Skip to main content
SpringerLink
Log in

Polynomial multiplication over binary finite fields: new upper bounds

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

When implementing a cryptographic algorithm, efficient operations have high relevance both in hardware and in software. Since a number of operations can be performed via polynomial multiplication, the arithmetic of polynomials over finite fields plays a key role in real-life implementations—e.g., accelerating cryptographic and cryptanalytic software (pre- and post-quantum) (Chou in Accelerating pre-and post-quantum cryptography. Ph.D. thesis, Technische Universiteit Eindhoven, 2016). One of the most interesting papers that addressed the problem has been published in 2009. In Bernstein (in: Halevi (ed) Advances in Cryptology—CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, pp 317–336. Springer Berlin Heidelberg, Berlin, Heidelberg, 2009), Bernstein suggests to split polynomials into parts and presents a new recursive multiplication technique which is faster than those commonly used. In order to further reduce the number of bit operations (Bernstein in High-speed cryptography in characteristic 2: minimum number of bit operations for multiplication, 2009. http://binary.cr.yp.to/m.html) required to multiply n-bit polynomials, researchers adopt different approaches. In CMT: Circuit minimization work. http://www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html a greedy heuristic has been applied to linear straight-line sequences listed in Bernstein (High-speed cryptography in characteristic 2: minimum number of bit operations for multiplication, 2009. http://binary.cr.yp.to/m.html). In 2013, D’angella et al. (Applied computing conference, 2013. ACC’13. WEAS. pp. 31–37. WEAS, 2013) skip some redundant operations of the multiplication algorithms described in Bernstein (in: Halevi (ed) Advances in Cryptology—CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, pp 317–336. Springer Berlin Heidelberg, Berlin, Heidelberg, 2009). In 2015, Cenk et al. (J Cryptogr Eng 5(4):289–303, 2015) suggest new multiplication algorithms. In this paper, (a) we present a “k-1”-level recursion algorithm that can be used to reduce the effective number of bit operations required to multiply n-bit polynomials, and (b) we use algebraic extensions of \(\mathbb {F}_2\) combined with Lagrange interpolation to improve the asymptotic complexity.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abdulrahman, E.A.H., Reyhani-Masoleh, A.: High-speed hybrid-double multiplication architectures using new serial-out bit-level mastrovito multipliers. IEEE Trans. Comput. 65(6), 1734–1747 (2016)

    Article  MathSciNet  Google Scholar 

  2. Agnew, G.B., Beth, T., Mullin, R.C., Vanstone, S.A.: Arithmetic operations in \(GF(2^m)\). J. Cryptol. 6(1), 3–13 (1993)

    Article  Google Scholar 

  3. Berlekamp, E.R.: Algebraic Coding Theory, vol. 111. McGraw-Hill, New York (1968)

    MATH  Google Scholar 

  4. Bernstein, D.J.: Curve25519: new diffie-hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) Public Key Cryptography—PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24–26, 2006. Proceedings, pp. 207–228. Springer Berlin Heidelberg, Berlin, Heidelberg (2006)

  5. Bernstein, D.J.: Batch binary edwards. In: Halevi, S. (ed.) Advances in Cryptology—CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, pp. 317–336. Springer Berlin Heidelberg, Berlin, Heidelberg (2009)

  6. Bernstein, D.J.: High-speed cryptography in characteristic 2: minimum number of bit operations for multiplication (2009). http://binary.cr.yp.to/m.html

  7. Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77–89 (2012)

    Article  Google Scholar 

  8. Blahut, R.E.: Theory and Practice of Error Control Codes, vol. 126. Addison-Wesley, Reading (1983)

    MATH  Google Scholar 

  9. Blahut, R.E.: Fast Algorithms for Digital Signal Processing. Addison-Wesley Longman Publishing Co., Inc., Reading (1985)

    MATH  Google Scholar 

  10. Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography, vol. 265. Cambridge University Press, Cambridge (1999)

    Book  Google Scholar 

  11. Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) Experimental Algorithms: 9th International Symposium, SEA 2010, Ischia Island, Naples, Italy, May 20–22, 2010. Proceedings, pp. 178–189. Springer Berlin Heidelberg, Berlin, Heidelberg (2010)

  12. Cenk, M., Hasan, M.A.: Some new results on binary polynomial multiplication. J. Cryptogr. Eng. 5(4), 289–303 (2015)

    Article  Google Scholar 

  13. Cenk, M., Negre, C., Hasan, M.A.: Improved three-way split formulas for binary polynomial multiplication. In: Selected Areas in cryptography, pp. 384–398. Springer (2011)

  14. Cenk, M., Negre, C., Hasan, M.A.: Improved three-way split formulas for binary polynomial and toeplitz matrix vector products. IEEE Trans. Comput. 62(7), 1345–1361 (2013)

    Article  MathSciNet  Google Scholar 

  15. Chakraborty, D., Mancillas-López, C., Rodriguez-Henriquez, F., Sarkar, P.: Efficient hardware implementations of brw polynomials and tweakable enciphering schemes. IEEE Trans. Comput. 62(2), 279–294 (2013)

    Article  MathSciNet  Google Scholar 

  16. Chang, N.S., Kim, C.H., Park, Y.H., Lim, J.: A non-redundant and efficient architecture for Karatsuba-Ofman algorithm. In: Information Security, 8th International Conference, ISC 2005, Singapore, pp. 288–299, Springer (2005)

  17. Chou, T.: Accelerating pre-and post-quantum cryptography. Ph.D. thesis, Technische Universiteit Eindhoven (2016)

  18. CMT: Circuit minimization work. http://www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html

  19. Cook, S.A.: On the minimum computation time of functions. Ph.D. thesis, Harvard University (1966)

  20. D’angella, D., Schiavo, C.V., Visconti, A.: Tight upper bounds for polynomial multiplication. In: Applied Computing Conference, 2013. ACC’13. WEAS. pp. 31–37. WEAS (2013)

  21. Fan, H., Sun, J., Gu, M., Lam, K.Y.: Overlap-free Karatsuba-Ofman polynomial multiplication algorithms. IET Inf. Secur. 4(1), 8–14 (2010)

    Article  Google Scholar 

  22. Find, M.G., Peralta, R.: Better circuits for binary polynomial multiplication. IEEE Trans. Comput. 68(4), 624–630 (2019)

    Article  MathSciNet  Google Scholar 

  23. von zur Gathen, J., Shokrollahi, J.: Fast arithmetic for polynomials over \(F_2\) in hardware. In: Information Theory Workshop, 2006. ITW’06 Punta del Este. IEEE. pp. 107–111. IEEE (2006)

  24. Homma, N., Saito, K., Aoki, T.: Toward formal design of practical cryptographic hardware based on galois field arithmetic. IEEE Trans. Comput. 63(10), 2604–2613 (2014)

    Article  MathSciNet  Google Scholar 

  25. Imana, J.L.: Fast bit-parallel binary multipliers based on type-i pentanomials. IEEE Trans. Comput. PP(99), 1–1 (2017)

  26. Karatsuba, A., Ofman, Y.: Multiplication of multidigit numbers on automata. Soviet Phys. Doklady 7, 595–596 (1963)

    Google Scholar 

  27. Li, Y., Ma, X., Zhang, Y., Qi, C.: Mastrovito form of non-recursive Karatsuba multiplier for all trinomials. IEEE Trans. Comput. 66(9), 1573–1584 (2017)

    Article  MathSciNet  Google Scholar 

  28. McClellen, J.H., Rader, C.M.: Number Theory in Digital Signal Processing. Prentice Hall Professional Technical Reference, Englewood Cliffs (1979)

    Google Scholar 

  29. McEliece, R.J.: Finite Fields for Computer Scientists and Engineers, vol. 23. Kluwer Academic Publishers Boston, Boston (1987)

    Book  Google Scholar 

  30. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  31. Orellana, R.: Course notes in discrete mathematics in computer science. https://math.dartmouth.edu/archive/m19w03/public_html/book.html

  32. Paar, C.: Optimized arithmetic for Reed-Solomon encoders. In: Proceedings of IEEE International Symposium on Information Theory, p. 250 (1997)

  33. Peter, S., Langendorfer, P.: An efficient polynomial multiplier in \(GF(2^m)\) and its application to ECC designs. In: Design, Automation & Test in Europe Conference & Exhibition, 2007. DATE’07. pp. 1–6. IEEE (2007)

  34. Rodrıguez-Henrıquez, F., Koç, Ç.: On fully parallel Karatsuba multipliers for \(GF(2^m)\). In: International Conference on Computer Science and Technology (CST 2003), Cancun, Mexico, pp. 405–410 (2003)

  35. Rotman, J.J.: An Introduction to the Theory of Groups, vol. 148. Springer, New York (2012)

    Google Scholar 

  36. Schönhage, D.D.A., Strassen, V.: Schnelle Multiplikation grosser Zahlen. Computing 7(3–4), 281–292 (1971)

    Article  MathSciNet  Google Scholar 

  37. Toom, A.L.: The complexity of a scheme of functional elements realizing the multiplication of integers. Soviet Math. Doklady 3, 714–716 (1963)

    MATH  Google Scholar 

  38. Visconti, A., Schiavo, C.V., Peralta, R.: Improved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2). Inf. Process. Lett. 137, 1–5 (2018)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science “Giovanni Degli Antoni”, Università degli Studi di Milano, via Celoria 18, 20133, Milan, Italy

    Alessandro De Piccoli & Andrea Visconti

  2. Department of Mathematics “Federigo Enriques”, Università degli Studi di Milano, via Saldini 50, 20133, Milan, Italy

    Ottavio Giulio Rizzo

Authors
  1. Alessandro De Piccoli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andrea Visconti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ottavio Giulio Rizzo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Alessandro De Piccoli, Andrea Visconti or Ottavio Giulio Rizzo.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix A

Appendix A

We present M(24), the straight-line sequence of bit operations, or straight-line program (SLP), needed to multiply two 24-bit polynomials. This SLP has been obtained by applying three-level recursion algorithm.

$$\begin{aligned} F(x)G(x) = \sum _{i=0}^{23} f[i]x^i \sum _{j=0}^{23} g[j]x^j = \sum _{k=0}^{46} h[k]x^k = H(x) \end{aligned}$$
figure a
figure b
figure c

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

De Piccoli, A., Visconti, A. & Rizzo, O.G. Polynomial multiplication over binary finite fields: new upper bounds. J Cryptogr Eng 10, 197–210 (2020). https://doi.org/10.1007/s13389-019-00210-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-019-00210-w

Keywords

Search

Navigation