Efficient GF(pm) Arithmetic Architectures for Cryptographic Applications

  • Guido Bertoni
  • Jorge Guajardo
  • Sandeep Kumar
  • Gerardo Orlando
  • Christof Paar
  • Thomas Wollinger
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2612)


Recently, there has been a lot of interest on cryptographic applications based on fields GF(p m ), for p > 2. This contribution presents GF(p m ) multipliers architectures, where p is odd. We present designs which trade area for performance based on the number of coefficients that the multiplier processes at one time. Families of irreducible polynomials are introduced to reduce the complexity of the modulo reduction operation and, thus, improved the efficiency of the multiplier. We, then, specialize to fields GF(3 m ) and provide the first cubing architecture presented in the literature. We synthesize our architectures for the special case of GF(397) on the XCV1000-8-FG1156 and XC2VP20-7-FF1156 FPGAs and provide area/performance numbers and comparisons to previous GF(3 m ) and GF(2 m ) implementations. Finally, we provide tables of irreducible polynomials over GF(3) of degree m with 2 ≤ m ≤ 255.


Elliptic Curve Irreducible Polynomial Arithmetic Unit Cryptographic Application Critical Path Delay 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Actel Corporation. Actel’s ProASIC Family, The Only ASIC Design Flow FPGA, 2001. 164, 168Google Scholar
  2. [2]
    Altera Corporation. APEX 20KC Programmable Logic Device Data Sheet, 2001. 164, 168Google Scholar
  3. [3]
    D. V. Bailey and C. Paar. Optimal Extension Fields for Fast Arithmetic in Public-Key Algorithms. In H. Krawczyk, editor, Advances in Cryptology-CRYPTO’ 98, volume LNCS 1462, pages 472–485, Berlin, Germany, 1998. Springer-Verlag. 159CrossRefGoogle Scholar
  4. [4]
    D. V. Bailey and C. Paar. Efficient arithmetic in finite field extensions with application in elliptic curve cryptography. Journal of Cryptology, 14(3):153–176, 2001. 159, 167zbMATHMathSciNetGoogle Scholar
  5. [5]
    P. S. L. M. Barreto, H. Y. Kim, B. Lynn, and M. Scott. Efficient Algorithms for Pairing-Based Cryptosystems. In M. Yung, editor, Advances in Cryptology-CRYPTO 2002, volume LNCS 2442, pages 354–368. Springer-Verlag, 2002. 159, 170CrossRefGoogle Scholar
  6. [6]
    Blake, Gao, and Lambert. Constructive problems for irreducible polynomials over finite fields. In Information Theory and Applications, pages 1–23. Springer-Verlag, 1993. 168Google Scholar
  7. [7]
    D. Boneh, B. Lynn, and H. Shacham. Short signatures from the Weil pairing. In J. Boyd, editor, Advances in Cryptology-Asiacrypt 2001, volume LNCS 2148, pages 514–532. Springer-Verlag, 2001. 159CrossRefGoogle Scholar
  8. [8]
    D. Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing. In J. Kilian, editor, Advances in Cryptology-CRYPTO 2001, volume LNCS 2139, pages 213–229. Springer-Verlag, 2001. 159CrossRefGoogle Scholar
  9. [9]
    E. D. Di Claudio, F. Piazza, and G. Orlandi. Fast Combinatorial RNS Processors for DSP Applications. IEEE Transactions on Computers, 44(5):624–633, May 1995. 159, 164zbMATHCrossRefGoogle Scholar
  10. [10]
    S. D. Galbraith, K. Harrison, and D. Soldera. Implementing the Tate Pairing. In C. Fieker and D. Kohel, editors, Algorithmic Number Theory-ANTS-V, volume LNCS 2369, pages 324–337. Springer-Verlag, 2002. 159, 160, 170CrossRefGoogle Scholar
  11. [11]
    S. W. Golomb. Shift Register Sequences. Holden-Day, San Francisco, USA, 1967. 168Google Scholar
  12. [12]
    J. Guajardo and C. Paar. Itoh-Tsujii Inversion in Standard Basis and Its Application in Cryptography and Codes. Design, Codes, and Cryptography, 25(2):207–216, February 2002. 162zbMATHCrossRefMathSciNetGoogle Scholar
  13. [13]
    J. Guajardo, T. Wollinger, and C. Paar. Area Efficient GF(p) Architectures for GF(p m) Multipliers. In Proceedings of the 45th IEEE International Midwest Symposium on Circuits and Systems-MWSCAS 2002, August 2002. 159, 164Google Scholar
  14. [14]
    J. von zur Gathen. Irreducible Trinomials over Finite Fields. In B. Mourrain, editor, Proceedings of the 2001 International Symposium on Symbolic and Algebraic Computation-ISSAC2001, pages 332–336. ACM Press, 2001. 168, 169Google Scholar
  15. [15]
    J. von zur Gathen and M. Nöcker. Exponentiation in Finite Fields: Theory and Practice. In T. Mora and H. Mattson, editors, Applied Algebra, Agebraic Algorithms and Error Correcting Codes-AAECC-12, volume LNCS 1255, pages 88–113. Springer-Verlag, 2000. 168Google Scholar
  16. [16]
    S. K. Jain and K. K. Parhi. Efficient standard basis reed-solomon encoder. In 1996 IEEE International Conference of Acoustics, Speech, and Signal Processing, Atlanta, May 1996. 163Google Scholar
