Barrett’s Algorithm

Related Concepts

Modular Reduction; Montgomery’s Algorithm; RSA

Definition

Barrett’s algorithm is a process allowing the computation of the quantity \(u {\rm mod}\,\,n\) without resorting to trial division. The method is efficient in settings where u changes frequently for a relatively invariant n (which is the case in cryptography). Let N denote the size of n in bits, \(u < {2}^{2N}\) and \(q = \lfloor u/n\rfloor \). Define:

$$q' = \left \lfloor \frac{\left \lfloor \frac{u} {{2}^{N-1}} \right \rfloor \left \lfloor \frac{{2}^{2N}} {n} \right \rfloor } {{2}^{N+1}} \right \rfloor $$

Note that the constant \(\left \lfloor \frac{{2}^{2N}} {n} \right \rfloor \) can be computed once for all and reused for many different u values. All other operations necessary for the computation of q′ are simple multiplications and bit-shifts.

It is easy to prove that \(u - nq' < u - n(q + 2) = (u {\rm mod}\,\,n) + 2n\). Hence, one multiplication and (at most) two subtractions will suffice to determine \(u...