CN107885486B - Composite finite field inversion device based on search tree - Google Patents
Composite finite field inversion device based on search tree Download PDFInfo
- Publication number
- CN107885486B CN107885486B CN201711259841.4A CN201711259841A CN107885486B CN 107885486 B CN107885486 B CN 107885486B CN 201711259841 A CN201711259841 A CN 201711259841A CN 107885486 B CN107885486 B CN 107885486B
- Authority
- CN
- China
- Prior art keywords
- node
- tree
- inversion
- finite field
- layer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/60—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
- G06F7/72—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
- G06F7/724—Finite field arithmetic
- G06F7/726—Inversion; Reciprocal calculation; Division of elements of a finite field
Abstract
The invention discloses a composite finite field inversion device based on a search tree, which is characterized by comprising a controller, an input port, an output port and an arithmetic unit, wherein the input port is connected with the output port of the controller; the input port is used for inputting a composite finite field GF ((2)n)2) The inversion operand a (x); the controller is used for calling the arithmetic unit to perform inversion operation on the inversion operand a (x) to obtain a composite finite field GF ((2)n)2) The inversion result b (x) of (a); the arithmetic unit is used for operating addition operation, multiplication operation, square operation and inversion operation based on a search tree; the output port is used for outputting the inversion operation result b (x). The invention can effectively improve the operation efficiency of finite field inversion.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a composite finite field inversion device based on a search tree.
Background
Finite field inversion belongs to finite field operation, and is widely used by cryptographic algorithms together with operations such as finite field addition, multiplication, division, squaring, and squaring. The composite finite field belongs to a finite field, and the inversion of the composite finite field is characterized in that the operation of a subdomain is required. A commonly used complex finite field is GF ((2)n)2) The size of the field is (2)n)2The subfield of which is GF (2)n)。GF((2n)2) The inversion operation of (2) generally requires the sub-field GFn) Addition, multiplication, inversion, etc. Since the complex finite field is GF ((2)n)2) Inversion containment subfield GF (2)n) Operation, therefore by optimizing GF (2)n) The operation can promote GF ((2)n)2) The inversion efficiency of (1).
The composite finite field inverter in the prior art cannot realize the arithmetic efficiency required by finite field inversion in real time and in a speed-sensitive environment.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a composite finite field inversion device based on a search tree, which can effectively improve the operation efficiency of finite field inversion.
The technical scheme provided by the invention for the technical problem is as follows:
the invention provides a composite finite field inversion device based on a search tree, which comprises a controller, an input port, an output port and an arithmetic unit, wherein the input port is connected with the output port of the controller;
the input port is used for inputting a composite finite field GF ((2)n)2) The inversion operand a (x);
the controller is used for calling the arithmetic unit to perform inversion operation on the inversion operand a (x) to obtain a composite finite field GF ((2)n)2) The inversion result b (x) of (a);
the arithmetic unit is used for operating addition operation, multiplication operation, square operation and inversion operation based on a search tree;
the output port is used for outputting the inversion operation result b (x).
Further, the polynomial expression of the inverse operand a (x) is a (x) ═ ahx+al;
The polynomial expression of the inversion result b (x) is b (x) ═ bhx+bl;b(x)=a(x)-1;
Wherein, ah,al,bh,blAre all finite fields GF (2)n) Of (2) is used.
Furthermore, the arithmetic unit comprises an addition operation module, a multiplication operation module, a square operation module and an inversion operation module;
the input port is also used for inputting a clock signal;
the controller is specifically configured to invoke the addition module to calculate s in a first clock cycle0=ah+alCalling the square operation module to calculate s1=ah 2Invoking the multiplication operation module to calculate s3=ah×al;
In the second clock period, calling the square operation module to calculate s2=al 2Invoking the multiplication operation module to calculate s4=s1×e;
In the third clock cycle, calling the addition operation module to calculate s5=s4+s3;
In the fourth clock cycle, calling the addition operation module to calculate s6=s5+s2;
In the fifth clock cycle, calling the inversion operation module to calculate s7=s6 -1;
In the sixth clock cycle, calling the multiplication operation module to calculate bl=s0×s7;
In the seventh clock cycle, calling the multiplication operation module to calculate bh=ah×s7Further, b (x) and b are calculatedhx+bl;
Wherein s is0,ah,s1,al,s2,s3,s4,s5,s6,s7,bl,bhAre all finite fields GF (2)n) E is a finite field GF (2)n) Is constant.
