E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....Laboratory of Cryptography and Information Security (LCIS) Dept of Computer Science and Information Engineering, National Central University, Chung Li, Taiwan 320, R.O.C. E mail: yensm csie.ncu.edu.tw . If larger amount of storage is available, this can be further improved via precomputations [16]. In this paper, we are mainly concerned with the second type of exponentiation. However, we note that our methods may lead to some advantages in the first type, too. Another application is when inverses can be virtually computed for free, as for elliptic curves [17] The basic idea is to recode ....

....is then modified into another minimum weight recoding algorithm so that table look up is possible. A hardware implementation of this second converter and the corresponding architecture for exponentiation are also presented. ACKNOWLEDGMENTS We are grateful to Dan Gordon for sending a preprint of [16]. Many thanks also go to the anonymous reviewers for their excellent work. This work was partly supported by the National Science Council of the Republic of China under contracts NSC89 2213E 008 049, NSC87 2213 E 032 012, and NSC87 2811 E 0320001. ....

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.

....processor handle each of the v column blocks, and then having the v processors multiply their results together in log v time, they can compute powers modulo an n bit number in Olog n time using On log n processors. Each processor needs to store only a constant number of precomputed values. In [6], an unpublished extended version of [7] two parallel versions of the BGMW algorithm are given. Both run in Olog n time. One is similar to the Lim Lee method; each processor computes g using the precomputed value g and an addition chain for a i , and then the results are multiplied ....

....only On log n processors, and takes expected time Olog n. Some powers would take longer, say if all the a i s are equal, but this could be dealt with by having idle processors help out busy ones. A more serious problem is that each processor needs to store all On log n precomputed values. In [6] it is shown that any exponentiation algorithm using a polylog number of precomputed values requires at least On log n multiplications. Thus for any parallel algorithm running in time Olog n, we will need at least On log n processors. It is an open problem to find such an algorithm which uses ....

E. F. Brickell, D. M. Gordon, K. S. McCurley, and D. B. Wilson, Fast exponentiation with precomputation: Algorithms and lower bounds, preprint, 1995. (Contact the second author for a copy.)

....processor handle each of the v column blocks, and then having the v processors multiply their results together in log v time, they can compute powers modulo an n bit number in O(log n) time using O(n= log n) processors. Each processor needs to store only a constant number of precomputed values. In [6], an unpublished extended version of [7] two parallel versions of the BGMW algorithm are given. Both run in O(log n) time. One is similar to the Lim Lee method; each processor computes g a i b i using the precomputed value g b i and an addition chain for a i , and then the results are ....

....log 2 n) processors, and takes expected time O(log n) Some powers would take longer, say if all the a i s are equal, but this could be dealt with by having idle processors help out busy ones. A more serious problem is that each processor needs to store all O(n= log n) precomputed values. In [6] it is shown that any exponentiation algorithm using a polylog number of precomputed values requires at least O(n= log n) multiplications. Thus for any parallel algorithm running in time O(log n) we will need at least O(n= log 2 n) processors. It is an open problem to find such an algorithm ....

E. F. Brickell, D. M. Gordon, K. S. McCurley, and D. B. Wilson. Fast exponentiation with precomputation: algorithms and lower bounds. preprint, 1995, contact the second author for a copy.

No context found.

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.

No context found.

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.

No context found.

E. F. Brickell, D. M. Gordon, K. S. McCurley, and D. B. Wilson. Fast exponentiation with precomputation: Algorithms and lower bound. In R. A. Rueppel, editor, Advances in Cryptology: Proceedings of EUROCRYPT'92, number 658 in Lecture Notes in Computer Science, pages 200--207. Springer-Verlag, 1992.

No context found.

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.

No context found.

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.

No context found.

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D.R. Wilson, "Fast exponentiation with precomputation: Algorithms and lower bounds," Preprint, Mar. 1995. An earlier version appeared in Proc. of EUROCRYPT '92.

No context found.

Ernest F. Brickell, Daniel M. Gordon, Kevin S. McCurley, David B. Wilson, Fast exponentiation with precomputation: algorithms and lower bounds (1995); draft in [9]. Available from http://research.microsoft.com/~dbwilson/bgmw/.

No context found.

Ernest F. Brickell, Daniel M. Gordon, Kevin S. McCurley, David B. Wilson, Fast exponentiation with precomputation: algorithms and lower bounds (1995); draft in [15]. Available from http://research.microsoft.com/~dbwilson/bgmw/.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC