an algorithm for inversion in gf 2 m
play

An Algorithm for Inversion in GF(2 m ) Suitable for Implementation - PowerPoint PPT Presentation

Aug 03, 2023 •337 likes •717 views

An Algorithm for Inversion in GF(2 m ) Suitable for Implementation Using a Polynomial Multiply Instruction on GF(2) K. Kobayashi, N. Takagi, and K. Takagi Graduate School of Information Science, Nagoya University Outline Background and

  1. An Algorithm for Inversion in GF(2 m ) Suitable for Implementation Using a Polynomial Multiply Instruction on GF(2) K. Kobayashi, N. Takagi, and K. Takagi Graduate School of Information Science, Nagoya University

  2. Outline Background and objective Preliminaries GF(2 m ) A polynomial multiply instruction on GF(2) A conventional algorithm for inversion in GF(2 m ) A new algorithm for inversion in GF(2 m ) Evaluation Concluding remarks – p.1

  3. Background and Objective GF(2 m ) plays important roles in error-correcting codes and cryptography A fast algorithm for inversion in GF(2 m ) is required Polynomial multiply instruction on GF(2) accelerates multiplication in GF(2 m ) . We propose a fast algorithm for inversion in GF(2 m ) that is suitable for implementation using a polynomial multiply instruction on GF(2) – p.2

  4. GF(2 m ) (1/2) GF(2 m ) extension field of GF(2) any element A ( x ) ∈ GF(2 m ) A ( x ) = a m − 1 x m − 1 + · · · + a 1 x + a 0 ( a i ∈ { 0 , 1 } ) Addition in GF(2 m ) polynomial addition on GF(2) A ( x ) + B ( x ) = (( a m − 1 + b m − 1 ) mod 2) x m − 1 + · · · + (( a 0 + b 0 ) mod 2) executed by exclusive-OR operation for every coefficient – p.3

  5. GF(2 m ) (2/2) Multiplication in GF(2 m ) polynomial multiplication modulo G ( x ) on GF(2) G ( x ) : the irreducible polynomial with degree m A ( x ) · B ( x ) = A ( x ) × B ( x ) mod G ( x ) · : multiplication in GF(2 m ) × : polynomial multiplication in GF(2) Multiplicative inverse of A ( x ) The element A − 1 ( x ) is such that A ( x ) · A − 1 ( x ) = 1 . time-consuming operation – p.4

  6. MULGF2 MULGF2 instruction A typical polynomial multiply instruction on GF(2) calculates the 2 -word polynomial product from two 1 -word polynomial operands rs rt HI LO accelerates multiplication in GF(2 m ) A multiplier for MULGF2 can be realized very easily “carry-free” version of an integer multiplier – p.5

  7. Algorithm for Inversion in GF(2 m ) By extending the Euclid’s algorithm for polynomial, we can execute inversion in GF(2 m ) . R − 1 ( x ) := G ( x ); R 0 ( x ) := A ( x ); j := 0; repeat j := j + 1; Q j ( x ) := R j − 2 ( x ) ÷ R j − 1 ( x ); R j ( x ) := R j − 2 ( x ) − Q j ( x ) × R j − 1 ( x ); until R j ( x ) = 0; outputs R j − 1 ( x ) as GCD ( A ( x ) , G ( x )) ▽ – p.6

  8. Algorithm for Inversion in GF(2 m ) By extending the Euclid’s algorithm for polynomial, we can execute inversion in GF(2 m ) . R − 1 ( x ) := G ( x ); U − 1 ( x ) := 0; R 0 ( x ) := A ( x ); U 0 ( x ) := 1; j := 0; repeat j := j + 1; Q j ( x ) := R j − 2 ( x ) ÷ R j − 1 ( x ); R j ( x ) := R j − 2 ( x ) − Q j ( x ) × R j − 1 ( x ); U j ( x ) := U j − 2 ( x ) − Q j ( x ) × U j − 1 ( x ); until R j ( x ) = 0; outputs R j − 1 ( x ) as GCD ( A ( x ) , G ( x )) outputs U j − 1 ( x ) as A − 1 ( x ) ( A ( x ) × A − 1 ( x )mod G ( x )=1 ) – p.6

  9. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then R ( x ) ↔ S ( x ); δ := − δ ; end if S ( x ) := S ( x ) − x δ × R ( x ); end while ▽ – p.7

