This Article 
 Bibliographic References 
 Add to: 
Software Multiplication Using Gaussian Normal Bases
August 2006 (vol. 55 no. 8)
pp. 974-984
Fast algorithms for multiplication in finite fields are required for several cryptographic applications, in particular for implementing elliptic curve operations over binary fields {\hbox{\rlap{I}\kern 2.0pt{\hbox{F}}}}_{2^m}. In this paper, we present new software algorithms for efficient multiplication over {\hbox{\rlap{I}\kern 2.0pt{\hbox{F}}}}_{2^m} that use a Gaussian normal basis representation. Two approaches are presented, direct normal basis multiplication and a method that exploits a mapping to a ring where fast polynomial-based techniques can be employed. Our analysis, including experimental results on an Intel Pentium family processor, shows that the new algorithms are faster and can use memory more efficiently than previous methods. Despite significant improvements, we conclude that the penalty in multiplication is still sufficiently large to discourage the use of normal bases in software implementations of elliptic curve systems.

[1] O. Ahmadi and A. Menezes, “On the Number of Trace-One Elements in Polynomial Bases for ${\hbox{\rlap{I}\kern 2.0pt{\hbox{F}}}}_{2^n}$ ,” Designs, Codes, and Cryptography, vol. 37, pp. 493-507, 2005.
[2] ANSI X.962, “Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA),” Am. Nat'l Standards Inst., 1999.
[3] D.W. Ash, I.F. Blake, and S.A. Vanstone, “Low Complexity Normal Bases,” Discrete Applied Math., vol. 25, pp. 191-210, 1989.
[4] I.F. Blake, R.M. Roth, and G. Seroussi, “Efficient Arithmetic in ${\rm GF}(2^n)$ through Palindromic Representation,” Technical Report HPL-98-134, Hewlett-Packard, 1998.
[5] G. Drolet, “A New Representation of Elements of Finite Fields ${\rm GF}(2^m)$ Yielding Small Complexity Arithmetic Circuits,” IEEE Trans. Computers, vol. 47, no. 9, pp. 938-946, Sept. 1998.
[6] H. Fan and Y. Dai, “Two Software Normal Basis Multiplication Algorithms for ${\rm GF}(2^n)$ ,” Cryptology ePrint Archive, Report 2004/126, 2004.
[7] FIPS 186-2, “Digital Signature Standard (DSS),” Federal Information Processing Standards Publication 186-2, Nat'l Inst. of Standards and Tech nology, 2000.
[8] K. Fong, D. Hankerson, J. López, and A. Menezes, “Field Inversion and Point Halving Revisited,” IEEE Trans. Computers, vol. 53, no. 8, pp. 1047-1059, Aug. 2004.
[9] S. Gao, J. von zur Gathen, D. Panario, and V. Shoup, “Algorithms for Exponentiation in Finite Fields,” J. Symbolic Computation, vol. 29, pp. 879-889, 2000.
[10] P. Gaudry, F. Hess, and N. Smart, “Constructive and Destructive Facets of Weil Descent on Elliptic Curves,” J. Cryptology, vol. 15, pp. 19-46, 2002.
[11] R. Granger, D. Page, and M. Stam, “Hardware and Software Normal Basis Arithmetic for Pairing Based Cryptography in Characteristic Three,” IEEE Trans. Computers, vol. 54, no. 7, pp.852-860, July 2005.
[12] F. Haining, “Simple Multiplication Algorithm for a Class of ${\rm GF}(2^n)$ ,” Electronics Letters, vol. 32, no. 7, pp. 636-637, 1996.
[13] D. Hankerson, J. López, and A. Menezes, “Software Implementation of Elliptic Curve Cryptography over Binary Fields,” Proc. Cryptographic Hardware and Embedded Systems (CHES 2000), pp. 1-24, 2000.
[14] D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography. Springer-Verlag, 2004.
[15] M.A. Hasan, M.Z. Wang, and V.K. Bhargava, “A Modified Massy-Omura Parallel Multiplier for a Class of Finite Fields,” IEEE Trans. Computers, vol. 42, no. 10, pp. 1278-1280, Oct. 1993.
[16] R. Katti and J. Brennan, “Low Complexity Multiplication in a Finite Field Using Ring Representation,” IEEE Trans. Computers, vol. 52, no. 4, pp. 418-427, Apr. 2003.
