Comparison of Bit and Word Level Algorithms for Evaluating Unstructured Functions over Finite Rings

  • B. Sunar
  • D. Cyganski
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3659)

Abstract

We study the problem of implementing multivariate functions defined over finite rings or fields as parallel circuits. Such functions are essential for building cryptographic substitution boxes and hash functions. We present a modification to Horner’s algorithm for evaluating arbitrary n-variate functions defined over finite rings and fields. Our modification is based on eliminating redundancies in the multivariate version of Horner’s algorithm which occur when the evaluation takes place over a small finite mathematical structure and may be considered as a generalization of Shannon’s lower bound and Muller’s algorithm to word level circuits. If the domain is a finite field GF(p) the complexity of multivariate Horner polynomial evaluation is improved from O(p n ) to \(O(\frac{p^{n}}{2n})\). We prove the optimality of the presented algorithm. Our comparison of the bit level approach to the optimized word level approach yields an interesting result. The bit level algorithm is more efficient in both area consumption and time delay. This suggests that unstructured functions over finite rings or fields should be implemented using the bit-level approach and not the commonly used word level implementation style.

Keywords

Horner’s method polynomial evaluation multivariate polynomials word level finite fields 

References

  1. 1.
    Borodin, A.: Horners Rule is Uniquely Optimal. In: Kohavi, Z., Paz, A. (eds.) Proceedings of an International Symposium on the Theory of Machines and Computations, pp. 45–57. Academic Press, London (1971)Google Scholar
  2. 2.
    Corless, R.M., Gonnet, G.H., Hare, D.E.G., Jeffrey, D.J., Knuth, D.E.: On the Lambert W Function. Advances in Computational Mathematics 5, 329–359 (1996)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Horner, W.G.: A new method of solving numerical equations of all orders by continuous approximation. Philos. Trans. Roy. Soc. London 109, 308–335 (1819)Google Scholar
  4. 4.
    Knuth, D.E.: The Art of Computer Programming, 2nd edn. Seminumerical Algorithms, vol. 2. Addison-Wesley, Reading (1981)MATHGoogle Scholar
  5. 5.
    Muller, D.E.: Complexity in Electronic Switching Circuits. IRE Transactions on Electronic Circuits (5), 15–19 (1956)Google Scholar
  6. 6.
    NIST FIPS PUB 180-1. Secure Hash Standard. Federal Information Processing Standards, National Bureau of Standards, U.S. Department of Commerce (April 1995)Google Scholar
  7. 7.
    NIST FIPS PUB 46-3. Data Encryption Standard. Federal Information Processing Standards, National Bureau of Standards, U.S. Department of Commerce (1977)Google Scholar
  8. 8.
    U.S. Department of Commerce/National Institute of Standard and Technology. Advanced Encryption Standard (AES) (November 2001)Google Scholar
  9. 9.
    Ostrowski, A.M.: On two problems in abstract algebra connected with Horner’s rule, pp. 40–48. Academic Press, London (1954); presented to Richard von MisesGoogle Scholar
  10. 10.
    Pan, V.Y.: Methods for Computing Values of Polynomials. Russian Mathematical Surveys 21(1), 105–136 (1966)CrossRefGoogle Scholar
  11. 11.
    Rivest, R.L.: RFC 1321: The MD5 Message-Digest Algorithm. Corporation for National Research Initiatives, Internet Engineering Task Force, Network Working Group (April 1992)Google Scholar
  12. 12.
    Shannon, C.E.: The Synthesis of Two-terminal Switching Circuits. Bell System Technical Journal 28(1), 59–98 (1949)MathSciNetGoogle Scholar
  13. 13.
    ETSI/SAGE Specification. Specification of the 3GPP confidentiality and integrity algorithms; part 2: KASUMI specification. 3GPP TS 35.202, European Telecommunications Standards Institute, Sophia-Antipolis Cedex, France (November 1999) (Draft)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • B. Sunar
    • 1
  • D. Cyganski
    • 1
  1. 1.Department of Electrical & Computer EngineeringWorcester Polytechnic InstituteWorcesterUSA

Personalised recommendations