 1992)Google Scholar
  12. 12.
    De Waleffe, Quisquater, J.-J.: CORSAIR: A smart card for public key cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) Advances in Cryptology – CRYPTO ’90, volume 537 of LNCS, pp. 502–514. Springer, Berlin Heidelberg New York (1990)Google Scholar
  13. 13.
    Dhem, J.-F.: Modified version of the Barret modular multiplication algorithm. UCL Technical Report CG-1994/1, Université catholique de Louvain (18 July 1994)Google Scholar
  14. 14.
    Dhem, J.-F.: Design of an efficient public-key cryptographic library for RISC-based smart cards. PhD thesis, UCL – Université catholique de Louvain, Louvain-la-Neuve, Belgium (May 1998)Google Scholar
  15. 15.
    Dhem, J.-F., Joye, M., Quisquater, J.-J.: Normalisation in diminished-radix modulus transform. Electron. Lett. 33(23), 1931 (1997)CrossRefGoogle Scholar
  16. 16.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inform. Theory IT-22(6), 644–654 (November 1976)MathSciNetGoogle Scholar
  17. 17.
    Dussé, S.R., Kaliski, B.S.: A cryptographic library for the Motorola DSP56000. In: Damgård, I.B. (ed.) Advances in Cryptology – EUROCRYPT ’90, volume 473 of LNCS, pp. 230–244. Springer, Berlin Heidelberg New York (May 1990)Google Scholar
  18. 18.
    Ferreira, R., Malzahn, R., Marissen, P., Quisquater, J.-J., Wille, T.: FAME: A 3rd generation coprocessor for optimising public key cryptosystems in smart card applications. In: Hartel, P.H., Paradinas, P., Quisquater, J.-J. (eds.) Smart Card Research and Advanced Applications – CARDIS 1996, pp. 59–72, CWI, Amsterdam, The Netherlands. Stichting Mathematisch Centrum (16–18 Sept 1996)Google Scholar
  19. 19.
    Fong, K., Hankerson, D., López, J., Menezes, A.: Field inversion and point halving revisited. Technical Report, CORR 2003-18, Department of Combinatorics and Optimization, University of Waterloo, Canada (2003)Google Scholar
  20. 20.
    Gaudry, P., Hess, F., Smart, N.P.: Constructive and destructive facets of weil descent on elliptic curves. J. Cryptology 15(1), 19–46 (2002)MathSciNetGoogle Scholar
  21. 21.
    Guajardo, J., Paar, C.: A Modified Squaring Algorithm (1999). Available at http://citeseer.ist.psu.edu/672729.html (Unpublished Manuscript)
  22. 22.
    Guajardo, J., Paar, C.: Itoh–Tsujii inversion in standard basis and its application in cryptography and codes. Des. Codes Cryptogr. 25, 207–216 (2002)Google Scholar
  23. 23.
    Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Berlin Heidelberg New York (2004)MATHGoogle Scholar
  24. 24.
    Hankerson, D., López Hernandez, J., Menezes, A.: Software implementation of elliptic curve cryptography over binary fields. In: Koç, Ç.K., Paar, C. (eds.) Workshop on Cryptographic Hardware and Embedded Systems (CHES ’99), volume 1717 of Lecture Notes in Computer Science, pp. 1–24. Springer, Berlin Heidelberg New York (August 2000)Google Scholar
  25. 25.
    IEEE Computer Society Press, Silver Spring, MD, USA. IEEE P1363-2000: IEEE Standard Specifications for Public-Key Cryptography (2000)Google Scholar
  26. 26.
    Itoh, T., Tsujii, S.: A fast algorithm for computing multiplicative inverses in \(GF(2^m)\) using normal bases. Inform. and Comput. 78, 171–177 (1988)MATHMathSciNetCrossRefGoogle Scholar
  27. 27.
    Karatsuba, A., Ofman, Y.: Multiplication of Multidigit Numbers on Automata. Soviet Physics – Doklady (English translation) 7, 595–596 (1963)Google Scholar
  28. 28.
    Knuth, D.E.: The Art of Computer Programming, vol. 2: Seminumerical Algorithms, vol. 2, 2nd edn. Addison-Wesley, Massachusetts, USA (1973)Google Scholar
  29. 29.
    Koç, Ç.K., Acar, T., Kaliski, B.S.: Analyzing and comparing Montgomery multiplication algorithms. IEEE MICRO 16(3), 26–33 (June 1996)CrossRefGoogle Scholar
  30. 30.
    Lidl, R., Niederreiter, H.: Finite Fields, volume 20 of Encyclopedia of Mathematics and its Applications, Second edition. Cambridge University Press, Cambridge, UK (1997)Google Scholar
  31. 31.
    López, J., Dahab, R.: High-speed software multiplication in \(F_{2^m}\). In: Roy, B., Okamoto, E. (eds.) International Conference in Cryptology in India--INDOCRYPT 2000, volume 1977 of Lecture Notes in Computer Science, pp. 203–212. Springer, Berlin Heidelberg New York (December 2000)Google Scholar