Further, the addition module comprises n xor logic gates for the finite field GF (2)n) C (x) and d (x), calculating ei=ci+diFurther obtain the addition result
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,d(x)=dn-1xn-1+dn-2xn-2+...+d0,e(x)=en- 1xn-1+en-2xn-2+...+e0I-0, 1, n-1, n ≧ 1, + is finite field GF (2)n) Addition of cn-1,cn-2,...,c0,dn-1,dn-2,...,d0,en-1,en-2,...,e0Are all finite fields GF (2)n) Of (2) is used.
Further, the multiplication is carried outThe computation block comprises a plurality of AND and XOR gates for the finite field GF (2)n) C (x) and d (x), calculating
And
j is 0,1, 2n-2, and then calculated
i is 0,1, n-1, n is more than or equal to 1, and a multiplication result is obtained
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,d(x)=dn-1xn-1+dn-2xn-2+...+d0,e(x)=en- 1xn-1+en-2xn-2+...+e0Mod is a modulo operation, p (x) xn+pn-1xn-1+.. +1 is the finite field GF (2)n) Irreducible polynomial of (a), pn-1,pn-2,...,p1,vjl,cl,dk,Sj,ei,vjiAre all finite fields GF (2)n) Of (2) is used.
Further, the squaring operation module comprises a plurality of AND and XOR gates for finite fields GF (2)n) C (x), calculating
And
j is 0,1, 2n-2, and then calculated
i is 0,1, n-1, n is more than or equal to 1, and a square operation result is obtained
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,e(x)=en-1xn-1+en-2xn-2+...+e0Mod is a modulo operation, p (x) xn+pn-1xn-1+.. +1 is the finite field GF (2)n) Irreducible polynomial of (a), pn-1,pn-2,...,p1,vjl,cl,ck,Sj,ei,vjiAre all finite fields GF (2)n) Of (2) is used.
Further, the inversion module comprises a plurality of and or gates for addressing the finite field GF (2)n) Based on the search tree, e (x) ═ c (x)-1;
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,e(x)=en-1xn-1+en-2xn-2+...+e0,cn-1,cn-2,...,c0,en-1,en-2,...,e0Are all finite fields GF (2)n) Of (2) is used.
Further, the inversion operation module is specifically configured to construct two search trees, where each search tree has n layers, and corresponds to the 0 th layer to the n-1 th layer respectively; the 0 th layer of each search tree is provided with a tree node, one tree node is set as a left node, and the other tree node is set as a right node; from the 0 th layer to the n-2 th layer, each tree node of each layer is provided with two child nodes which are respectively set as a left node and a right node and are used as the tree node of the next layer; wherein, the left node represents a value of 0, and the right node represents a value of 1;
for c (x) ═ cn-1xn-1+cn-2xn-2+...+c0From c0At the beginning, according to c0The value of (d) is entered into two tree nodes at level 0Line marking, if c0If the value of (1) is 0, marking a left node of the two tree nodes, and if the value of (1) is 1, marking a right node of the two tree nodes, thereby obtaining a 0 th layer of marked nodes;
according to c1If c is the value of (c), marking two child nodes of the 0 th layer marking node1If the value of (c) is 0, then the left node of the two child nodes is marked, if c is1If the value of (1) is 1, marking the right node of the two child nodes so as to obtain a layer 1 marked node;
sequentially marking each layer until a marking node of the (n-1) th layer is obtained;
if the marking node of the n-1 th layer is connected with another tree node of the n-1 th layer, judging that c (x) has an inverse element;
judging whether the connected tree nodes are left nodes or right nodes, and if the connected tree nodes are left nodes, setting en-1If it is 0, e is set for right noden-1=1;
Judging whether the tree node of the (n-2) th layer to which the connected tree nodes belong is a left node or a right node, and if the tree node is the left node, setting en-2If it is 0, e is set for right noden-2=1;
Sequentially judging each layer until e is set0To obtain the result of the inversion operation
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
in the complex finite field inversion operation, inversion operation is carried out based on a search tree, compared with a finite field inverter in the prior art, the operation efficiency is effectively improved, and the method can be widely applied to the mathematical fields and the engineering fields of symmetric encryption (such as DES and AES), public key cryptography, Rainbow, TTS, UOV signature and the like.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a finite field multiplier of a complex finite field inversion apparatus based on a lookup tree according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
The embodiment of the invention provides a composite finite field inversion device based on a search tree, which is shown in figure 1 and comprises a controller 1, an input port, an output port b and an arithmetic unit;
the input port comprises a port a for inputting a composite finite field GF ((2)n)2) The inversion operand a (x);
the controller 1 is used for calling the arithmetic unit to perform an inversion operation on the inversion operand a (x) to obtain a composite finite field GF ((2)n)2) The inversion result b (x) of (a);
the arithmetic unit is used for operating addition operation, multiplication operation, square operation and inversion operation based on a search tree;
the output port b is used for outputting the inversion operation result b (x).