[17] E. Knudsen, “Elliptic Scalar Multiplication Using Point Halving,” Advances in Cryptology Proc. ASIACRYPT '99, pp. 135-149, 1999.
[18] N. Koblitz, “CM-Curves with Good Cryptographic Properties,” Advances in Cryptology Proc. CRYPTO '91, pp. 279-287, 1992.
[19] Ç. Koç and T. Acar, “Montgomery Multiplication in ${\rm GF}(2^k)$ ,” Designs, Codes, and Cryptography, vol. 14, pp. 57-69, 1998.
[20] S. Kwon, C.H. Kim, and C.P. Hong, “Efficient Exponentiation for a Class of Finite Fields ${\rm GF}(2^n)$ Determined by Gauss Periods,” Proc. Cryptographic Hardware and Embedded Systems (CHES 2003), pp.228-242, 2003.
[21] J. López and R. Dahab, “High-Speed Software Multiplication in ${\hbox{\rlap{I}\kern 2.0pt{\hbox{F}}}}_{2^m}$ ,” Progress in Cryptology Proc. INDOCRYPT 2000, pp. 203-212, 2000.
[22] J.L. Massey and J.K. Omura, “Computational Method and Apparatus for Finite Field Arithmetic,” US Patent No. 4,587,627, 1986.
[23] M. Maurer, A. Menezes, and E. Teske, “Analysis of the GHS Weil Descent Attack on the ECDLP over Characteristic Two Finite Fields of Composite Degree,” LMS J. Computation and Math., vol. 5, pp. 127-174, 2002.
[24] R. Mullin, I. Onyszchuk, S. Vanstone, and R. Wilson, “Optimal Normal Bases in ${\rm GF}(p^n)$ ,” Discrete Applied Math., vol. 22, pp. 149-161, 1988/1989.
[25] P. Ning and Y. Yin, “Efficient Software Implementation for Finite Field Multiplication in Normal Basis,” Proc. Information and Comm. Security 2001, pp. 177-189, 2001.
[26] A. Reyhani-Masoleh, “Efficient Algorithms and Architectures for Field Multiplication Using Gaussian Normal Bases,” Technical Report CACR 2004-04, Univ. of Waterloo, Canada, 2004, revised in IEEE Trans. Computers, vol. 55, no. 1, pp. 34-47, Jan. 2006.
[27] A. Reyhani-Masoleh and M.A. Hasan, “Fast Normal Basis Multiplication Using General Purpose Processors,” IEEE Trans. Computers, vol. 52, no. 11, pp. 1379-1390, Nov. 2003.
[28] R. Schroeppel, “Elliptic Curves: Twice as Fast!” Presentation at the CRYPTO 2000 Rump Session, 2000.
[29] J. Solinas, “Efficient Arithmetic on Koblitz Curves,” Designs, Codes, and Cryptography, vol. 19, pp. 195-249, 2000.
[30] B. Sunar and Ç.K. Koç, “An Efficient Optimal Normal Basis TypeII Multiplier,” IEEE Trans. Computers, vol. 50, no. 1, pp. 83-87, Jan. 2001.
[31] V. Trujillo, J. Velasco, and J. López, “Design of an Elliptic Curve Processor over ${\rm GF}(2^{163})$ ,” Proc. IBERCHIP, 2004.
[32] J. von zur Gathen and M. Nöcker, “Polynomial and Normal Bases for Finite Fields,” J. Cryptology, 2005.
[33] H. Wu, A. Hasan, I.F. Blake, and S. Gao, “Finite Field Multiplier Using Redundant Representation,” IEEE Trans. Computers, vol. 51, no. 11, pp. 1306-1316, Nov. 2002.

Index Terms:
Multiplication in {\hbox{\rlap{I}\kern 2.0pt{\hbox{F}}}}_{2^m}, Gaussian normal basis, elliptic curve cryptography.
Ricardo Dahab, Darrel Hankerson, Fei Hu, Men Long, Julio L?pez, Alfred Menezes, "Software Multiplication Using Gaussian Normal Bases," IEEE Transactions on Computers, vol. 55, no. 8, pp. 974-984, Aug. 2006, doi:10.1109/TC.2006.132
Usage of this product signifies your acceptance of the Terms of Use.