Efficient and Low-complexity Hardware Architecture of Gaussian Normal Basis Multiplication over GF(2m) for Elliptic Curve Cryptosystems

In this paper an efficient high-speed architecture of Gaussian normal basis multiplier over binary finite field GF(2m) is presented. The structure is constructed by using regular modules for computation of exponentiation by powers of 2 and low-cost blocks for multiplication by normal elements of the binary field. Since the exponents are powers of 2, the modules are implemented by some simple cyclic shifts in the normal basis representation. As a result, the multiplier has a simple structure with a low critical path delay. The efficiency of the proposed structure is studied in terms of area and time complexity by using its implementation on Vertix-4 FPGA family and also its ASIC design in 180nm CMOS technology. Comparison results with other structures of the Gaussian normal basis multiplier verify that the proposed architecture has better performance in terms of speed and hardware utilization

Sparse Gr\"obner Bases: the Unmixed Case

Toric (or sparse) elimination theory is a framework developped during the last decades to exploit monomial structures in systems of Laurent polynomials. Roughly speaking, this amounts to computing in a \emph{semigroup algebra}, \emph{i.e.} an algebra generated by a subset of Laurent monomials. In order to solve symbolically sparse systems, we introduce \emph{sparse Gr\"obner bases}, an analog of classical Gr\"obner bases for semigroup algebras, and we propose sparse variants of the $F_5$ and FGLM algorithms to compute them. Our prototype "proof-of-concept" implementation shows large speed-ups (more than 100 for some examples) compared to optimized (classical) Gr\"obner bases software. Moreover, in the case where the generating subset of monomials corresponds to the points with integer coordinates in a normal lattice polytope $\mathcal P\subset\mathbb R^n$ and under regularity assumptions, we prove complexity bounds which depend on the combinatorial properties of $\mathcal P$. These bounds yield new estimates on the complexity of solving $0$-dim systems where all polynomials share the same Newton polytope (\emph{unmixed case}). For instance, we generalize the bound $\min(n_1,n_2)+1$ on the maximal degree in a Gr\"obner basis of a $0$-dim. bilinear system with blocks of variables of sizes $(n_1,n_2)$ to the multilinear case: $\sum n_i - \max(n_i)+1$. We also propose a variant of Fr\"oberg's conjecture which allows us to estimate the complexity of solving overdetermined sparse systems.Comment: 20 pages, Corollary 6.1 has been corrected, ISSAC 2014, Kobe : Japan (2014