Abstract
A recoding rule for exponentiation is a method for reducing the cost of the exponentiation a e by reducing the number of required multiplications. If w(e) is the (hamming) weight of e, and ē the result of applying the recoding rule A to e, then the purpose is to reduce w A (ē) as compared to w(e). A well-known example of a recoding rule is to convert a binary exponent into a signed-digit representation in terms of the digits {1; \( \bar 1\), 0} where \( \bar 1\) = −1, by recoding runs of 1’s. In this paper we show how three recoding rules can be modelled via regular languages to obtain precise information about the resulting weight distributions. In particular we analyse the recoding rules employed by the 2k-ary, sliding window and optimal signed-digit exponentiation algorithms. We prove that the sliding window method has an expected recoded weight of approximately n/(k +1) for relevant k-bit windows and n-bit exponents, and also that the variance is small. We also prove for the optimal signed digit method that the expected weight is approximately n/3 with a variance of 2n/27. In general the sliding window method provides the best performance, and performs less than 85% of the multiplications required for the other methods for a majority of exponents.
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
See the Maple homepage at http://www.maplesoft.com.
S. Arno and F. Wheeler. Signed digit representations of minimal hamming weight. IEEE Transactions on Computers, 42(8):1007–1010, 1993.
E. A. Bender and S. G. Williamson. Foundations of Applied Combinatorics. Addison-Wesley Publishing Company, 1991.
J. Bos and M. Coster. Addition chain heuristics. Advances in Cryptology, CRYPTO 89, Lecture Notes in Computer Science, vol. 218, G. Brassard ed., Springer-Verlag, pages 400–407, 1990.
N. Chomsky and P. Schutzenberger. The algebraic theory of context-free languages. In P Braffort and North Holland Hirchberg, D., editors, Computer programming and formal languages, pages 118–161, 1963.
W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):472–492, 1976.
T. ElGamal. A public key cryptosystem and signature system based on discrete logarithms. IEEE Transactions on Information Theory, 31(4):473–481, 1985.
D. Gollman, Y. Han, and C. Mitchell. Redundant integer representations and fast exponentiation. Designs, Codes and Cryptography, 7:135–151, 1996.
R. L. Graham, D. E. Knuth, and O. Patshnik. Concrete Mathematics, A Foundation for Computer Science, First Edition. Addison Wesley, 1989.
J. Hopcroft and J. Ullman. An Introduction to Automata, Languages and Computation. Reading, MA: Addison Wesley, 1979.
L. Hui and K.-Y. Lam. Fast square-and-multiply exponentiation for RSA. Electronics Letters, 30(17):1396–1397, 1994.
J. Jedwab and C. Mitchell. Minimum weight modified signed-digit representations and fast exponentiation. Electronics Letters, 25:1171–1172, 1989.
C. K. Koc. High-radix and bit encoding techniques for modular exponentiation. International Journal of Computer Mathematics, 40:139–156, 1991.
C. K. Koc. Analysis of sliding window techniques for exponentiation. Computers and Mathematics with Applications, 30(10):17–24, 1995.
D. E. Knuth. The Art of Computer Programming: Volume 2, Seminumerical Algorithms. Addsion Wesley, 1981.
N. Koblitz. CM curves with good cryptographic properties. Advances in Cryptology, CRYPTO 91, Lecture Notes in Computer Science, vol. 576, J. Feigenbaum ed., Springer-Verlag, pages 279–287, 1992.
K. Koyama and T. Tsuruoka. Speeding up elliptic curve cryptosystems using a signed binary window method. In Advances in Cryptology, CRYPTO 92, Lecture Notes in Computer Science, vol. 740, E. F. Brickell ed., Springer-Verlag, pages 345–357, 1992.
A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC press, 1996.
F. Morain and J. Olivos. Speeding up the computations on an elliptic curve using addition-subtraction chains. Theoretical Informatics and Applications, 24(6):531–544, 1990.
G. Reitwiesener. Binary arithmetic. In F. L. Alt, editor, Advances in Computers, pages 232–308, 1960.
R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM, 21(2):120–126, 1978.
R Sedgewick and P. Flajolet. An introduction to the analysis of algorithms. Addison-Wesley Publishing Company, 1996.
J. A. Solinas. An improved algorithm for arithmetic on a family of elliptic curves. Advances in Cryptology, CRYPTO 97, Lecture Notes in Computer Science, vol. 1294, B. S. Kaliski ed., Springer-Verlag, pages 357–371, 1997.
Y. Yacobi. Exponentiating faster with addition chains. Advances in Cryptology, EUROCRYPT 90, Lecture Notes in Computer Science, vol. 473, I. B. Damgård ed., Springer-Verlag, pages 222–229, 1991.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
O’Connor, L. (1999). An Analysis of Exponentiation Based on Formal Languages. In: Stern, J. (eds) Advances in Cryptology — EUROCRYPT ’99. EUROCRYPT 1999. Lecture Notes in Computer Science, vol 1592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48910-X_26
Download citation
DOI: https://doi.org/10.1007/3-540-48910-X_26
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65889-4
Online ISBN: 978-3-540-48910-8
eBook Packages: Springer Book Archive