an algorithm for inversion in gf 2 m
play

An Algorithm for Inversion in GF(2 m ) Suitable for Implementation - PowerPoint PPT Presentation

Aug 03, 2023 •337 likes •717 views

An Algorithm for Inversion in GF(2 m ) Suitable for Implementation Using a Polynomial Multiply Instruction on GF(2) K. Kobayashi, N. Takagi, and K. Takagi Graduate School of Information Science, Nagoya University Outline Background and

  1. An Algorithm for Inversion in GF(2 m ) Suitable for Implementation Using a Polynomial Multiply Instruction on GF(2) K. Kobayashi, N. Takagi, and K. Takagi Graduate School of Information Science, Nagoya University

  2. Outline Background and objective Preliminaries GF(2 m ) A polynomial multiply instruction on GF(2) A conventional algorithm for inversion in GF(2 m ) A new algorithm for inversion in GF(2 m ) Evaluation Concluding remarks – p.1

  3. Background and Objective GF(2 m ) plays important roles in error-correcting codes and cryptography A fast algorithm for inversion in GF(2 m ) is required Polynomial multiply instruction on GF(2) accelerates multiplication in GF(2 m ) . We propose a fast algorithm for inversion in GF(2 m ) that is suitable for implementation using a polynomial multiply instruction on GF(2) – p.2

  4. GF(2 m ) (1/2) GF(2 m ) extension field of GF(2) any element A ( x ) ∈ GF(2 m ) A ( x ) = a m − 1 x m − 1 + · · · + a 1 x + a 0 ( a i ∈ { 0 , 1 } ) Addition in GF(2 m ) polynomial addition on GF(2) A ( x ) + B ( x ) = (( a m − 1 + b m − 1 ) mod 2) x m − 1 + · · · + (( a 0 + b 0 ) mod 2) executed by exclusive-OR operation for every coefficient – p.3

  5. GF(2 m ) (2/2) Multiplication in GF(2 m ) polynomial multiplication modulo G ( x ) on GF(2) G ( x ) : the irreducible polynomial with degree m A ( x ) · B ( x ) = A ( x ) × B ( x ) mod G ( x ) · : multiplication in GF(2 m ) × : polynomial multiplication in GF(2) Multiplicative inverse of A ( x ) The element A − 1 ( x ) is such that A ( x ) · A − 1 ( x ) = 1 . time-consuming operation – p.4

  6. MULGF2 MULGF2 instruction A typical polynomial multiply instruction on GF(2) calculates the 2 -word polynomial product from two 1 -word polynomial operands rs rt HI LO accelerates multiplication in GF(2 m ) A multiplier for MULGF2 can be realized very easily “carry-free” version of an integer multiplier – p.5

  7. Algorithm for Inversion in GF(2 m ) By extending the Euclid’s algorithm for polynomial, we can execute inversion in GF(2 m ) . R − 1 ( x ) := G ( x ); R 0 ( x ) := A ( x ); j := 0; repeat j := j + 1; Q j ( x ) := R j − 2 ( x ) ÷ R j − 1 ( x ); R j ( x ) := R j − 2 ( x ) − Q j ( x ) × R j − 1 ( x ); until R j ( x ) = 0; outputs R j − 1 ( x ) as GCD ( A ( x ) , G ( x )) ▽ – p.6

  8. Algorithm for Inversion in GF(2 m ) By extending the Euclid’s algorithm for polynomial, we can execute inversion in GF(2 m ) . R − 1 ( x ) := G ( x ); U − 1 ( x ) := 0; R 0 ( x ) := A ( x ); U 0 ( x ) := 1; j := 0; repeat j := j + 1; Q j ( x ) := R j − 2 ( x ) ÷ R j − 1 ( x ); R j ( x ) := R j − 2 ( x ) − Q j ( x ) × R j − 1 ( x ); U j ( x ) := U j − 2 ( x ) − Q j ( x ) × U j − 1 ( x ); until R j ( x ) = 0; outputs R j − 1 ( x ) as GCD ( A ( x ) , G ( x )) outputs U j − 1 ( x ) as A − 1 ( x ) ( A ( x ) × A − 1 ( x )mod G ( x )=1 ) – p.6

  9. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then R ( x ) ↔ S ( x ); δ := − δ ; end if S ( x ) := S ( x ) − x δ × R ( x ); end while ▽ – p.7

  10. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); 3−2 if deg( S ( x )) < deg( R ( x )) then S(x) := S(x) − x R(x); R ( x ) ↔ S ( x ); δ := − δ ; end if S ( x ) := S ( x ) − x δ × R ( x ); end while ▽ – p.7

