ebook img

Efficient implementation of finite-field arithmetic PDF

145 Pages·2013·0.62 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Efficient implementation of finite-field arithmetic

Efficient implementation of finite-field arithmetic Peter Schwabe Radboud University Nijmegen, The Netherlands November 22, 2013 Pairing 2013 Tutorial Elliptic-curve addition (cid:73) Computing P +Q for two elliptic-curve points P and Q means performing a few operations in the underlying field (cid:73) Example: Add projective (X :Y :Z ) and (X :Y :Z ) on P P P Q Q Q curve E :y2 =x3+ax+b. t ←Y ·Z 1 P Q t ←X ·Z 2 P Q t ←Z ·Z 3 P Q u←Y ·Z −t Q P 1 uu←u2 v←X ·Z −t Q P 2 vv←v2 vvv←v·vv R←vv·t 2 A←uu·t −vvv−2·R 3 X ←v·A R Y ←u·(R−A)−vvv·t R 1 Z ←vvv·t R 3 return (X :Y :Z ) R R R Efficientimplementationoffinite-fieldarithmetic 2 The EFD (cid:73) There are many formulas for different curve shapes and point representations (cid:73) Best overview: The Explicit Formulas Database (EFD): http://www.hyperelliptic.org/EFD/ (cid:73) Compiled by Dan Bernstein and Tanja Lange from many papers and talks (cid:73) Contains verification scripts, 3-operand code, ... Efficientimplementationoffinite-fieldarithmetic 3 (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit (cid:73) That’s a lie! (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) (cid:73) Why can’t they just hold a 256-bit integer? (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class Efficientimplementationoffinite-fieldarithmetic 4 (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit (cid:73) That’s a lie! (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) (cid:73) Why can’t they just hold a 256-bit integer? (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) Efficientimplementationoffinite-fieldarithmetic 4 (cid:73) That’s a lie! (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) (cid:73) Why can’t they just hold a 256-bit integer? (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit Efficientimplementationoffinite-fieldarithmetic 4 (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) (cid:73) Why can’t they just hold a 256-bit integer? (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit (cid:73) That’s a lie! Efficientimplementationoffinite-fieldarithmetic 4 (cid:73) Why can’t they just hold a 256-bit integer? (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit (cid:73) That’s a lie! (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) Efficientimplementationoffinite-fieldarithmetic 4 (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit (cid:73) That’s a lie! (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) (cid:73) Why can’t they just hold a 256-bit integer? Efficientimplementationoffinite-fieldarithmetic 4 The problem with large integers (cid:73) C has data types for 8-bit, 16-bit, 32-bit, and 64-bit integers (cid:73) Why are there no data types for 256-bit integers? (cid:73) Magma does not have problems with large integers (cid:73) Python has datatype long for arbitrary-size integers (cid:73) Java has BigInteger class (cid:73) C is “portable assembly”, very close to what computers really do (cid:73) Computers work on data in registers (very small, very fast storage units) (cid:73) Typical register sizes: 8 bit, 16 bit, 32 bit, 64 bit ... but not 256 bit (cid:73) That’s a lie! (cid:73) Yeah, you’re right. We do have 256-bit registers (AVX on Intel and AMD processors) (cid:73) But those do not hold a single 256-bit integer (but vectors of integers or floats) (cid:73) Why can’t they just hold a 256-bit integer? (cid:73) Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and 64-bit integers) Efficientimplementationoffinite-fieldarithmetic 4

Description:
But those do not hold a single 256-bit integer (but vectors of integers or floats). Efficient implementation Because arithmetic units cannot perform arithmetic on 256-bit integers (only on 8-bit, 16-bit, 32-bit, and Basically the same as before, but now with 128-bit values (tricky, but possible i
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.