Multiplication in Cyclotomic Rings and its Application to Finite Fields

arXiv:0807.3699v1 [cs.DM] 23 Jul 2008 Multiplication in Cyclotomic Rings and its Application to Finite Fields Francisco Arg¨uello Dept. Electr´onica y Computaci´on Universidad de Santiago de Compostela. 15782 Santiago de Compostela. Spain. francisco.arguello@usc.es August 17, 2018 Mailing Address: Francisco Arguello Dept. Electronica y Computacion Universidad de Santiago de Compostela 15782 Santiago de Compostela Spain PHONE: +34 981 594488 ext. 13556 FAX: +34 981 528012 e-mail: francisco.arguello@usc.es 1 Multiplication in Cyclotomic Rings and its Application to Finite Fields Francisco Arg¨uello Abstract A representation of finite fields that has proved useful when imple- menting finite field arithmetic in hardware is based on an isomorphism between subrings and fields. In this paper, we present an unified formu- lation for multiplication in cyclotomic rings and cyclotomic fields in that most arithmetic operations are done on vectors. From this formulation we can generate optimized algorithms for multiplication. For example, one of the proposed algorithms requires approximately half the number of coordinate-level multiplications at the expense of extra coordinate-level additions. Our method is then applied to the finite fields GF(qm) to further reduce the number of operations. We then present optimized algorithms for multiplication in finite fields with type-I and type-II optimal normal bases. Keywords: Cyclotomic ring, Finite field, Galois field, Normal basis, Redun- dant basis, Multiplier. 1 Introduction Recently, there has been a good deal of interest in developing hardware and software methods for implementing the finite field GF(qm) arithmetic operations particularly for cryptographic applications [1], [2], [3]. Multiplication in finite fields is a complicated and time-consuming operation that very much depends on how the field elements are represented. A representation of finite fields that has proved useful when implementing finite field arithmetic in hardware is based on an isomorphism between subrings and fields. The main idea is to embed a field in a larger ring, perform multiplication there, and then convert the result back to the field. The ring used is referred to as cyclotomic, because has an extremely simple basis whose elements form a cyclic group. Because the dimension of the ring is higher than that of the field, this representation is referred to as redundant. Having in mind the design of efficient arithmetic circuits, it is desirable to find the ring of lowest dimension with the property that the finite field is contained in the ring. This way of representation of finite fields has been explored by various authors [4], [5], [6], [7], [8], [9], [10]. Drolet [5] represents the finite field GF(2m) as a subring of the cyclotomic ring GF(2)[x]/(xn +1) with the integer n chosen in such a way that xn +1 ∈GF(2)[x] contains an irreducible factor of degree m. He shows that this ring representation 1 of elements of the finite field satisfies a generalized Massey-Omura condition and the square of an element can be obtained by applying a specific permutation to the bits of the word representing it. In this line, Geiselmann et al. [6] characterize the smallest n with GF(2)[x]/(xn + 1) containing an isomorphic copy of GF(2m). Some redundant bases can be easily introduced by the normal bases generated with the help of a Gauss period [11], [12]. Gao et al. [7], [8] use Gauss periods for embedding the elements of the finite field in a cyclotomic field and, by doing so, they can find the relation/conversion between the redundant basis and the normal basis. This conversion can be done in hardware with almost no cost. There are two types of normal basis generated by Gauss periods with minimal complexity, usually called optimal normal bases (ONBs) of type-I and type-II, respectively. When there exists an ONB, very simple and highly regular multiplier architecture can be obtained using the redundant representation. Recently, Wu et al. [10] have made this idea more explicit and present architectures that are suitable for hardware implementation. The basic idea is to embed the finite field GF(2m) in the smallest splitting field of xn + 1 over GF(2) and do the arithmetic in this cyclotomic field. In this paper, we first present an unified formulation for multiplication in cyclotomic rings and cyclotomic fields in that most arithmetic operations are done on vectors. The method is quite generic in the sense that it is not restricted to any special type of ground field. Our algorithms are then applied to the finite fields GF(qm) with q prime to further reduce the number of operations. The organization of the rest of this paper is as follows: In the next section, we briefly review the cyclotomic rings and fields. In Section 3, we derive a formulation for multiplication in generic cyclotomic rings/fields. We also give the computational complexity of the algorithms in terms of the coordinate-level operations needed. In section 4, we apply the method to the finite fields an

…(Full text truncated)…

This content is AI-processed based on ArXiv data.