  10. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); 3−2 if deg( S ( x )) < deg( R ( x )) then S(x) := S(x) − x R(x); R ( x ) ↔ S ( x ); δ := − δ ; end if S ( x ) := S ( x ) − x δ × R ( x ); end while ▽ – p.7

  11. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 S: + x + 1 R ( x ) ↔ S ( x ); δ := − δ ; end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); end while ▽ – p.7

  12. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration R ( x ) ↔ S ( x ); δ := − δ ; x 2 S: + x + 1 x 2 end if R: + 1 2−2 S ( x ) := S ( x ) − x δ × R ( x ); S(x) := S(x) − x R(x); end while ▽ – p.7

  13. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 S: + x + 1 R ( x ) ↔ S ( x ); δ := − δ ; end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); 3rd iteration end while x 1 S: x 2 R: + 1 ▽ – p.7

  14. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 S: + x + 1 R ( x ) ↔ S ( x ); δ := − δ ; end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); 3rd iteration end while x 1 S: x 2 R: + 1 S(x) <−> R(x); 2−1 S(x) := S(x) − x R(x); ▽ – p.7

  15. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 R ( x ) ↔ S ( x ); δ := − δ ; S: + x + 1 end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); 3rd iteration end while x 1 S: x 2 1st & 2nd iterations correspond R: + 1 to one polynomial division 4th iteration x 1 S: x 2 R: + 1 – p.7

  16. Main Idea Key point The conventional algorithm can not use MULGF2 efficiently S ( x ) := S ( x ) − x δ × R ( x ); New algorithm based on Brunner’s hardware algorithm for inversion use MULGF2 efficiently executed with regularity – p.8

  17. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; else if s m = 1 then S ( x ) := S ( x ) − R ( x ); end if S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  18. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; R(x) := x R(x); else if s m = 1 then δ := δ + 1; S ( x ) := S ( x ) − R ( x ); end if S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  19. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); end if S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  20. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); end if S(x) := x (S(x) − R(x)); δ := δ − 1; S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  21. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); δ = 0 end if 3rd iteration x 3 x 2 S: + + x S ( x ) := x × S ( x ); x 3 if δ = 0 then R: + x R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  22. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 1st iteration S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); δ = 0 3rd iteration end if x 3 x 2 S: + + x S ( x ) := x × S ( x ); x 3 if δ = 0 then R: + x R ( x ) ↔ S ( x ); δ := δ + 1; S(x) := x (S(x)−R(x)); else S(x) <−> R(x); δ := δ − 1; end if δ := δ + 1; end if end for ▽ – p.9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Divide and Conquer Algorithms Mergesort, Quicksort Strassens Algorithm CSE 421

Divide and Conquer Algorithms Mergesort, Quicksort Strassens Algorithm CSE 421

Divide and Conquer Algorithms Mergesort, Quicksort Strassens Algorithm CSE 421 Closest Pair Algorithm (2d) Algorithms Inversion counting Integer Multiplication (Karatsubas Algorithm) Richard Anderson FFT

235 views • 4 slides
Inversion of the vectorial ray transform on Riemannian manifolds T. Pfitzenreiter, T. Schuster

Inversion of the vectorial ray transform on Riemannian manifolds T. Pfitzenreiter, T. Schuster

Nortons setup for vector field tomography Ray and Radon transforms on a Riemannian manifold An inversion method relying on Beylkins theory Numerical tests taking refraction into account Inversion of the vectorial ray transform on

527 views • 36 slides
Strengthening the inversion Tactic in Coq Dependent Types Inversion Lemmas Implications Anne

Strengthening the inversion Tactic in Coq Dependent Types Inversion Lemmas Implications Anne

Strengthening the inversion Tactic in Coq Anne Mulhern Examples Universes Strengthening the inversion Tactic in Coq Dependent Types Inversion Lemmas Implications Anne Mulhern Implementation Conclusion Department of Computer Sciences

242 views • 23 slides
Boolean Algebra - Part 2 September 4, 2008 Typeset by Foil T EX Inversion Inversion or

Boolean Algebra - Part 2 September 4, 2008 Typeset by Foil T EX Inversion Inversion or