The controller is respectively connected with the input port, the output port and the arithmetic unit and used for scheduling connected components. The input port comprises a port a for inputting the composite finite field GF ((2)n)2) The output port comprises a port b for outputting the composite finite field GF ((2)n)2) The result b (x) of the inversion operation of (a).
Further, the polynomial expression of the inverse operand a (x) is a (x) ═ ahx+al;
The polynomial expression of the inversion result b (x) is b (x) ═ bhx+bl;b(x)=a(x)-1;
Wherein, ah,al,bh,blAre all finite fields GF (2)n) Of (2) is used.
Incidentally, GF ((2)n)2) Is q (x) x2+ x + e, e is the finite field GF (2)n) Is constant. The inverse operand a (x) is composed of two n-bit numbers, and can be expressed in polynomial form or coefficient form, such as a (x) a (a)h,al),ah,alIs a finite field GF (2)n) Of (2) is used. The inversion result b (x) is composed of two n-bit arrays, and can be expressed in the form of a polynomial or a coefficient, such as b (x) b (b)h,bl),bh,blIs a finite field GF (2)n) Of (2) is used.
Furthermore, the arithmetic unit comprises an addition operation module 2, a multiplication operation module 3, a square operation module 4 and an inversion operation module 5;
the input port further comprises a port clk for inputting a clock signal;
the controller 1 is specifically configured to invoke the addition operation module to calculate s in a first clock cycle0=ah+alCalling the square operation module to calculate s1=ah 2Invoking the multiplication operation module to calculate s3=ah×al;
In the second clock period, calling the square operation module to calculate s2=al 2Invoking the multiplication operation module to calculate s4=s1×e;
In the third clock cycle, calling the addition operation module to calculate s5=s4+s3;
In the fourth clock cycle, calling the addition operation module to calculate s6=s5+s2;
In the fifth clock cycle, calling the inversion operation module to calculate s7=s6 -1;
In the sixth clock cycle, calling the multiplication operation module to calculate bl=s0×s7;
In the seventh clock cycle, calling the multiplication operation module to calculate bh=ah×s7Further, b (x) and b are calculatedhx+bl;
Wherein s is0,ah,s1,al,s2,s3,s4,s5,s6,s7,bl,bhAre all finite fields GF (2)n) E is a finite field GF (2)n) Is constant.
The controller 1 is connected to the addition module 4, the first multiplication module 5, the second multiplication module 6, the first square operation module 7, the second square operation module 8, and the inversion module 9, respectively. The input port further comprises a port clk for inputting a clock signal. The controller is also used for analyzing the clock signal. The clock signal is a single bit signal, the value of which is 0 or 1, representing low level or high level, and the transition from low level to high level representing the beginning of a clock cycle. The addition module includes a module for calculating GF (2)n) A logic gate circuit for addition; the multiplication module includes a module for calculating GF (2)n) A logic gate circuit for multiplication; the squaring module includes a module for calculating GF (2)n) A squared logic gate circuit; the inversion operation module comprises a calculation module for calculating GF (2)n) An inverted lookup structure.
