Proposals of Multiplication and Inversion Methods in Extension Field for Scalable Asymmetric key and Fast Symmetric key Cryptosystems March , 2013

This thesis proposes the Cyclic Vector Multiplication Algorithm (CVMA) for Gauss period Normal Basis (GNB). It is an e cient multiplication algorithm in extension eld which is exible for the restriction and scalability of the extension eld parameters required by next generation asymmetric key cryptosystems. Additionally, this thesis also proposes Redundantly Represented Basis (RRB) and More Miscellaneously Mixed Bases (MMMB) in order to accelerate the computations of several symmetric key cryptosystems such as Advanced Encryption Standard (AES). Recently, pairing based cryptosystems and their applications have attracted much attentions as next generation asymmetric key cryptosystems. In order to accelerate the computations of these cryptosystems, not only pairing computations but also arithmetic operations, especially multiplications, in the extension eld need to be improved. On the other hand, the cryptosystems often restrict the parameters of the extension eld Fpm , namely the characteristic p and the extension degree m. Thus, the cryptosystems require an e cient multiplication algorithm which fast performs multiplications in the extension eld and is exible for the above parameters. Several types of CVMAs have been proposed for these demands, and they adopt special classes of GNBs. GNB and its special classes are characterized with a certain positive integer h in addition to p and m. The parameter h needs to satisfy some conditions, and there in nitely exists such h for each pair of p and m; however, such a practical h is limited because the conventional CVMAs become more ine cient as h is larger. In some cases, GNB has the smaller h for p and m than its special classes. Thus, in order to utilize the practical h in more situations, this thesis improves CVMA for GNB. Then, this CVMA acquires the higher exibility for the parameters of the extension eld than the conventional ones. Additionally, in order to demonstrate the exibility of the improved CVMA, this thesis also proposes an important theorem to derive the existence probability of GNB for any h. According to this theorem, it is theoretically shown that the improved CVMA has the high exibility. In the eld of symmetric key cryptosystems, a lot of improvements and optimizations have been reported for the hardware implementation of AES cipher and its similarities. In order to accelerate SubBytes and InvSubBytes of AES which are the most complex procedures, many of these implementations often utilize inversions in the isomorphic towering eld (composite eld) F((22)2)2 or F(24)2 , instead of those in the AES original F28 . This thesis focuses on F(24)2 which provides higher speed inversions than F((22)2)2 , and proposes RRB technique which accelerates the inversions. Within the author's knowledge, the best conventional implementations perform an inversion in F(24)2 at 4TAND + 10TXOR. On the other hand, the implementation with RRB technique achieves to perform an inversion in F(24)2 at 4TAND +7TXOR. The adoption of F(24)2 also requires the acceleration of multiplications between the constant (8× 8) bit matrix and an 8 bit vector (an element in F(24)2). Because this matrix is derived from a basis conversion matrix between the F28 and F22 , in order to perform the above multiplication faster, an e cient basis conversion matrix must be prepared. Thus, this thesis also proposes MMMB technique which facilitates to select an e cient basis conversion matrix by a computation trick of multiplications