Abstract
When implementing a cryptographic algorithm, efficient operations have high relevance both in hardware and in software. Since a number of operations can be performed via polynomial multiplication, the arithmetic of polynomials over finite fields plays a key role in real-life implementations—e.g., accelerating cryptographic and cryptanalytic software (pre- and post-quantum) (Chou in Accelerating pre-and post-quantum cryptography. Ph.D. thesis, Technische Universiteit Eindhoven, 2016). One of the most interesting papers that addressed the problem has been published in 2009. In Bernstein (in: Halevi (ed) Advances in Cryptology—CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, pp 317–336. Springer Berlin Heidelberg, Berlin, Heidelberg, 2009), Bernstein suggests to split polynomials into parts and presents a new recursive multiplication technique which is faster than those commonly used. In order to further reduce the number of bit operations (Bernstein in High-speed cryptography in characteristic 2: minimum number of bit operations for multiplication, 2009. http://binary.cr.yp.to/m.html) required to multiply n-bit polynomials, researchers adopt different approaches. In CMT: Circuit minimization work. http://www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html a greedy heuristic has been applied to linear straight-line sequences listed in Bernstein (High-speed cryptography in characteristic 2: minimum number of bit operations for multiplication, 2009. http://binary.cr.yp.to/m.html). In 2013, D’angella et al. (Applied computing conference, 2013. ACC’13. WEAS. pp. 31–37. WEAS, 2013) skip some redundant operations of the multiplication algorithms described in Bernstein (in: Halevi (ed) Advances in Cryptology—CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, pp 317–336. Springer Berlin Heidelberg, Berlin, Heidelberg, 2009). In 2015, Cenk et al. (J Cryptogr Eng 5(4):289–303, 2015) suggest new multiplication algorithms. In this paper, (a) we present a “k-1”-level recursion algorithm that can be used to reduce the effective number of bit operations required to multiply n-bit polynomials, and (b) we use algebraic extensions of \(\mathbb {F}_2\) combined with Lagrange interpolation to improve the asymptotic complexity.
Similar content being viewed by others
References
Abdulrahman, E.A.H., Reyhani-Masoleh, A.: High-speed hybrid-double multiplication architectures using new serial-out bit-level mastrovito multipliers. IEEE Trans. Comput. 65(6), 1734–1747 (2016)
Agnew, G.B., Beth, T., Mullin, R.C., Vanstone, S.A.: Arithmetic operations in \(GF(2^m)\). J. Cryptol. 6(1), 3–13 (1993)
Berlekamp, E.R.: Algebraic Coding Theory, vol. 111. McGraw-Hill, New York (1968)
Bernstein, D.J.: Curve25519: new diffie-hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) Public Key Cryptography—PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24–26, 2006. Proceedings, pp. 207–228. Springer Berlin Heidelberg, Berlin, Heidelberg (2006)
Bernstein, D.J.: Batch binary edwards. In: Halevi, S. (ed.) Advances in Cryptology—CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, pp. 317–336. Springer Berlin Heidelberg, Berlin, Heidelberg (2009)
Bernstein, D.J.: High-speed cryptography in characteristic 2: minimum number of bit operations for multiplication (2009). http://binary.cr.yp.to/m.html
Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77–89 (2012)
Blahut, R.E.: Theory and Practice of Error Control Codes, vol. 126. Addison-Wesley, Reading (1983)
Blahut, R.E.: Fast Algorithms for Digital Signal Processing. Addison-Wesley Longman Publishing Co., Inc., Reading (1985)
Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography, vol. 265. Cambridge University Press, Cambridge (1999)
Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) Experimental Algorithms: 9th International Symposium, SEA 2010, Ischia Island, Naples, Italy, May 20–22, 2010. Proceedings, pp. 178–189. Springer Berlin Heidelberg, Berlin, Heidelberg (2010)
Cenk, M., Hasan, M.A.: Some new results on binary polynomial multiplication. J. Cryptogr. Eng. 5(4), 289–303 (2015)
Cenk, M., Negre, C., Hasan, M.A.: Improved three-way split formulas for binary polynomial multiplication. In: Selected Areas in cryptography, pp. 384–398. Springer (2011)