Further, the addition module comprises n xor logic gates for the finite field GF (2)n) C (x) and d (x), calculating ei=ci+diFurther obtain the addition result
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,d(x)=dn-1xn-1+dn-2xn-2+...+d0,e(x)=en- 1xn-1+en-2xn-2+...+e0I-0, 1, n-1, n ≧ 1, + is finite field GF (2)n) Addition of cn-1,cn-2,...,c0,dn-1,dn-2,...,d0,en-1,en-2,...,e0Are all finite fields GF (2)n) Of (2) is used.
The finite field GF (2)n) The addition of (2) uses exclusive or logic gates, so that the addition block comprises n exclusive or logic gates for computing GF (2)n) The addition of two known elements c (x) and d (x) e (x) ═ c (x) + d (x). In a specific operation, e is calculated for i 0,1i=ci+diThe result of the addition operation is obtained
Further, the multiplication operation module comprises a plurality of AND logic gates and XOR logic gates for addressing the finite field GF (2)n) C (x) and d (x), calculating
And
j is 0,1, 2n-2, and then calculated
i is 0,1, n-1, n is more than or equal to 1, and a multiplication result is obtained
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,d(x)=dn-1xn-1+dn-2xn-2+...+d0,e(x)=en- 1xn-1+en-2xn-2+...+e0Mod is a modulo operation, p (x) xn+pn-1xn-1+.. +1 is the finite field GF (2)n) Irreducible polynomial of (a), pn-1,pn-2,...,p1,vjl,cl,dk,Sj,ei,vjiAre all finite fields GF (2)n) Of (2) is used.
The finite field GF (2)n) The addition uses an exclusive-or gate and the multiplication uses an and gate, so that the multiplication module comprises a plurality of and gates and exclusive-or gates for computing GF (2)n) The multiplication e (x) of two known elements c (x) and d (x) of (a), (b), (c), (x) and (x). At specific operation, for j 0,1
And
for i-0, 1
Finally, the multiplication result is obtained
Further, the squaring operation module comprises a plurality of AND and XOR gates for finite fields GF (2)n) C (x), calculating
And
j is 0,1, 2n-2, and then calculated
i is 0,1, n-1, n is more than or equal to 1, and a square operation result is obtained
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,e(x)=en-1xn-1+en-2xn-2+...+e0Mod is a modulo operation, p (x) xn+pn-1xn-1+.. +1 is the finite field GF (2)n) Irreducible polynomial of (a), pn-1,pn-2,...,p1,vjl,cl,ck,Sj,ei,vjiAre all finite fields GF (2)n) Of (2) is used.
The finite field GF (2)n) The addition uses an exclusive-or gate and the multiplication uses an and gate, so that the multiplication module comprises a plurality of and gates and exclusive-or gates for computing GF (2)n) The square e (x) of (c), (x) c (x)2. At specific operation, for j 0,1
And
for i-0, 1
Finally, the square operation result is obtained
Further, the inversion module comprises a plurality of and or gates for addressing the finite field GF (2)n) Based on the search tree, e (x) ═ c (x)-1;
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,e(x)=en-1xn-1+en-2xn-2+...+e0,cn-1,cn-2,...,c0,en-1,en-2,...,e0Are all finite fields GF (2)n) Of (2) is used.