Boolean Algebra - Part 2 September 4, 2008 Typeset by Foil T EX Inversion Inversion or Complement of a Function means all 0 outputs become 1 and all 1 outputs become 0. A B F F 0 0 0 1 0 1 1 0 1 0 1 0 1 1 0 1

867 views • 54 slides
Inversion Sequences and Generating Trees A. Bindi V. Guerrini S. Rinaldi University of Siena

Inversion Sequences and Generating Trees A. Bindi V. Guerrini S. Rinaldi University of Siena

Inversion Sequences and Generating Trees A. Bindi V. Guerrini S. Rinaldi University of Siena Permutation Patterns 2017 Inversion Sequences An inversion sequence is an integer sequence e 1 . . . e n satisfying 0 e i &lt; i for all i = 1 , .

1.62k views • 158 slides
Specifically Unspecific: Inversion Aversion and IRS Treas. Notice 14-52 By: Paul Determan,

Specifically Unspecific: Inversion Aversion and IRS Treas. Notice 14-52 By: Paul Determan,

Specifically Unspecific: Inversion Aversion and IRS Treas. Notice 14-52 By: Paul Determan, Michael Steffany &amp; Jason Jointer What is an Inversion? U.S.-based multinational changes its corporate structure, via merger, so that the new

854 views • 38 slides
Tomographic inversion Velocity determination with CRS attributes: NIP waves &amp; velocities

Tomographic inversion Velocity determination with CRS attributes: NIP waves &amp; velocities

CO 2 CRS: Tomography T. Klver &amp; J. Mann Introduction Tomographic inversion Velocity determination with CRS attributes: NIP waves &amp; velocities CRS tomography Inversion procedure data extraction and preconditioning First example

786 views • 29 slides
Short range geoacoustic inversion Short range geoacoustic inversion with a vertical line array

Short range geoacoustic inversion Short range geoacoustic inversion with a vertical line array

MPL Short range geoacoustic inversion Short range geoacoustic inversion with a vertical line array with a vertical line array Yong-Min Jiang 1 , N. Ross Chapman 1 and Peter Gerstoft 2 1 University of Victoria, Victoria, BC, Canada 2 Marine

533 views • 15 slides
Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama Technologies, Inc. 14811 St Marys Lane, Suite 150 Houston TX 77079 May 30, 2014 Bee Bednar (Panorama Technologies) Seismic Modeling, Migration

850 views • 53 slides
Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama Technologies, Inc. 14811 St Marys Lane, Suite 150 Houston TX 77079 May 18, 2014 Bee Bednar (Panorama Technologies) Seismic Modeling, Migration

432 views • 30 slides
temperature inversion in long-range interacting systems from astrophysical to atomic scales Lapo

temperature inversion in long-range interacting systems from astrophysical to atomic scales Lapo

intro temperature inversion velocity filtration toy model kick &amp; quench astro to atoms physical picture summary temperature inversion in long-range interacting systems from astrophysical to atomic scales Lapo Casetti Dipartimento di

635 views • 63 slides
Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*,

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*,

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*, Stewart A. Levin, and Robert G. Clapp Geophysics Department, Stanford University March 28, 2018 Huy Le Multi-parameter Waveform Inversion with GPUs

531 views • 24 slides
Pumping and population inversion - Laser amplification Gustav Lindgren 2015-02-12 Contents

Pumping and population inversion - Laser amplification Gustav Lindgren 2015-02-12 Contents

Pumping and population inversion - Laser amplification Gustav Lindgren 2015-02-12 Contents Part I: Laser pumping and population inversion Steady state laser pumping and population inversion 4-level laser Solve rate-equations in steady-state

574 views • 41 slides
Local formality of inversion hyperplane arrangements William Slofstra IQC, University of

Local formality of inversion hyperplane arrangements William Slofstra IQC, University of

Local formality of inversion hyperplane arrangements William Slofstra IQC, University of Waterloo July 15, 2016 joint work with Travis Scrimshaw Local formality of inversion hyperplane arrangements William Slofstra Basic ideas Coxeter

412 views • 14 slides
Parameterization, stacking, and with the CRS Stack method inversion of locally coherent events

Parameterization, stacking, and with the CRS Stack method inversion of locally coherent events

Parameterization, stacking &amp; inversion of locally coherent events Parameterization, stacking, and with the CRS Stack method inversion of locally coherent events Jrgen Mann with the Common-Reflection-Surface Motivation Introduction