  11. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 S: + x + 1 R ( x ) ↔ S ( x ); δ := − δ ; end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); end while ▽ – p.7

  12. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration R ( x ) ↔ S ( x ); δ := − δ ; x 2 S: + x + 1 x 2 end if R: + 1 2−2 S ( x ) := S ( x ) − x δ × R ( x ); S(x) := S(x) − x R(x); end while ▽ – p.7

  13. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 S: + x + 1 R ( x ) ↔ S ( x ); δ := − δ ; end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); 3rd iteration end while x 1 S: x 2 R: + 1 ▽ – p.7

  14. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 S: + x + 1 R ( x ) ↔ S ( x ); δ := − δ ; end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); 3rd iteration end while x 1 S: x 2 R: + 1 S(x) <−> R(x); 2−1 S(x) := S(x) − x R(x); ▽ – p.7

  15. Software Implementation of EA software implementation of the Euclid’s algorithm S ( x ) := G ( x ); R ( x ) := A ( x ); 1st iteration while R ( x ) � = 0 do x 3 x 2 S: + + 1 x 2 R: + 1 δ := deg( S ( x )) − deg( R ( x )); if deg( S ( x )) < deg( R ( x )) then 2nd iteration x 2 R ( x ) ↔ S ( x ); δ := − δ ; S: + x + 1 end if x 2 R: + 1 S ( x ) := S ( x ) − x δ × R ( x ); 3rd iteration end while x 1 S: x 2 1st & 2nd iterations correspond R: + 1 to one polynomial division 4th iteration x 1 S: x 2 R: + 1 – p.7

  16. Main Idea Key point The conventional algorithm can not use MULGF2 efficiently S ( x ) := S ( x ) − x δ × R ( x ); New algorithm based on Brunner’s hardware algorithm for inversion use MULGF2 efficiently executed with regularity – p.8

  17. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; else if s m = 1 then S ( x ) := S ( x ) − R ( x ); end if S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  18. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; R(x) := x R(x); else if s m = 1 then δ := δ + 1; S ( x ) := S ( x ) − R ( x ); end if S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  19. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); end if S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  20. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); end if S(x) := x (S(x) − R(x)); δ := δ − 1; S ( x ) := x × S ( x ); if δ = 0 then R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  21. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; 1st iteration for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); δ = 0 end if 3rd iteration x 3 x 2 S: + + x S ( x ) := x × S ( x ); x 3 if δ = 0 then R: + x R ( x ) ↔ S ( x ); δ := δ + 1; else δ := δ − 1; end if end if end for ▽ – p.9

  22. HW implementation Hardware algorithm for inversion [Brunner et al., ’93] δ = 0 1st iteration S ( x ) := G ( x ); R ( x ) := A ( x ); δ := 0; for i = 1 to 2 m do x 3 x 2 S: + + 1 if r m = 0 then x 2 R: + 1 R ( x ) := x × R ( x ); δ := δ + 1; δ = 1 2nd iteration else x 3 x 2 S: + + 1 if s m = 1 then x 3 R: + x S ( x ) := S ( x ) − R ( x ); δ = 0 3rd iteration end if x 3 x 2 S: + + x S ( x ) := x × S ( x ); x 3 if δ = 0 then R: + x R ( x ) ↔ S ( x ); δ := δ + 1; S(x) := x (S(x)−R(x)); else S(x) <−> R(x); δ := δ − 1; end if δ := δ + 1; end if end for ▽ – p.9

Recommend

Divide and Conquer Algorithms Mergesort, Quicksort Strassens Algorithm CSE 421

Divide and Conquer Algorithms Mergesort, Quicksort Strassens Algorithm CSE 421

Divide and Conquer Algorithms Mergesort, Quicksort Strassens Algorithm CSE 421 Closest Pair Algorithm (2d) Algorithms Inversion counting Integer Multiplication (Karatsubas Algorithm) Richard Anderson FFT

235 views • 4 slides
Inversion of the vectorial ray transform on Riemannian manifolds T. Pfitzenreiter, T. Schuster

Inversion of the vectorial ray transform on Riemannian manifolds T. Pfitzenreiter, T. Schuster

Nortons setup for vector field tomography Ray and Radon transforms on a Riemannian manifold An inversion method relying on Beylkins theory Numerical tests taking refraction into account Inversion of the vectorial ray transform on

527 views • 36 slides
Strengthening the inversion Tactic in Coq Dependent Types Inversion Lemmas Implications Anne

Strengthening the inversion Tactic in Coq Dependent Types Inversion Lemmas Implications Anne

Strengthening the inversion Tactic in Coq Anne Mulhern Examples Universes Strengthening the inversion Tactic in Coq Dependent Types Inversion Lemmas Implications Anne Mulhern Implementation Conclusion Department of Computer Sciences

242 views • 23 slides
Boolean Algebra - Part 2 September 4, 2008 Typeset by Foil T EX Inversion Inversion or

Boolean Algebra - Part 2 September 4, 2008 Typeset by Foil T EX Inversion Inversion or

Boolean Algebra - Part 2 September 4, 2008 Typeset by Foil T EX Inversion Inversion or Complement of a Function means all 0 outputs become 1 and all 1 outputs become 0. A B F F 0 0 0 1 0 1 1 0 1 0 1 0 1 1 0 1

867 views • 54 slides
Inversion Sequences and Generating Trees A. Bindi V. Guerrini S. Rinaldi University of Siena

Inversion Sequences and Generating Trees A. Bindi V. Guerrini S. Rinaldi University of Siena

Inversion Sequences and Generating Trees A. Bindi V. Guerrini S. Rinaldi University of Siena Permutation Patterns 2017 Inversion Sequences An inversion sequence is an integer sequence e 1 . . . e n satisfying 0 e i &lt; i for all i = 1 , .

1.62k views • 158 slides
Specifically Unspecific: Inversion Aversion and IRS Treas. Notice 14-52 By: Paul Determan,

Specifically Unspecific: Inversion Aversion and IRS Treas. Notice 14-52 By: Paul Determan,

Specifically Unspecific: Inversion Aversion and IRS Treas. Notice 14-52 By: Paul Determan, Michael Steffany &amp; Jason Jointer What is an Inversion? U.S.-based multinational changes its corporate structure, via merger, so that the new

854 views • 38 slides
Tomographic inversion Velocity determination with CRS attributes: NIP waves &amp; velocities

Tomographic inversion Velocity determination with CRS attributes: NIP waves &amp; velocities

CO 2 CRS: Tomography T. Klver &amp; J. Mann Introduction Tomographic inversion Velocity determination with CRS attributes: NIP waves &amp; velocities CRS tomography Inversion procedure data extraction and preconditioning First example

786 views • 29 slides
Short range geoacoustic inversion Short range geoacoustic inversion with a vertical line array

Short range geoacoustic inversion Short range geoacoustic inversion with a vertical line array

MPL Short range geoacoustic inversion Short range geoacoustic inversion with a vertical line array with a vertical line array Yong-Min Jiang 1 , N. Ross Chapman 1 and Peter Gerstoft 2 1 University of Victoria, Victoria, BC, Canada 2 Marine

533 views • 15 slides
Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama Technologies, Inc. 14811 St Marys Lane, Suite 150 Houston TX 77079 May 30, 2014 Bee Bednar (Panorama Technologies) Seismic Modeling, Migration

850 views • 53 slides
Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama

Seismic Modeling, Migration and Velocity Inversion Full Waveform Inversion Bee Bednar Panorama Technologies, Inc. 14811 St Marys Lane, Suite 150 Houston TX 77079 May 18, 2014 Bee Bednar (Panorama Technologies) Seismic Modeling, Migration

432 views • 30 slides
temperature inversion in long-range interacting systems from astrophysical to atomic scales Lapo

temperature inversion in long-range interacting systems from astrophysical to atomic scales Lapo

intro temperature inversion velocity filtration toy model kick &amp; quench astro to atoms physical picture summary temperature inversion in long-range interacting systems from astrophysical to atomic scales Lapo Casetti Dipartimento di

635 views • 63 slides
Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*,

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*,

Multi-parameter Waveform Inversion with GPUs for the Cloud A Pipelined Implementation Huy Le*, Stewart A. Levin, and Robert G. Clapp Geophysics Department, Stanford University March 28, 2018 Huy Le Multi-parameter Waveform Inversion with GPUs

532 views • 24 slides
Pumping and population inversion - Laser amplification Gustav Lindgren 2015-02-12 Contents

Pumping and population inversion - Laser amplification Gustav Lindgren 2015-02-12 Contents

Pumping and population inversion - Laser amplification Gustav Lindgren 2015-02-12 Contents Part I: Laser pumping and population inversion Steady state laser pumping and population inversion 4-level laser Solve rate-equations in steady-state

574 views • 41 slides
Local formality of inversion hyperplane arrangements William Slofstra IQC, University of

Local formality of inversion hyperplane arrangements William Slofstra IQC, University of

Local formality of inversion hyperplane arrangements William Slofstra IQC, University of Waterloo July 15, 2016 joint work with Travis Scrimshaw Local formality of inversion hyperplane arrangements William Slofstra Basic ideas Coxeter