Further, the inversion operation module is specifically configured to construct two search trees, where each search tree has n layers, and corresponds to the 0 th layer to the n-1 th layer respectively; the 0 th layer of each search tree is provided with a tree node, one tree node is set as a left node, and the other tree node is set as a right node; from the 0 th layer to the n-2 th layer, each tree node of each layer is provided with two child nodes which are respectively set as a left node and a right node and are used as the tree node of the next layer; wherein, the left node represents a value of 0, and the right node represents a value of 1;
for c (x) ═ cn-1xn-1+cn-2xn-2+...+c0From c0At the beginning, according to c0The value of (c) marks two tree nodes of the 0 th layer0If the value of (1) is 0, marking a left node of the two tree nodes, and if the value of (1) is 1, marking a right node of the two tree nodes, thereby obtaining a 0 th layer of marked nodes;
according to c1If c is the value of (c), marking two child nodes of the 0 th layer marking node1If the value of (c) is 0, then the left node of the two child nodes is marked, if c is1If the value of (1) is 1, marking the right node of the two child nodes so as to obtain a layer 1 marked node;
sequentially marking each layer until a marking node of the (n-1) th layer is obtained;
if the marking node of the n-1 th layer is connected with another tree node of the n-1 th layer, judging that c (x) has an inverse element;
judging whether the connected tree nodes are left nodes or right nodes, and if the connected tree nodes are left nodes, setting en-1If it is 0, e is set for right noden-1=1;
Judging whether the tree node of the (n-2) th layer to which the connected tree nodes belong is a left node or a right node, and if the tree node is the left node, setting en-2If it is 0, e is set for right noden-2=1;
For each layer in turnMaking a judgment until e is set0To obtain the result of the inversion operation
The tree node at the 0 th level of each tree is a root node, the root node of one tree is a left root node, and the root node of the other tree is a right root node. From level 0 to level n-2, each tree node of each level has two children as tree nodes of the next level, e.g., two root nodes of level 0 have two children as tree nodes of level 1, respectively, and thus level 1 has 4 tree nodes. The tree nodes in the (n-1) th layer are leaf nodes. Each path from the root node to the leaf node represents a GF (2)n) Of (2) is used. For example, the path from the left root node, to the left of its two children nodes, until the leftmost leaf node ends (leftmost node of layer n-1) represents GF (2)n) Element (00.. 00)2。
If GF (2)n) Inversion of (a), (b), (c), (x)-1And from layer 0 to node n of layer n-1tRepresents GF (2)n) Element c (x) of (1), node n from layer 0 to layer n-1kRepresents GF (2)n) E (x) of (1), then node n of layer n-1kAnd ntAre connected. Therefore, the operation process of the inversion operation module is as follows:
first, for c (x) ═ cn-1xn-1+cn-2xn-2+...+c0Judgment c0If the value of (1) is 0 or 1, marking a left root node, otherwise marking a right root node;
then, the root node for searching the 0 th layer mark has two child nodes, and c is judged1If the value of (1) is 0 or 1, marking a left node if the value of (0) is 0, otherwise marking a right node;
marking nodes on each layer from the next to the next according to the judging method until the n-1 layer, and marking a certain leaf node;
if the marked leaf node is connected with another leaf node, c (x) has an inverse element and marks the connected leaf node;
if the leaf node is the left node, en-1If this leaf node is the right node, then e is 0n-1=1;
If the parent node of the leaf node (i.e., the tree node to which the leaf node belongs) is the left node, en-2If the parent node of the leaf node is the right node, e is 0n-2=1;
Then, e is calculated for each layer according to the judgment methodiUp to layer 0;
finally, the process is carried out in a batch,
is (x) ═ c (x)-1The operation result of (1).
The working process of the complex finite field inversion device provided by the embodiment of the present invention is described below by taking n as an example, which is 4.
The input port operand a (x) is the complex finite field GF ((2)4)2) May be expressed in the form of a polynomial:
a(x)=ahx+al,
ah,alis a finite field GF (2)4) Of (2) is used.
The operand b (x) of the output port is the complex finite field GF ((2)4)2) May be expressed in the form of a polynomial:
b(x)=bhx+bl,
bh,blis a finite field GF (2)4) Of (2) is used.
The clock signal clk at the input port is a single bit signal with a clock period of 20 ns.
The controller is used to schedule other components, calculate GF ((2)4)2) B (x) a (x)-1In which GF ((2))4)2) Is q (x) x2+ x +9, the procedure is as follows:
firstly, in the first clock period, an addition operation module is called to calculate s0=ah+al,s0,ah,alIs a finite field GF (2)4) An element of (1);
calculating s by calling square operation module1=ah 2,s1,ahIs a finite field GF (2)4) An element of (1);
calling multiplication operation module to calculate s3=ah×al,s3,ah,alIs a finite field GF (2)4) An element of (1);
then, in the second clock cycle, calling square operation module to calculate s2=al 2,s2,alIs a finite field GF (2)4) An element of (1);
calling multiplication operation module to calculate s4=s1×e,s4,s1E is a finite field GF (2)4) An element of (1);
then, in the third clock cycle, calling an addition operation module to calculate s5=s4+s3,s5,s4,s3Is a finite field GF (2)4) An element of (1);
then, in the fourth clock cycle, the addition operation module is called to calculate s6=s5+s2,s6,s5,s2Is a finite field GF (2)4) An element of (1);
then, in the fifth clock cycle, calling an inversion operation module to calculate s7=s6 -1,s7,s6Is a finite field GF (2)4) An element of (1);
next, in the sixth clock cycle, a multiplication module is called to calculate bl=s0×s7,bl,s0,s7Is a finite field GF (2)4) An element of (1);
then, in the seventh clock cycle, calling multiplication operation module to calculate bh=ah×s7,bl,ah,s7Is a finite field GF (2)4) An element of (1);
finally, b (x) bhx+blIs a (x) ═ ahx+alThe inverse of (3).
