Efficient Bit-parallel Multiplication with Subquadratic Space Complexity in Binary Extension Field

Bit-parallel multiplication in GF(2^n) with subquadratic space complexity has been explored in recent years due to its lower area cost compared with traditional parallel multiplications. Based on \u27divide and conquer\u27 technique, several algorithms have been proposed to build subquadratic space complexity multipliers. Among them, Karatsuba algorithm and its generalizations are most often used to construct multiplication architectures with significantly improved efficiency. However, recursively using one type of Karatsuba formula may not result in an optimal structure for many finite fields. It has been shown that improvements on multiplier complexity can be achieved by using a combination of several methods. After completion of a detailed study of existing subquadratic multipliers, this thesis has proposed a new algorithm to find the best combination of selected methods through comprehensive search for constructing polynomial multiplication over GF(2^n). Using this algorithm, ameliorated architectures with shortened critical path or reduced gates cost will be obtained for the given value of n, where n is in the range of [126, 600] reflecting the key size for current cryptographic applications. With different input constraints the proposed algorithm can also yield subquadratic space multiplier architectures optimized for trade-offs between space and time. Optimized multiplication architectures over NIST recommended fields generated from the proposed algorithm are presented and analyzed in detail. Compared with existing works with subquadratic space complexity, the proposed architectures are highly modular and have improved efficiency on space or time complexity. Finally generalization of the proposed algorithm to be suitable for much larger size of fields discussed

Explicit endomorphisms and correspondences

In this work, we investigate methods for computing explicitly with homomorphisms (and particularly endomorphisms) of Jacobian varieties of algebraic curves. Our principal tool is the theory of correspondences, in which homomorphisms of Jacobians are represented by divisors on products of curves. We give families of hyperelliptic curves of genus three, five, six, seven, ten and fifteen whose Jacobians have explicit isogenies (given in terms of correspondences) to other hyperelliptic Jacobians. We describe several families of hyperelliptic curves whose Jacobians have complex or real multiplication; we use correspondences to make the complex and real multiplication explicit, in the form of efficiently computable maps on ideal class representatives. These explicit endomorphisms may be used for efficient integer multiplication on hyperelliptic Jacobians, extending Gallant--Lambert--Vanstone fast multiplication techniques from elliptic curves to higher dimensional Jacobians. We then describe Richelot isogenies for curves of genus two; in contrast to classical treatments of these isogenies, we consider all the Richelot isogenies from a given Jacobian simultaneously. The inter-relationship of Richelot isogenies may be used to deduce information about the endomorphism ring structure of Jacobian surfaces; we conclude with a brief exploration of these techniques

A verified Common Lisp implementation of Buchberger's algorithm in ACL2

In this article, we present the formal verification of a Common Lisp implementation of Buchberger's algorithm for computing Gröbner bases of polynomial ideals. This work is carried out in ACL2, a system which provides an integrated environment where programming (in a pure functional subset of Common Lisp) and formal verification of programs, with the assistance of a theorem prover, are possible. Our implementation is written in a real programming language and it is directly executable within the ACL2 system or any compliant Common Lisp system. We provide here snippets of real verified code, discuss the formalization details in depth, and present quantitative data about the proof effort

Decoding and constructions of codes in rank and Hamming metric

As coding theory plays an important role in data transmission, decoding algorithms for new families of error correction codes are of great interest. This dissertation is dedicated to the decoding algorithms for new families of maximum rank distance (MRD) codes including additive generalized twisted Gabidulin (AGTG) codes and Trombetti-Zhou (TZ) codes, decoding algorithm for Gabidulin codes beyond half the minimum distance and also encoding and decoding algorithms for some new optimal rank metric codes with restrictions. We propose an interpolation-based decoding algorithm to decode AGTG codes where the decoding problem is reduced to the problem of solving a projective polynomial equation of the form q(x) = xqu+1 +bx+a = 0 for a,b ∈ Fqm. We investigate the zeros of q(x) when gcd(u,m)=1 and proposed a deterministic algorithm to solve a linearized polynomial equation which has a close connection to the zeros of q(x). An efficient polynomial-time decoding algorithm is proposed for TZ codes. The interpolation-based decoding approach transforms the decoding problem of TZ codes to the problem of solving a quadratic polynomial equation. Two new communication models are defined and using our models we manage to decode Gabidulin codes beyond half the minimum distance by one unit. Our models also allow us to improve the complexity for decoding GTG and AGTG codes. Besides working on MRD codes, we also work on restricted optimal rank metric codes including symmetric, alternating and Hermitian rank metric codes. Both encoding and decoding algorithms for these optimal families are proposed. In all the decoding algorithms presented in this thesis, the properties of Dickson matrix and the BM algorithm play crucial roles. We also touch two problems in Hamming metric. For the first problem, some cryptographic properties of Welch permutation polynomial are investigated and we use these properties to determine the weight distribution of a binary linear codes with few weights. For the second one, we introduce two new subfamilies for maximum weight spectrum codes with respect to their weight distribution and then we investigate their properties.Doktorgradsavhandlin