System and method for efficient basis conversion
First Claim
1. A method for converting an element of a finite field of characteristic q stored in a cryptographic system from a representation in a first basis defined by a first irreducible polynomial to a representation in a second basis defined by a second irreducible polynomial, wherein said representation in said second basic is to be used in a cryptographic scheme, said method comprising the steps of:
- a) obtaining said element from said cryptographic system;
b) representing said element of said finite field in said first basis as a polynomial a(x);
c) determining a root r of said second irreducible polynomial;
d) evaluating said polynomial a(x) at said root r to obtain a representation a(r) of a(x) in said second basis for use in said cryptographic system;
said evaluation being characterised by the steps of;
e) partitioning said polynomial a(x) into a plurality of component polynomials, such that said polynomial a(x) is recoverable by combining said plurality of component polynomials using the operations of multiplication by x and exponentiation by q;
f) obtaining values of each of said component polynomials by evaluating each of said component polynomials at said root r;
g) computing the value of a(r) from said values of said component polynomials at said root r, using the operations of multiplication by r and exponentiation by q and;
h) providing said representation a(r) in said second basis to said cryptographic scheme.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention describes a method for evaluating a polynomial in an extension field FqM, wherein the method comprises the steps of partitioning the polynomial into a plurality of parts, each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; and computing for each part components of q-th powers from components of smaller powers. A further embodiment of the invention provides for a method of converting a field element represented in terms of a first basis to its representation in a second basis, comprising the steps of partitioning a polynomial, being a polynomial in the second basis, into a plurality of parts, wherein each part is comprised of smaller polynomials using a q-th power operation in a field of characteristic q; evaluating the polynomial at a root thereof by computing for each part components of q-th powers from components of smaller powers; and evaluating the field element at the root of the polynomial.
-
Citations
24 Claims
-
1. A method for converting an element of a finite field of characteristic q stored in a cryptographic system from a representation in a first basis defined by a first irreducible polynomial to a representation in a second basis defined by a second irreducible polynomial, wherein said representation in said second basic is to be used in a cryptographic scheme, said method comprising the steps of:
-
a) obtaining said element from said cryptographic system; b) representing said element of said finite field in said first basis as a polynomial a(x); c) determining a root r of said second irreducible polynomial; d) evaluating said polynomial a(x) at said root r to obtain a representation a(r) of a(x) in said second basis for use in said cryptographic system;
said evaluation being characterised by the steps of;e) partitioning said polynomial a(x) into a plurality of component polynomials, such that said polynomial a(x) is recoverable by combining said plurality of component polynomials using the operations of multiplication by x and exponentiation by q; f) obtaining values of each of said component polynomials by evaluating each of said component polynomials at said root r; g) computing the value of a(r) from said values of said component polynomials at said root r, using the operations of multiplication by r and exponentiation by q and; h) providing said representation a(r) in said second basis to said cryptographic scheme. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for evaluating a first irreducible polynomial a(x) at a root r to obtain a representation a(r) of a second irreducible in a second basis, said method to be used in a cryptographic scheme for converting an element of a finite field of characteristic q, stored in a cryptographic system from a representation in a first basis defined by said first irreducible polynomial to a representation in said second basis defined by said second irreducible polynomial, said method for evaluating comprising the steps of:
-
a) obtaining said first irreducible polynomial a(x) and determining said root r of said second irreducible polynomial from said cryptographic system, said first irreducible polynomial representing said element of said finite field in said first basis; b) partitioning said first irreducible polynomial a(x) into a plurality of component polynomials, such that said first irreducible polynomial a(x) is recoverable by combining said plurality of component polynomials using operations of multiplication by x and exponentiation by q, said first irreducible polynomial a(x) representing an element of a finite field of characteristic q in a first basis; c) obtaining values of each of said component polynomials by evaluating each of said component polynomials at said root r; d) computing the value of a second irreducible polynomial a(r) in a second basis from the values of said component polynomials at said root r using operations of multiplication by r and exponentiation by q and; e) providing said second irreducible polynomial a(r) to said cryptographic scheme. - View Dependent Claims (20, 21)
-
-
22. In a cryptographic system utilizing a first irreducible polynomial a(x) for converting an element of a finite field of characteristic q stored in said cryptographic system from a representation in a first basis defined by said first irreducible polynomial to a representation in a second basis defined by a second irreducible polynomial, the method of evaluating said first irreducible polynomial a(x) at a root r of said field to obtain a representation a(r) of said second irreducible polynomial in said second basis to be used in a cryptographic scheme comprising the steps of:
-
a) obtaining said first irreducible polynomial a(x) and determining said root r of said second irreducible polynomial from said cryptographic system, said first irreducible polynomial representing said element of said finite field in said first basis; b) partitioning said first irreducible polynomial a(x) into a plurality of component polynomials, such that said first irreducible polynomial a(x) is recoverable by combining said plurality of component polynomials using operations of multiplication by x and exponentiation by q, said first irreducible polynomial a(x) representing an element of a finite field of characteristic q in a first basis; c) obtaining values of each of said component polynomials by evaluating each of said component polynomials at said root r; d) computing the value of a second irreducible polynomial a(r) in a second basis from the values of said component polynomials at said root r using operations of multiplication by r and exponentiation by q and; e) providing said second irreducible polynomial a(r) to said cryptographic scheme. - View Dependent Claims (23, 24)
-
Specification