In the embodiment of the invention, inversion operation is carried out based on the search tree in the composite finite field inversion operation, compared with the finite field inverter in the prior art, the operation efficiency is effectively improved, and the method can be widely applied to the mathematical fields and the engineering fields of symmetric encryption (such as DES and AES), public key cryptography, Rainbow, TTS, UOV signature and the like.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (6)
1. A composite finite field inversion device based on a search tree is characterized by comprising a controller, an input port, an output port and an arithmetic unit;
the input port is used for inputting a composite finite field GF ((2)n)2) The inversion operand a (x);
the controller is used for calling the arithmetic unit to perform inversion operation on the inversion operand a (x) to obtain a composite finite field GF ((2)n)2) The inversion result b (x) of (a);
the arithmetic unit is used for operating addition operation, multiplication operation, square operation and inversion operation based on a search tree;
the output port is used for outputting the inversion operation result b (x);
the polynomial expression of the inverse operand a (x) is a (x) ═ ahx+al;
The polynomial expression of the inversion result b (x) is b (x) ═ bhx+bl;b(x)=a(x)-1;
Wherein, ah,al,bh,blAre all finite fields GF (2)n) An element of (1);
the arithmetic unit comprises an addition operation module, a multiplication operation module, a square operation module and an inversion operation module;
the input port is also used for inputting a clock signal;
the controller is specifically configured to invoke the addition module to calculate s in a first clock cycle0=ah+alCalling the square operation module to calculate s1=ah 2Invoking the multiplication operation module to calculate s3=ah×al;
In the second clock period, calling the square operation module to calculate s2=al 2Invoking the multiplication operation module to calculate s4=s1×e;
In the third clock cycle, calling the addition operation module to calculate s5=s4+s3;
In the fourth clock cycle, calling the addition operation module to calculate s6=s5+s2;
In the fifth clock cycle, calling the inversion operation module to calculate s7=s6 -1;
In the sixth clock cycle, calling the multiplication operation module to calculate bl=s0×s7;
In the seventh clock cycle, calling the multiplication operation module to calculate bh=ah×s7Further, b (x) and b are calculatedhx+bl;
Wherein s is0,ah,s1,al,s2,s3,s4,s5,s6,s7,bl,bhAre all finite fields GF (2)n) E is a finite field GF (2)n) Is constant.
2. The lookup tree based complex finite field inversion device as claimed in claim 1 wherein said addition module comprises n xor logic gates for GF (2) finite fieldsn) Two known elements of c (x) and d (c (x)x), calculating ei=ci+diFurther obtain the addition result
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,d(x)=dn-1xn-1+dn-2xn-2+...+d0,e(x)=en-1xn-1+en-2xn-2+...+e0I-0, 1, n-1, n ≧ 1, + is finite field GF (2)n) Addition of cn-1,cn-2,...,c0,dn-1,dn-2,...,d0,en-1,en-2,...,e0Are all finite fields GF (2)n) Of (2) is used.
3. The lookup tree based complex finite field inversion device as claimed in claim 1 wherein said multiplication module comprises a plurality of and xor gates for GF (2) finite fieldn) C (x) and d (x), calculating
And
and then calculate
Obtaining multiplication results
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,d(x)=dn-1xn-1+dn-2xn-2+...+d0,e(x)=en-1xn-1+en-2xn-2+...+e0Mod is a modulo operation, p (x) xn+pn-1xn-1+.. +1 is the finite field GF (2)n) Irreducible polynomial of (a), pn-1,pn-2,...,p1,vjl,cl,dk,Sj,ei,vjiAre all finite fields GF (2)n) Of (2) is used.