Cenk, M., Negre, C., Hasan, M.A.: Improved three-way split formulas for binary polynomial and toeplitz matrix vector products. IEEE Trans. Comput. 62(7), 1345–1361 (2013)
Chakraborty, D., Mancillas-López, C., Rodriguez-Henriquez, F., Sarkar, P.: Efficient hardware implementations of brw polynomials and tweakable enciphering schemes. IEEE Trans. Comput. 62(2), 279–294 (2013)
Chang, N.S., Kim, C.H., Park, Y.H., Lim, J.: A non-redundant and efficient architecture for Karatsuba-Ofman algorithm. In: Information Security, 8th International Conference, ISC 2005, Singapore, pp. 288–299, Springer (2005)
Chou, T.: Accelerating pre-and post-quantum cryptography. Ph.D. thesis, Technische Universiteit Eindhoven (2016)
CMT: Circuit minimization work. http://www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html
Cook, S.A.: On the minimum computation time of functions. Ph.D. thesis, Harvard University (1966)
D’angella, D., Schiavo, C.V., Visconti, A.: Tight upper bounds for polynomial multiplication. In: Applied Computing Conference, 2013. ACC’13. WEAS. pp. 31–37. WEAS (2013)
Fan, H., Sun, J., Gu, M., Lam, K.Y.: Overlap-free Karatsuba-Ofman polynomial multiplication algorithms. IET Inf. Secur. 4(1), 8–14 (2010)
Find, M.G., Peralta, R.: Better circuits for binary polynomial multiplication. IEEE Trans. Comput. 68(4), 624–630 (2019)
von zur Gathen, J., Shokrollahi, J.: Fast arithmetic for polynomials over \(F_2\) in hardware. In: Information Theory Workshop, 2006. ITW’06 Punta del Este. IEEE. pp. 107–111. IEEE (2006)
Homma, N., Saito, K., Aoki, T.: Toward formal design of practical cryptographic hardware based on galois field arithmetic. IEEE Trans. Comput. 63(10), 2604–2613 (2014)
Imana, J.L.: Fast bit-parallel binary multipliers based on type-i pentanomials. IEEE Trans. Comput. PP(99), 1–1 (2017)
Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Soviet Phys. Doklady 7, 595–596 (1963)
Li, Y., Ma, X., Zhang, Y., Qi, C.: Mastrovito form of non-recursive Karatsuba multiplier for all trinomials. IEEE Trans. Comput. 66(9), 1573–1584 (2017)
McClellen, J.H., Rader, C.M.: Number Theory in Digital Signal Processing. Prentice Hall Professional Technical Reference, Englewood Cliffs (1979)
McEliece, R.J.: Finite Fields for Computer Scientists and Engineers, vol. 23. Kluwer Academic Publishers Boston, Boston (1987)
Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Orellana, R.: Course notes in discrete mathematics in computer science. https://math.dartmouth.edu/archive/m19w03/public_html/book.html
Paar, C.: Optimized arithmetic for Reed-Solomon encoders. In: Proceedings of IEEE International Symposium on Information Theory, p. 250 (1997)
Peter, S., Langendorfer, P.: An efficient polynomial multiplier in \(GF(2^m)\) and its application to ECC designs. In: Design, Automation & Test in Europe Conference & Exhibition, 2007. DATE’07. pp. 1–6. IEEE (2007)
Rodrıguez-Henrıquez, F., Koç, Ç.: On fully parallel Karatsuba multipliers for \(GF(2^m)\). In: International Conference on Computer Science and Technology (CST 2003), Cancun, Mexico, pp. 405–410 (2003)
Rotman, J.J.: An Introduction to the Theory of Groups, vol. 148. Springer, New York (2012)
Schönhage, D.D.A., Strassen, V.: Schnelle Multiplikation grosser Zahlen. Computing 7(3–4), 281–292 (1971)
Toom, A.L.: The complexity of a scheme of functional elements realizing the multiplication of integers. Soviet Math. Doklady 3, 714–716 (1963)
Visconti, A., Schiavo, C.V., Peralta, R.: Improved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2). Inf. Process. Lett. 137, 1–5 (2018)
Author information
Authors and Affiliations
Corresponding authors
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix A
Appendix A
We present M(24), the straight-line sequence of bit operations, or straight-line program (SLP), needed to multiply two 24-bit polynomials. This SLP has been obtained by applying three-level recursion algorithm.
Rights and permissions
About this article
Cite this article
De Piccoli, A., Visconti, A. & Rizzo, O.G. Polynomial multiplication over binary finite fields: new upper bounds. J Cryptogr Eng 10, 197–210 (2020). https://doi.org/10.1007/s13389-019-00210-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-019-00210-w