412 views • 14 slides
Parameterization, stacking, and with the CRS Stack method inversion of locally coherent events

Parameterization, stacking, and with the CRS Stack method inversion of locally coherent events

Parameterization, stacking &amp; inversion of locally coherent events Parameterization, stacking, and with the CRS Stack method inversion of locally coherent events Jrgen Mann with the Common-Reflection-Surface Motivation Introduction

1.81k views • 165 slides
Numerical inversion of 3D geodesic X-ray transform and its application to traveltime tomography

Numerical inversion of 3D geodesic X-ray transform and its application to traveltime tomography

X-ray transform Numerical inversion Numerical experiments Traveltime tomography Numerical results Numerical inversion of 3D geodesic X-ray transform and its application to traveltime tomography Eric Chung Department of Mathematics The

826 views • 49 slides
The Definition of Algorithm The Definition of Algorithm p.1/31

The Definition of Algorithm The Definition of Algorithm p.1/31

The Definition of Algorithm The Definition of Algorithm p.1/31 An informal discussion Informally speaking, an algorithm is a collection of simple instructions for carrying out a task Note: in

1.26k views • 31 slides
A Common Inversion Under Selec2on in Europeans Stefansson,

A Common Inversion Under Selec2on in Europeans Stefansson,

A Common Inversion Under Selec2on in Europeans Stefansson, Hreinn et al. (2005) Nature Gene2cs 37: 127-137 Presenter: Tom Conway Evolu2on

490 views • 24 slides
Synthesizing Loops For Program Inversion Cong Hou, Daniel Quinlan, David Jefferson, Richard

Synthesizing Loops For Program Inversion Cong Hou, Daniel Quinlan, David Jefferson, Richard

For RC 2012 Synthesizing Loops For Program Inversion Cong Hou, Daniel Quinlan, David Jefferson, Richard Fujimoto, Richard Vuduc Program Inversion Given a program P , and its inverse P - , then we have P ; P - = no-op Examples: ++a / --a

427 views • 39 slides
RADICAL PHYLOGENETIC INVERSION Mike Hendy Institute of Fundamental Sciences Massey University

RADICAL PHYLOGENETIC INVERSION Mike Hendy Institute of Fundamental Sciences Massey University

RADICAL PHYLOGENETIC INVERSION Mike Hendy Institute of Fundamental Sciences Massey University Palmerston North New Zealand November 2010 Mike Hendy RADICAL PHYLOGENETIC INVERSION Acknowledgements David Penny, Massey University Mike

824 views • 59 slides
MODELING AND IN INVERSION OF THE MIC ICROTREMOR H/V /V SPECTRAL RATIO: TH THE PHYSICAL BASI

MODELING AND IN INVERSION OF THE MIC ICROTREMOR H/V /V SPECTRAL RATIO: TH THE PHYSICAL BASI

MODELING AND IN INVERSION OF THE MIC ICROTREMOR H/V /V SPECTRAL RATIO: TH THE PHYSICAL BASI SIS BEHIND TH THE DIF IFFUSE FIE IELD APPROACH Francisco J. Snchez-Sesma Instituto de Ingeniera, Universidad Nacional Autnoma de Mxico

408 views • 38 slides
Analysis of errors in measurements and inversion By Philippe LE MASSON &amp; Morgan DAL

Analysis of errors in measurements and inversion By Philippe LE MASSON &amp; Morgan DAL

METTI IV Thermal Measurements and Inverse Techniques, Roscoff, France, June 13-18, 2011 Tutorial 12 : Analysis of errors in measurements and inversion By Philippe LE MASSON &amp; Morgan DAL Laboratoire dIngnierie des

753 views • 47 slides
Algorithm Analysis CS 201 Introduction Once a correct algorithm is designed for a given

Algorithm Analysis CS 201 Introduction Once a correct algorithm is designed for a given

Algorithm Analysis CS 201 Introduction Once a correct algorithm is designed for a given problem, an important step is to determine how much in the way of resources (such as time and space) the algorithm will require You will learn how to

378 views • 20 slides
New Ideas about Traditional Approach . . . Joint Inversion First Idea: in Brief Details: A

New Ideas about Traditional Approach . . . Joint Inversion First Idea: in Brief Details: A

Main Objective of Our . . . Gravity . . . Normal Mode . . . New Ideas about Traditional Approach . . . Joint Inversion First Idea: in Brief Details: A Different Basis (as described in a recent A Related Open Problem Second Idea: In Brief

475 views • 14 slides

More recommend