4. The lookup tree based complex finite field inversion device as claimed in claim 1 wherein said squaring module comprises a plurality of AND and XOR gates for the finite field GF (2)n) C (x), calculating
And then calculate
Obtaining a result of a squaring operation
Wherein c (x) cn-1xn-1+cn-2xn-2+...+c0,e(x)=en-1xn-1+en-2xn-2+...+e0Mod is a modulo operation, p (x) xn+pn-1xn-1+.. +1 is the finite field GF (2)n) Irreducible polynomial of (a), pn-1,pn-2,...,p1,vjl,cl,ck,Sj,ei,vjiAre all finite fields GF (2)n) Of (2) is used.
5. The lookup tree based complex finite field inversion device as claimed in claim 1, wherein said inversion operation module comprises a plurality of and xor gates for GF (2) finite fieldn) Based on the search tree, e (x) ═ c (x)-1;
Wherein, c (x))=cn-1xn-1+cn-2xn-2+...+c0,e(x)=en-1xn-1+en-2xn-2+...+e0,cn-1,cn-2,...,c0,en-1,en-2,...,e0Are all finite fields GF (2)n) Of (2) is used.
6. The lookup tree-based composite finite field inversion device of claim 5, wherein the inversion operation module is specifically configured to construct two lookup trees, each lookup tree having n layers, corresponding to the 0 th layer to the n-1 th layer respectively; the 0 th layer of each search tree is provided with a tree node, one tree node is set as a left node, and the other tree node is set as a right node; from the 0 th layer to the n-2 th layer, each tree node of each layer is provided with two child nodes which are respectively set as a left node and a right node and are used as the tree node of the next layer; wherein, the left node represents a value of 0, and the right node represents a value of 1;
for c (x) ═ cn-1xn-1+cn-2xn-2+...+c0From c0At the beginning, according to c0The value of (c) marks two tree nodes of the 0 th layer0If the value of (1) is 0, marking a left node of the two tree nodes, and if the value of (1) is 1, marking a right node of the two tree nodes, thereby obtaining a 0 th layer of marked nodes;
according to c1If c is the value of (c), marking two child nodes of the 0 th layer marking node1If the value of (c) is 0, then the left node of the two child nodes is marked, if c is1If the value of (1) is 1, marking the right node of the two child nodes so as to obtain a layer 1 marked node;
sequentially marking each layer until a marking node of the (n-1) th layer is obtained;
if the marking node of the n-1 th layer is connected with another tree node of the n-1 th layer, judging that c (x) has an inverse element;
judging whether the connected tree nodes are left nodes or right nodes, and if the connected tree nodes are left nodes, setting en-1If it is 0, e is set for right noden-1=1;
Judging whether the tree node of the (n-2) th layer to which the connected tree nodes belong is a left node or a right node, and if the tree node is the left node, setting en-2If it is 0, e is set for right noden-2=1;
Sequentially judging each layer until e is set0To obtain the result of the inversion operation
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711259841.4A CN107885486B (en) | 2017-12-04 | 2017-12-04 | Composite finite field inversion device based on search tree |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711259841.4A CN107885486B (en) | 2017-12-04 | 2017-12-04 | Composite finite field inversion device based on search tree |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107885486A CN107885486A (en) | 2018-04-06 |
| CN107885486B true CN107885486B (en) | 2021-09-07 |
Family
ID=61772960
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711259841.4A Active CN107885486B (en) | 2017-12-04 | 2017-12-04 | Composite finite field inversion device based on search tree |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107885486B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108897526B (en) * | 2018-06-29 | 2022-10-21 | 深圳职业技术学院 | Compound finite field inverter based on multiple square operations and inversion method thereof |
| CN108874365A (en) * | 2018-06-29 | 2018-11-23 | 深圳职业技术学院 | A kind of finite field inverter and finite field inversions method based on irreducible trinomial |
| CN109656513B (en) * | 2018-12-07 | 2022-11-11 | 深圳职业技术学院 | Composite finite field division device based on cardiac model |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572602A (en) * | 2008-04-28 | 2009-11-04 | 陈婧 | Finite field inversion method based on hardware design and device thereof |
