Montgomery Reduction for GF(2)[x] ?
From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: 05/31/03
- Next message: Colin Andrew Percival: "Re: Montgomery Reduction for GF(2)[x] ?"
- Previous message: John A. Malley: "Re: Triple AES (3AES)"
- Next in thread: Colin Andrew Percival: "Re: Montgomery Reduction for GF(2)[x] ?"
- Reply: Colin Andrew Percival: "Re: Montgomery Reduction for GF(2)[x] ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 31 May 2003 01:33:04 GMT
I was just thinking. Wouldn't Montgomery reduction also work for
polynomials in GF(2)[x] ? Consider an odd polynomial v(x) and a
polynomial you want to reduce p(x).
1. for t from 1 to k do
2. if the lsb of p(x) is one then
3. p(x) = p(x) + v(x)
4. p(x) = p(x) / x
The result is congruent to p(x) modulo v(x) times x^{-k} so you can use
the same Montgomery tricks.
The algorithm only requires XOR and right shift operations and of course
can be optimized to use multiple bits [a byte driven algorithm would be
fast] at a time.
Now I'm certain I'm not the first to propose this but in all of the
papers I've read I have never seen it proposed. Is this one of those
"no duh" ideas or just not very many people have thought of this?
Tom
- Next message: Colin Andrew Percival: "Re: Montgomery Reduction for GF(2)[x] ?"
- Previous message: John A. Malley: "Re: Triple AES (3AES)"
- Next in thread: Colin Andrew Percival: "Re: Montgomery Reduction for GF(2)[x] ?"
- Reply: Colin Andrew Percival: "Re: Montgomery Reduction for GF(2)[x] ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
