Generalised Mersenne Numbers Revisited

Generalised Mersenne Numbers (GMNs) were defined by Solinas in 1999 and feature in the NIST (FIPS 186-2) and SECG standards for use in elliptic curve cryptography. Their form is such that modular reduction is extremely efficient, thus making them an attractive choice for modular multiplication implementation. However, the issue of residue multiplication efficiency seems to have been overlooked. Asymptotically, using a cyclic rather than a linear convolution, residue multiplication modulo a Mersenne number is twice as fast as integer multiplication; this property does not hold for prime GMNs, unless they are of Mersenne's form. In this work we exploit an alternative generalisation of Mersenne numbers for which an analogue of the above property --- and hence the same efficiency ratio --- holds, even at bitlengths for which schoolbook multiplication is optimal, while also maintaining very efficient reduction. Moreover, our proposed primes are abundant at any bitlength, whereas GMNs are extremely rare. Our multiplication and reduction algorithms can also be easily parallelised, making our arithmetic particularly suitable for hardware implementation. Furthermore, the field representation we propose also naturally protects against side-channel attacks, including timing attacks, simple power analysis and differential power analysis, which is essential in many cryptographic scenarios, in constrast to GMNs.Comment: 32 pages. Accepted to Mathematics of Computatio

Riemann zeta function and quantum chaos

A brief review of recent developments in the theory of the Riemann zeta function inspired by ideas and methods of quantum chaos is given.Comment: Lecture given at International Conference on Quantum Mechanics and Chaos, Osaka, September 200

Efficient computation of the Euler-Kronecker constants of prime cyclotomic fields

We introduce a new algorithm, which is faster and requires less computing resources than the ones previously known, to compute the Euler-Kronecker constants $\mathfrak{G}_q$ for the prime cyclotomic fields $\mathbb{Q}(\zeta_q)$, where $q$ is an odd prime and $\zeta_q$ is a primitive $q$-root of unity. With such a new algorithm we evaluated $\mathfrak{G}_q$ and $\mathfrak{G}_q^+$, where $\mathfrak{G}_q^+$ is the Euler-Kronecker constant of the maximal real subfield of $\mathbb{Q}(\zeta_q)$, for some very large primes $q$ thus obtaining two new negative values of $\mathfrak{G}_q$: $\mathfrak{G}_{9109334831}= -0.248739\dotsc$ and $\mathfrak{G}_{9854964401}= -0.096465\dotsc$ We also evaluated $\mathfrak{G}_q$ and $\mathfrak{G}^+_q$ for every odd prime $q\le 10^6$, thus enlarging the size of the previously known range for $\mathfrak{G}_q$ and $\mathfrak{G}^+_q$. Our method also reveals that difference $\mathfrak{G}_q - \mathfrak{G}^+_q$ can be computed in a much simpler way than both its summands, see Section 3.4. Moreover, as a by-product, we also computed $M_q=\max_{\chi\ne \chi_0} \vert L^\prime/L(1,\chi) \vert$ for every odd prime $q\le 10^6$, where $L(s,\chi)$ are the Dirichlet $L$-functions, $\chi$ run over the non trivial Dirichlet characters mod $q$ and $\chi_0$ is the trivial Dirichlet character mod $q$. As another by-product of our computations, we will also provide more data on the generalised Euler constants in arithmetic progressions. The programs used to performed the computations here described and the numerical results obtained are available at the following web address: \url{http://www.math.unipd.it/~languasc/EK-comput.html}.Comment: 25 pages, 6 tables, 4 figures. Third known example of negative values for Ek(q) inserted. Complete set of computation of Ek(q) and Ek(q)^+ for every prime up to 10^6; computation of max|L'/L(1,chi)| for the same primes inserted. Two references added, typos correcte