  32. 32.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. The CRC Press Series on Discrete Mathematics and Its Applications. CRC, Florida, USA (1997)Google Scholar
  33. 33.
    Montgomery, P.L.: Modular multiplication without trial division. Math. Comp. 44(170), 519–521 (April 1985)Google Scholar
  34. 34.
    Morii, M., Kasahara, M.: Efficient construction of gate circuit for computing multiplicative inverses over \(GF(2^m)\). Trans. Inst. Electron. Inf. Commun. Eng. E(72), 37–42 (January 1989)Google Scholar
  35. 35.
    Naccache, D., M’Raïhi, D.: Cryptographic smart cards. IEEE MICRO 16(3), 14–24 (1996)CrossRefGoogle Scholar
  36. 36.
    National Institute for Standards and Technology, Gaithersburg, MD, USA. FIPS 186-2: Digital Signature Standard (DSS). 186-2 (February 2000). Available for download at http://csrc.nist.gov/encryption
  37. 37.
    Paar, C.: Some Remarks on Efficient Inversion in Finite Fields. In: IEEE International Symposium on Information Theory, pp. 17–22. IEEE, Whistler, B.C. Canada (September 1995)Google Scholar
  38. 38.
    Quisquater, J.-J.: Fast modular exponentiation without division. Rump session of EUROCRYPT ’90Google Scholar
  39. 39.
    Quisquater, J.-J.: Encoding system according to the so-called RSA method, by means of a microcontroller and arrangement implementing this system. US Patent 5,166,978, 24 (November 1992)Google Scholar
  40. 40.
    Schroeppel, R., Orman, H., O’Malley, S., Spatscheck, O.: Fast key exchange with elliptic curve systems. In: Coppersmith, S.D. (ed) Advances in Cryptology -- CRYPTO ’95, volume 963 of Lecture Notes in Computer Science, pp. 43–56. Springer, Berlin Heidelberg New York (August 1995)Google Scholar
  41. 41.
    Schroeppel, R., Orman, H., O’Malley, S., Spatscheck, O.: Fast key exchange with elliptic curve systems. In: Coppersmith, D. (ed) Advances in Cryptology – CRYPTO ’95, volume 963 of Lecture Notes in Computer Science, pp. 43–56. Springer, Berlin Heidelberg New York (August 1995)Google Scholar
  42. 42.
    SEC 2. Standards for Efficient Cryptography Group: Recommended Elliptic Curve Domain Parameters. Version 1.0 (2000)Google Scholar
  43. 43.
    Sedgewick, R.: Algorithms, Second edition. Addison-Wesley, Massachusetts, USA (1988)Google Scholar
  44. 44.
    Sedlak, H.: The RSA cryptography processor. In: Chaum, D., Price, W.L. (eds.) Advances in Cryptology -- EUROCRYPT ’87, volume 304 of LNCS, pp. 95–105. Springer, Berlin Heidelberg New York (1987)Google Scholar
  45. 45.
    Sloan, Jr., K.R.: Comments on “A computer algorithm for the product AB modulo M”. IEEE Trans. Comput. 34(3), 290–292 (March 1985)Google Scholar
  46. 46.
    Solinas, J.: Generalized mersenne numbers. Technical Report, CORR 99-39, Department of Combinatorics and Optimization, University of Waterloo, Canada (1999)Google Scholar
  47. 47.
    Walter, C.D.: Faster modular multiplication by operand scaling. In: Feigenbaum, J. (ed.) Advances in Cryptology – CRYPTO ’91, volume 576 of LNCS, pp. 313–323. Springer, Berlin Heidelberg New York (1991)Google Scholar
  48. 48.
    Weimerskirch, A., Paar, C.: Generalizations of the Karatsuba Algorithm for Polynomail Multiplication. Technical report, Ruhr-University Bochum, Germany (2003). Available at http://www.crypto.rub.de/Publikationen/texte/kaweb.pdf
  49. 49.
    Woodbury, A., Bailey, D.V., Paar, C.: Elliptic curve cryptography on smart cards without coprocessors. In: Ferrer, J.D., Chan, D., Watson, A. (eds.) Smart Card Research and Advanced Applications-CARDIS 2000, volume 180 of IFIP Conference Proceedings, pp. 71–92, Bristol, UK. Kluwer (September 2000)Google Scholar
  50. 50.
    Yanik, T., Savas, E., Koç, Ç.K.: Incomplete reduction in modular arithmetic. IEE Proc., Comput. Digit. Tech. 149(2), 46–52 (March 2002)CrossRefGoogle Scholar

Copyright information

© Springer Science + Business Media B.V. 2006

Authors and Affiliations

  • Jorge Guajardo
    • 1
  • Sandeep S. Kumar
    • 2
  • Christof Paar
    • 2
  • Jan Pelzl
    • 2
  1. 1.Information and System Security DepartmentPhilips ResearchEindhovenThe Netherlands
  2. 2.Horst-Görtz Institute for IT-SecurityRuhr-University BochumBochumGermany

Personalised recommendations