1.81k views • 165 slides
Numerical inversion of 3D geodesic X-ray transform and its application to traveltime tomography

Numerical inversion of 3D geodesic X-ray transform and its application to traveltime tomography

X-ray transform Numerical inversion Numerical experiments Traveltime tomography Numerical results Numerical inversion of 3D geodesic X-ray transform and its application to traveltime tomography Eric Chung Department of Mathematics The

826 views • 49 slides
Outline Unreachable-Code Elimination P3 / 2003 Straightening If and Loop

Outline Unreachable-Code Elimination P3 / 2003 Straightening If and Loop

Outline Unreachable-Code Elimination P3 / 2003 Straightening If and Loop Simplifications Control-Flow and Low-Level Loop Inversion and Unswitching Branch Optimizations Optimizations Tail Merging (Cross Jumping)

102 views • 8 slides
The (almost) t) No Di Dig Remedial Investi tigati tion 26 Febru 26 February 2015 ary 2015

The (almost) t) No Di Dig Remedial Investi tigati tion 26 Febru 26 February 2015 ary 2015

The (almost) t) No Di Dig Remedial Investi tigati tion 26 Febru 26 February 2015 ary 2015 Steve Stacy, PG ARCADIS, U.S. e-mail: steve.stacy@arcadis-us.com Office Phone: 703-465-4234 Mobile Phone: 425-891-4507 Agend

309 views • 26 slides
Inverted Indexes the IR Way CS330 Fall 2005 1 Term Doc # How Inverted Files now 1 is 1

Inverted Indexes the IR Way CS330 Fall 2005 1 Term Doc # How Inverted Files now 1 is 1

Inverted Indexes the IR Way CS330 Fall 2005 1 Term Doc # How Inverted Files now 1 is 1 the 1 Are Created time 1 for 1 all 1 good 1 men 1 Periodically rebuilt, static otherwise. to 1 come 1 Documents are parsed to

675 views • 18 slides
Detecting Reverse Engineering with Canaries Collin Mulliner Security Engineer @ Cruise

Detecting Reverse Engineering with Canaries Collin Mulliner Security Engineer @ Cruise

Detecting Reverse Engineering with Canaries Collin Mulliner Security Engineer @ Cruise Automation Twitter: @ collinrm CanSecWest March 2018 About Me Security since ~1994 (hard to tell) BS, MS, PhD in computer science (all focused on

1.29k views • 80 slides
Loop Optimizations in LLVM: The Good, The Bad, and The Ugly Michael Kruse, Hal Finkel Argonne

Loop Optimizations in LLVM: The Good, The Bad, and The Ugly Michael Kruse, Hal Finkel Argonne

Loop Optimizations in LLVM: The Good, The Bad, and The Ugly Michael Kruse, Hal Finkel Argonne Leadership Computing Facility Argonne National Laboratory 18 th October 2018 Acknowledgments This research was supported by the Exascale Computing

1.11k views • 81 slides
1 Recap: Taking Differences Distribution of Integer Values 0.1 idea: use efficient coding

1 Recap: Taking Differences Distribution of Integer Values 0.1 idea: use efficient coding

Recap: Search Engine Query Processing Recap: Search Engine Query Processing Parallel query processing: divide docs between Basically, to process a query we need to traverse the many machines, broadcast results to all inverted lists of the

434 views • 6 slides
Outline Outline Unreachable-Code Elimination Unreachable Code Elimination Control-Flow and

Outline Outline Unreachable-Code Elimination Unreachable Code Elimination Control-Flow and

Outline Outline Unreachable-Code Elimination Unreachable Code Elimination Control-Flow and Low-Level Straightening If and Loop Simplifications If and Loop Simplifications Optimizations Optimizations Loop Inversion and

254 views • 10 slides
Two-Scale Wave Equation Modeling for Seismic Inversion Susan E. Minkoff Department of

Two-Scale Wave Equation Modeling for Seismic Inversion Susan E. Minkoff Department of

Two-Scale Wave Equation Modeling for Seismic Inversion Susan E. Minkoff Department of Mathematics and Statistics University of Maryland Baltimore County Baltimore, MD 21250, USA RICAM Workshop 3: Wave Propagation and Scattering, Inverse

588 views • 44 slides

More recommend