A survey of fast exponentiation methods

被引：329

作者：

Gordon, DM ^{[1
]}

机构：

[1] Ctr Commun Res, San Diego, CA 92121 USA

来源：

JOURNAL OF ALGORITHMS-COGNITION INFORMATICS AND LOGIC | 1998年 / 27卷 / 01期

关键词：

D O I：

10.1006/jagm.1997.0913

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Public-key cryptographic systems often involve raising elements of some group (e.g., GF(2(n)), Z/NZ, or elliptic curves) to large powers. An important question is how fast this exponentiation can be done, which often determines whether a given system is practical. The best method for exponentiation depends strongly on the group being used, the hardware the system is implemented on, and whether one element is being raised repeatedly to different powers, different elements are raised to a fixed power, or both powers and group elements vary. This problem has received much attention, but the results are scattered through the literature. In this paper we survey the known methods for fast exponentiation, examining their relative strengths and weaknesses. (C) 1998 Academic Press.

引用

页码：129 / 146

页数：18

共 32 条

[1]

Adleman L. M., 1988, Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, P528, DOI 10.1145/62212.62264

[2]

AGNEW GB, 1988, LECT NOTES COMPUT SC, V330, P251

[3]

[Anonymous], LECT NOTES COMPUT SC

[4] SIGNED-DIGIT REPRESENTATIONS OF MINIMAL HAMMING WEIGHT [J].

ARNO, S ;

WHEELER, FS .

IEEE TRANSACTIONS ON COMPUTERS, 1993, 42 (08) :1007-1010

[5]

BOS J, 1990, LECT NOTES COMPUT SC, V435, P400

[6]

Brickell Ernest F., 1992, ADV CRYPTOLOGY P EUR, V658, P200

[7]

Chi-Chih Yao A., 1976, SIAM Journal on Computing, V5, P100, DOI 10.1137/0205008

[8]

DEROOIJ P, 1994, ADV CRYPTOLOGY P EUR, V950, P389

[9] NEW DIRECTIONS IN CRYPTOGRAPHY [J].

DIFFIE, W ;

HELLMAN, ME .

IEEE TRANSACTIONS ON INFORMATION THEORY, 1976, 22 (06) :644-654

[10] COMPUTING SEQUENCES WITH ADDITION CHAINS [J].

DOWNEY, P ;

LEONG, B ;

SETHI, R .

SIAM JOURNAL ON COMPUTING, 1981, 10 (03) :638-646

← 1 2 3 4 →