  17. [17]
    A. Joux. A one-round protocol for tripartite Diffie-Hellman. In W. Bosma, editor, Algorithmic Number Theory-ANTS-IV, volume LNCS 1838, pages 385–394. Springer-Verlag, 2000. 159CrossRefGoogle Scholar
  18. [18]
    A. Karatsuba and Y. Ofman. Multiplication of multidigit numbers on automata. Sov. Phys. Dokl. (English translation), 7(7):595–596, 1963. 160Google Scholar
  19. [19]
    N. Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, 48:203–209, 1987. 158zbMATHCrossRefMathSciNetGoogle Scholar
  20. [20]
    N. Koblitz. Hyperelliptic cryptosystems. Journal of Cryptology, 1(3):129–150, 1989. 158CrossRefMathSciNetGoogle Scholar
  21. [21]
    N. Koblitz. An elliptic curve implementation of the finite field digital signature algorithm. In H. Krawczyk, editor, Advances in Cryptology-CRYPTO 98, volume LNCS 1462, pages 327–337. Springer-Verlag, 1998. 159CrossRefGoogle Scholar
  22. [22]
    R. Lidl and H. Niederreiter. Finite Fields, volume 20 of Encyclopedia of Mathematics and its Applications. Addison-Wesley, Reading, Massachusetts, USA, 1983. 161, 167Google Scholar
  23. [23]
    P. Loidreau. On the Factorization of Trinomials over F 3. Rapport de recherche no. 3918, INRIA, April 2000. 168Google Scholar
  24. [24]
    V. Miller. Uses of elliptic curves in cryptography. In H. C. Williams, editor, Advances in Cryptology-CRYPTO’ 85, volume LNCS 218, pages 417–426, Berlin, Germany, 1986. Springer-Verlag. 158Google Scholar
  25. [25]
    Jin Young Oo, Young-Gern Kim, Dong-Young Park, and Heung-Su Kim. Efficient Multiplier Architecture Using Optimized Irreducible Polynomial over GF((3n)3). In Proceedings of the IEEE Region 10 Conference-TENCON 99. “Multimedia Technology for Asia-Pacific Information Infrastructure”, volume 1, pages 383–386, 1999. 160Google Scholar
  26. [26]
    G. Orlando. Efficient Elliptic Curve Processor Architectures for Field Programmable Logic. PhD thesis, Dept. of ECE, Worcester Polytechnic Institute, March 2002. 166, 171Google Scholar
  27. [27]
    G. Orlando and C. Paar. A High-Performance Reconfigurable Elliptic Curve Processor for GF(2m). In Ç. K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2000, volume LNCS 1965, pages 41–56. Springer-Verlag, 2000. 170CrossRefGoogle Scholar
  28. [28]
    P. Mihăilescu. Optimal Galois Field Bases which are not Normal. Recent Results Session-FSE’ 97, 1997. 159Google Scholar
  29. [29]
    D. Page and N. P. Smart. Hardware implementation of finite fields of characteristic three. In B. S. Kaliski, Jr., Ç. K. Koç, and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2002, volume LNCS. Springer-Verlag, 2002. 159, 160, 161, 170, 172Google Scholar
  30. [30]
    V. Paliouras, K. Karagianni, and T. Stouraitis. A Low-Complexity Combinatorial RNS Multiplier. IEEE Transactions on Circuits and Systems II: Analog and Digital Signal Processing, 48(7):675–683, July 2001. 159, 164zbMATHCrossRefGoogle Scholar
  31. [31]
    M. G. Parker and M. Benaissa. GF(p m) Multiplication Using Polynomial Residue Number Systems. IEEE Transactions on Circuits and Systems II: Analog and Digital Signal Processing, 42(11):718–721, November 1995. 160CrossRefGoogle Scholar
  32. [32]
    N. Smart. Elliptic Curve Cryptosystems over Small Fields of Odd Characteristic. Journal of Cryptology, 12(2):141–151, Spring 1999. 159zbMATHCrossRefMathSciNetGoogle Scholar
  33. [33]
    L. Song and K. K. Parhi. Low energy digit-serial/parallel finite field multipliers. Journal of VLSI Signal Processing, 19(2):149–166, June 1998. 159, 161, 162, 164, 165, 166, 172CrossRefGoogle Scholar
  34. [34]
    E. Verheul. Self-blindable Credential Certificates from the Weil Pairing. In C. Boyd, editor, Advances in Cryptology-Asiacrypt 2001, volume LNCS 2248, pages 533–551. Springer-Verlag, 2001. 159CrossRefGoogle Scholar
  35. [35]
    Xilinx, Inc. The Programmable Logic Data Book, 2000. 164, 168Google Scholar
  36. [36]
    N. Zierler. On x n + x + 1 over GF(2). Information and Control, 16:67–69, 1970. 168CrossRefMathSciNetGoogle Scholar
  37. [37]
    N. Zierler and J. Brillhart. On Primitive Trinomials (mod2). Information and Control, 13:541–554, 1968. 168zbMATHCrossRefMathSciNetGoogle Scholar
  38. [38]
    N. Zierler and J. Brillhart. On Primitive Trinomials (mod 2), II. Information and Control, 14:566–569, 1969. 168zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Guido Bertoni
    • 1
  • Jorge Guajardo
    • 2
  • Sandeep Kumar
    • 2
  • Gerardo Orlando
    • 3
  • Christof Paar
    • 2
  • Thomas Wollinger
    • 2
  1. 1.Politecnico di MilanoMilanoItaly
  2. 2.Communication Security GroupRuhr-Universität BochumBochumGermany
  3. 3.General Dynamics Communication SystemsNeedhamUSA

Personalised recommendations