| CN101630244A (en) * | 2009-07-28 | 2010-01-20 | 哈尔滨工业大学深圳研究生院 | System and method of double-scalar multiplication of streamlined elliptic curve |
| CN102902510A (en) * | 2012-08-03 | 2013-01-30 | 华南理工大学 | Galois field inversion device |
| CN106909339A (en) * | 2017-02-22 | 2017-06-30 | 深圳职业技术学院 | A kind of Galois field multiplier based on binary tree structure |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4905161B2 (en) * | 2007-01-31 | 2012-03-28 | 富士通株式会社 | RAID device and data restoration device using Galois field |
| CN104639282B (en) * | 2013-11-14 | 2018-09-11 | 杭州海康威视数字技术股份有限公司 | RS interpretation methods and its device in communication system |
-
2017
- 2017-12-04 CN CN201711259841.4A patent/CN107885486B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572602A (en) * | 2008-04-28 | 2009-11-04 | 陈婧 | Finite field inversion method based on hardware design and device thereof |
| CN101630244A (en) * | 2009-07-28 | 2010-01-20 | 哈尔滨工业大学深圳研究生院 | System and method of double-scalar multiplication of streamlined elliptic curve |
| CN102902510A (en) * | 2012-08-03 | 2013-01-30 | 华南理工大学 | Galois field inversion device |
| CN106909339A (en) * | 2017-02-22 | 2017-06-30 | 深圳职业技术学院 | A kind of Galois field multiplier based on binary tree structure |
Non-Patent Citations (1)
| Title |
|---|
| "有限域运算和多变量公钥密码硬件的优化和设计";易海博;《中国博士学位论文全文数据库》;20150815(第8期);I136-11 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107885486A (en) | 2018-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Wang et al. | FPGA-based Niederreiter cryptosystem using binary Goppa codes | |
| Hossain et al. | High‐performance elliptic curve cryptography processor over NIST prime fields | |
| CN110351087B (en) | Pipelined Montgomery modular multiplication operation method | |
| US20210256165A1 (en) | Protecting parallel multiplication operations from external monitoring attacks | |
| GB2323457A (en) | A finite field multiplication system | |
| CN107885486B (en) | Composite finite field inversion device based on search tree | |
| JP5312318B2 (en) | Method and device for generating pseudo-random strings | |
| Lee et al. | Subquadratic Space-Complexity Digit-Serial Multipliers Over $ GF (2^{m}) $ Using Generalized $(a, b) $-Way Karatsuba Algorithm | |
| Costello et al. | A brief discussion on selecting new elliptic curves | |
| CN109933304B (en) | Rapid Montgomery modular multiplier operation optimization method suitable for national secret sm2p256v1 algorithm | |
| CN107992283A (en) | A kind of method and apparatus that finite field multiplier is realized based on dimensionality reduction | |
| Rahman et al. | Efficient hardware implementation of 256-bit ECC processor over prime field | |
| Järvinen et al. | A generalization of addition chains and fast inversions in binary fields | |
| Nawari et al. | Fpga based implementation of elliptic curve cryptography | |
| Noor et al. | Resource shared galois field computation for energy efficient AES/CRC in IoT applications | |
| CN108008934B (en) | Composite finite field inversion device based on lookup table | |
| Vijayakumar et al. | Comparative study of hyperelliptic curve cryptosystem over prime field and its survey | |
| Lee et al. | Area-efficient subquadratic space-complexity digit-serial multiplier for type-II optimal normal basis of $ GF (2^{m}) $ using symmetric TMVP and block recombination techniques | |
| Lee et al. | Efficient $ M $-ary exponentiation over $ GF (2^{m}) $ using subquadratic KA-based three-operand Montgomery multiplier | |
| Thampi et al. | Montgomery multiplier for faster cryptosystems | |
| CN106951210B (en) | Finite field multiplication device based on cardiac array | |
| CN102135871B (en) | Device for generating random number by using chaos theory and dynamic password token thereof | |
| CN108268243B (en) | Composite domain multiplication device based on search | |
| Al-Khaleel et al. | An elliptic curve cryptosystem design based on FPGA pipeline folding | |
| Nirmal et al. | Novel Delay Efficient Approach for Vedic Multiplier with Generic Adder Module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |